Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dq1GsnM4BZyz2aDXuKcAfBFJRRI.roa
File: dq1GsnM4BZyz2aDXuKcAfBFJRRI.roa (raw, json)
Hash identifier: xgs6sI3RStOBdpzfPeoFrF0oxwUNKUDLAYHRk19Bf1E=
Subject key identifier: 76:AD:46:B2:73:38:05:9C:B3:D9:A0:D7:B8:A7:00:7C:11:49:45:12
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6C851A17
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dq1GsnM4BZyz2aDXuKcAfBFJRRI.roa
Signing time: Mon 21 Feb 2022 13:22:37 +0000
ROA not before: Mon 21 Feb 2022 13:22:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1820662295 (0x6c851a17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 13:22:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76ad46b27338059cb3d9a0d7b8a7007c11494512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6c:a7:cb:58:68:3a:5f:c2:0b:05:04:76:4a:
51:3a:6a:fd:ee:2a:8a:ac:6f:c9:1b:e7:49:14:06:
d9:2b:be:a8:7f:d5:cf:8c:6b:f5:21:ca:e3:59:e2:
54:f9:81:37:e9:05:6a:bf:67:b3:33:73:1a:83:a9:
c6:34:2a:fa:5a:aa:87:d2:fe:77:1a:f3:9f:03:87:
65:a3:2a:c4:47:a3:08:e3:75:9b:62:d4:33:e0:00:
7f:16:5a:5a:13:27:5c:02:dd:00:54:c8:67:35:1d:
ad:0c:aa:b3:82:f3:7e:39:15:c5:07:20:fd:d8:ad:
bb:01:ed:b2:31:bd:e5:10:f8:5c:2b:70:99:47:4b:
b3:82:e1:c7:6c:e2:11:94:75:6e:5e:a1:72:e6:0b:
f1:c8:a4:7c:aa:6e:a1:b9:d0:e0:d7:5f:fb:62:44:
d5:84:7a:6c:17:a1:7d:fb:68:2a:f0:36:e6:f1:c0:
99:d8:05:5a:3d:cd:97:d1:f6:96:27:1f:c0:f5:b6:
96:1b:e4:0e:3d:5f:fe:5c:1e:b3:ea:c1:ec:54:f9:
75:e0:96:65:cf:8a:5f:d4:27:f5:65:7e:94:67:99:
40:5f:be:5e:92:62:38:a6:dc:5e:b3:e6:69:0a:5e:
4c:67:15:c4:db:f4:0b:2c:23:45:61:fa:2a:f4:92:
c6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AD:46:B2:73:38:05:9C:B3:D9:A0:D7:B8:A7:00:7C:11:49:45:12
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dq1GsnM4BZyz2aDXuKcAfBFJRRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:ba:b5:20:85:35:3a:ca:6c:a6:07:ec:2c:93:94:0a:ba:43:
1b:3f:cd:a7:7c:9d:1b:f6:3a:ad:e7:bb:e0:fe:f5:41:83:9c:
86:e5:99:d5:25:31:0a:dc:c2:cc:f7:1f:93:ab:b0:48:7f:85:
3d:04:43:e0:bb:c1:3f:81:59:27:05:88:b3:61:e6:17:90:c4:
90:30:70:86:8c:1d:d7:7c:31:c9:a8:97:ea:94:0b:16:aa:ee:
b1:f9:39:f7:e8:62:d3:d8:73:99:07:3a:63:66:ad:e1:3d:69:
ac:d5:6e:01:40:d3:dc:4f:29:d2:34:d3:00:6c:a6:11:f5:f5:
46:bf:4c:00:6c:36:54:5e:66:42:9d:83:23:f3:27:bc:0f:b3:
58:3f:60:e5:91:80:23:b8:37:a9:c6:97:9b:43:53:d2:cd:a1:
05:67:16:c5:34:4c:da:85:c2:b5:78:cd:96:6b:84:d4:07:c4:
91:43:1b:29:09:20:56:4f:33:6e:ed:46:21:06:5e:55:67:7c:
03:35:7b:d1:50:85:33:f1:ba:2d:3d:db:39:21:91:74:bc:86:
d3:c7:03:83:ed:35:8b:ea:02:c8:e7:1f:29:d9:cc:7d:22:23:
b1:36:d3:dc:76:34:c2:f1:7a:eb:1b:03:1c:b9:55:d3:14:de:
6e:ac:05:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbIUaFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIy
MTEzMjIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZhZDQ2YjI3MzM4
MDU5Y2IzZDlhMGQ3YjhhNzAwN2MxMTQ5NDUxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1sp8tYaDpfwgsFBHZKUTpq/e4qiqxvyRvnSRQG2Su+qH/V
z4xr9SHK41niVPmBN+kFar9nszNzGoOpxjQq+lqqh9L+dxrznwOHZaMqxEejCON1
m2LUM+AAfxZaWhMnXALdAFTIZzUdrQyqs4LzfjkVxQcg/dituwHtsjG95RD4XCtw
mUdLs4Lhx2ziEZR1bl6hcuYL8cikfKpuobnQ4Ndf+2JE1YR6bBehfftoKvA25vHA
mdgFWj3Nl9H2licfwPW2lhvkDj1f/lwes+rB7FT5deCWZc+KX9Qn9WV+lGeZQF++
XpJiOKbcXrPmaQpeTGcVxNv0CywjRWH6KvSSxpUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR2rUayczgFnLPZoNe4pwB8EUlFEjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2RxMUdzbk00Qlp5ejJhRFh1S2NBZkJGSlJSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQARurUghTU6ymymB+wsk5QKukMbP82nfJ0b9jqt
57vg/vVBg5yG5ZnVJTEK3MLM9x+Tq7BIf4U9BEPgu8E/gVknBYizYeYXkMSQMHCG
jB3XfDHJqJfqlAsWqu6x+Tn36GLT2HOZBzpjZq3hPWms1W4BQNPcTynSNNMAbKYR
9fVGv0wAbDZUXmZCnYMj8ye8D7NYP2DlkYAjuDepxpebQ1PSzaEFZxbFNEzahcK1
eM2Wa4TUB8SRQxspCSBWTzNu7UYhBl5VZ3wDNXvRUIUz8botPds5IZF0vIbTxwOD
7TWL6gLI5x8p2cx9IiOxNtPcdjTC8XrrGwMcuVXTFN5urAW3
-----END CERTIFICATE-----
Generated at Thu May 1 15:02:12 2025 by rpki-client