Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/j4iVSq0U25A6C1fFhv-5MCQGdik.roa
File: j4iVSq0U25A6C1fFhv-5MCQGdik.roa (raw, json)
Hash identifier: MnSvt4PPEyXyfUXBRo42t/ZeZgKOovv8Rutjxg72z4g=
Subject key identifier: 8F:88:95:4A:AD:14:DB:90:3A:0B:57:C5:86:FF:B9:30:24:06:76:29
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 786066AF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/j4iVSq0U25A6C1fFhv-5MCQGdik.roa
Signing time: Mon 04 Apr 2022 13:10:19 +0000
ROA not before: Mon 04 Apr 2022 13:10:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2019583663 (0x786066af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 4 13:10:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f88954aad14db903a0b57c586ffb93024067629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ff:dc:6f:12:01:33:49:6e:a5:e1:79:8a:fc:
3c:34:a1:dd:03:95:73:60:60:5f:a1:db:31:a9:15:
fa:d1:62:6a:e6:9f:27:d3:03:de:6a:b2:84:8f:94:
d8:40:0e:ea:23:c4:af:bf:af:e6:5a:d7:be:72:2d:
0e:91:23:d5:01:d1:3e:52:45:0a:0d:8c:95:7d:4d:
9b:9e:e8:31:cc:1e:42:45:0e:35:44:4f:d8:26:29:
9d:fc:0a:bf:63:19:d0:e3:24:ed:5f:83:28:18:aa:
ba:1a:55:a5:75:81:87:55:9f:13:46:9f:3d:25:67:
10:b9:22:b5:a5:dd:de:98:d0:92:12:49:10:40:d7:
5e:12:65:bc:32:90:26:7b:2e:0c:c3:c5:dd:80:02:
bf:6d:ab:c3:4e:81:b5:19:46:07:da:34:d8:0b:b9:
99:1d:44:22:a1:36:56:70:71:61:28:e5:98:c0:ca:
0c:34:1c:29:cb:94:fb:99:da:a2:23:b1:03:35:74:
90:87:ac:2a:62:54:37:b3:2b:45:a8:f4:66:f1:d4:
02:6d:5e:2e:d7:48:36:a6:29:5b:03:44:da:88:6a:
dd:1e:17:8a:c1:6d:85:fb:d5:28:d1:92:64:26:d4:
6e:55:cf:64:e0:20:47:69:ab:fe:cf:85:82:64:3c:
32:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:88:95:4A:AD:14:DB:90:3A:0B:57:C5:86:FF:B9:30:24:06:76:29
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/j4iVSq0U25A6C1fFhv-5MCQGdik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:f3:3c:89:87:3b:17:3c:b6:73:62:4a:ef:94:3d:9f:c1:c9:
f1:ec:43:19:ea:53:ef:25:80:c3:c1:3e:0b:cb:a8:0f:30:0b:
19:cb:bd:ed:86:ba:79:5b:78:a2:05:6d:cf:42:7c:39:98:a0:
bb:3c:0d:56:5c:7d:b6:46:4f:1c:22:fe:bc:d8:ca:63:50:ec:
f1:19:f5:5a:cb:7f:95:91:c7:38:d4:5c:34:eb:91:55:c7:cc:
66:16:44:31:26:f0:f1:c3:ef:91:39:88:de:b6:91:f1:a3:07:
5c:e0:3a:d5:49:50:0c:3a:ea:8d:38:a7:45:1d:53:35:07:c9:
60:7e:35:6c:76:3d:cd:35:22:ef:bf:d5:2c:96:f8:87:95:0e:
ef:38:83:8e:a9:cd:d8:e2:4e:31:16:79:77:c8:e0:3b:fe:de:
b0:70:89:b5:1a:d6:73:02:c7:9a:fc:ac:76:db:ad:46:58:1d:
ba:57:11:39:66:61:ae:92:7e:64:cf:9e:22:1d:1b:6a:b7:d0:
72:f7:91:ec:80:cc:58:7e:17:f7:dc:01:03:d7:6e:d8:6a:91:
bc:fb:73:29:9c:0a:36:96:f7:d8:8f:a6:0d:11:13:a1:6d:23:
fa:e7:f2:05:50:92:4a:11:4f:63:b1:46:72:b8:1c:c0:60:d7:
6a:a4:7c:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEeGBmrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
NDEzMTAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY4ODk1NGFhZDE0
ZGI5MDNhMGI1N2M1ODZmZmI5MzAyNDA2NzYyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMz/3G8SATNJbqXheYr8PDSh3QOVc2BgX6HbMakV+tFiauaf
J9MD3mqyhI+U2EAO6iPEr7+v5lrXvnItDpEj1QHRPlJFCg2MlX1Nm57oMcweQkUO
NURP2CYpnfwKv2MZ0OMk7V+DKBiquhpVpXWBh1WfE0afPSVnELkitaXd3pjQkhJJ
EEDXXhJlvDKQJnsuDMPF3YACv22rw06BtRlGB9o02Au5mR1EIqE2VnBxYSjlmMDK
DDQcKcuU+5naoiOxAzV0kIesKmJUN7MrRaj0ZvHUAm1eLtdINqYpWwNE2ohq3R4X
isFthfvVKNGSZCbUblXPZOAgR2mr/s+FgmQ8MlUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSPiJVKrRTbkDoLV8WG/7kwJAZ2KTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2o0aVZTcTBVMjVBNkMxZkZodi01TUNRR2Rpay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAl8zyJhzsXPLZzYkrvlD2fwcnx7EMZ6lPvJYDD
wT4Ly6gPMAsZy73thrp5W3iiBW3PQnw5mKC7PA1WXH22Rk8cIv682MpjUOzxGfVa
y3+Vkcc41Fw065FVx8xmFkQxJvDxw++ROYjetpHxowdc4DrVSVAMOuqNOKdFHVM1
B8lgfjVsdj3NNSLvv9UslviHlQ7vOIOOqc3Y4k4xFnl3yOA7/t6wcIm1GtZzAsea
/Kx2261GWB26VxE5ZmGukn5kz54iHRtqt9By95HsgMxYfhf33AED127YapG8+3Mp
nAo2lvfYj6YNEROhbSP65/IFUJJKEU9jsUZyuBzAYNdqpHxv
-----END CERTIFICATE-----
Generated at Fri May 2 15:36:20 2025 by rpki-client