Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/k0gYLc3KqiQk5eKK59K6Bj3TzTQ.roa
File: k0gYLc3KqiQk5eKK59K6Bj3TzTQ.roa (raw, json)
Hash identifier: 7+TSnIj3Cf+MqHG5w6pBJlKkGaJEZleEF8bsEakbWlA=
Subject key identifier: 93:48:18:2D:CD:CA:AA:24:24:E5:E2:8A:E7:D2:BA:06:3D:D3:CD:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184B291989BF9CFEB9FC2B2EFF695BFE22F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/k0gYLc3KqiQk5eKK59K6Bj3TzTQ.roa
Signing time: Sat 26 Nov 2022 06:13:16 +0000
ROA not before: Sat 26 Nov 2022 06:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:ae77:4719/128 maxlen: 128
2001:67c:64:ffff:0:184:9f03:9814/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b2:91:98:9b:f9:cf:eb:9f:c2:b2:ef:f6:95:bf:e2:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 26 06:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9348182dcdcaaa2424e5e28ae7d2ba063dd3cd34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c3:b9:1e:ed:25:e0:e0:ed:5e:25:6f:ed:41:
75:3c:8d:4d:2a:97:03:67:10:01:f8:c3:30:c3:e9:
0e:30:3b:09:f9:07:d5:2c:9f:f2:c0:4b:2c:53:c9:
99:bf:5d:82:55:22:d4:47:ce:4f:9a:aa:36:1d:06:
d9:b9:34:b0:13:a6:14:74:0b:4b:dc:e3:25:e1:98:
dc:20:4b:61:4d:3c:ba:2f:2d:6e:37:30:1c:f7:29:
d4:4b:27:12:e6:44:46:ff:76:b5:00:56:1d:97:c5:
75:95:ec:f4:e4:f0:c6:09:9d:49:64:9e:f1:a4:1e:
6e:75:d9:00:af:1a:d1:ac:f8:c4:39:dd:57:f3:08:
29:ea:ef:6e:22:e1:fe:51:cb:72:f1:bd:ac:0a:37:
ce:4b:ee:43:5f:bd:7e:c8:0e:20:da:9a:e7:16:6d:
66:32:38:a1:a8:b8:86:05:bb:e5:c6:40:61:c8:19:
63:a1:61:e2:fd:45:40:5b:65:8c:56:aa:d2:cb:37:
04:56:67:53:6e:c5:e1:f2:4b:ea:5c:d5:ce:83:96:
40:8f:25:6b:19:82:a7:14:9f:64:3c:59:7a:e1:d1:
9e:54:4e:23:a2:1a:06:b6:d4:f5:66:a9:91:11:df:
87:78:fa:ba:39:d1:1b:7b:45:f4:c1:39:4b:e1:cf:
22:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:48:18:2D:CD:CA:AA:24:24:E5:E2:8A:E7:D2:BA:06:3D:D3:CD:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/k0gYLc3KqiQk5eKK59K6Bj3TzTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:16:c3:11:fa:5b:7e:ee:92:65:12:42:cb:2e:c4:92:ce:23:
74:e3:ec:64:aa:0d:f0:e3:6b:9f:1e:ec:60:4f:f3:ad:8c:40:
df:75:0a:f0:69:2a:f5:38:0a:80:0b:83:d7:e5:92:36:1f:7d:
ef:cb:c3:9c:4f:ce:c0:8c:71:fe:72:de:25:db:3f:6e:e1:a1:
62:13:f6:ad:ed:6c:2d:25:91:1b:2e:f4:ec:b8:e9:a2:4d:88:
7d:15:7e:25:ba:35:6d:cf:63:5a:48:00:0c:b4:19:1b:f5:22:
b7:dd:7a:f1:1e:2f:f3:6b:dc:c1:2e:6c:0d:7c:de:40:17:b8:
b7:55:45:63:c8:4f:c3:51:b3:19:3a:e2:d8:33:cb:ba:db:5c:
13:ff:fe:8d:1f:bd:1e:23:41:3a:40:cf:5a:46:eb:f3:35:eb:
bb:71:25:10:ae:da:52:1b:04:86:63:c5:ec:ec:49:85:e2:a0:
07:87:8b:d5:5c:ea:33:98:27:ef:76:f3:4e:84:2d:8f:e4:8a:
17:42:f0:0a:93:03:aa:42:00:05:0f:dd:c7:b4:c4:42:f2:5f:
86:ff:74:13:3d:18:a3:b8:fc:e2:43:df:ad:1d:68:9a:52:fd:
5b:12:ba:0f:10:bd:22:a3:54:b8:07:f2:2b:f0:eb:aa:99:95:
c9:58:09:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSykZib+c/rn8Ky7/aVv+IvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTI2MDYxMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQ4MTgyZGNkY2FhYTI0MjRlNWUyOGFlN2QyYmEwNjNkZDNjZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcO5Hu0l4ODtXiVv7UF1PI1NKpcD
ZxAB+MMww+kOMDsJ+QfVLJ/ywEssU8mZv12CVSLUR85Pmqo2HQbZuTSwE6YUdAtL
3OMl4ZjcIEthTTy6Ly1uNzAc9ynUSycS5kRG/3a1AFYdl8V1lez05PDGCZ1JZJ7x
pB5uddkArxrRrPjEOd1X8wgp6u9uIuH+Ucty8b2sCjfOS+5DX71+yA4g2prnFm1m
MjihqLiGBbvlxkBhyBljoWHi/UVAW2WMVqrSyzcEVmdTbsXh8kvqXNXOg5ZAjyVr
GYKnFJ9kPFl64dGeVE4johoGttT1ZqmREd+HePq6OdEbe0X0wTlL4c8izQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJNIGC3NyqokJOXiiufSugY90800MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvazBnWUxjM0txaVFrNWVLSzU5SzZCajNUelRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgWwxH6W37ukmUSQssu
xJLOI3Tj7GSqDfDja58e7GBP862MQN91CvBpKvU4CoALg9flkjYffe/Lw5xPzsCM
cf5y3iXbP27hoWIT9q3tbC0lkRsu9Oy46aJNiH0VfiW6NW3PY1pIAAy0GRv1Irfd
evEeL/Nr3MEubA183kAXuLdVRWPIT8NRsxk64tgzy7rbXBP//o0fvR4jQTpAz1pG
6/M167txJRCu2lIbBIZjxezsSYXioAeHi9Vc6jOYJ+92806ELY/kihdC8AqTA6pC
AAUP3ce0xELyX4b/dBM9GKO4/OJD360daJpS/VsSug8QvSKjVLgH8ivw66qZlclY
CZ4=
-----END CERTIFICATE-----
Generated at Thu May 1 20:58:39 2025 by rpki-client