Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pykKgZlfLd81rC-t5Bs0UOiwa40.roa
File: pykKgZlfLd81rC-t5Bs0UOiwa40.roa (raw, json)
Hash identifier: aBI7LA5DjjxVRnF7NSFSJmzreui7CEbQr/GznLtCbC8=
Subject key identifier: A7:29:0A:81:99:5F:2D:DF:35:AC:2F:AD:E4:1B:34:50:E8:B0:6B:8D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185A0EED847115D4A411590715EEE32B958
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pykKgZlfLd81rC-t5Bs0UOiwa40.roa
Signing time: Wed 11 Jan 2023 13:04:45 +0000
ROA not before: Wed 11 Jan 2023 13:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
2001:67c:64:ffff:0:185:a0ee:743c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:ee:d8:47:11:5d:4a:41:15:90:71:5e:ee:32:b9:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 11 13:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7290a81995f2ddf35ac2fade41b3450e8b06b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:50:f0:0a:d1:4f:f2:4b:e5:1b:b1:16:e6:
f1:a1:6c:2c:be:bf:37:74:50:3a:f0:f1:69:55:42:
42:3a:2d:b9:32:d8:1f:7d:48:50:be:54:57:8c:f1:
79:5c:8b:9a:8d:c3:a8:01:5c:9d:aa:f6:b7:f5:72:
05:ff:51:11:82:1f:99:d4:2b:17:5d:b5:79:82:7f:
23:9d:1b:42:21:78:47:95:07:6f:c7:11:5f:4e:eb:
16:99:52:5f:ea:37:c6:07:36:98:25:38:de:bb:7b:
f8:03:0f:a2:9a:87:e8:2a:3f:16:a8:c4:8c:9f:47:
be:17:06:70:c5:9a:fd:35:9a:37:e0:2d:0f:b4:ff:
96:88:32:19:3f:f3:c6:c6:c3:c4:3a:39:f6:86:f7:
eb:60:5e:3b:ba:b5:87:a0:c0:4d:69:de:ca:2a:53:
66:82:7b:61:61:0a:4d:bf:2b:64:62:43:87:ce:3f:
dd:4a:e9:74:1e:2b:87:82:8e:bd:03:4f:c0:ad:5c:
5d:2e:e3:e8:c0:7a:9b:2e:ce:2b:88:f7:08:52:dd:
eb:68:35:9a:ac:bc:4f:a7:eb:11:b8:b3:07:66:a8:
14:37:d7:44:23:10:10:10:e0:61:0a:86:ae:9e:cd:
fb:fb:b6:68:b7:ce:9a:87:e1:db:a6:f3:bd:b0:f0:
70:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:29:0A:81:99:5F:2D:DF:35:AC:2F:AD:E4:1B:34:50:E8:B0:6B:8D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pykKgZlfLd81rC-t5Bs0UOiwa40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:18:79:4c:75:ba:71:bc:b5:c1:86:2f:40:68:c2:09:ed:d1:
f0:92:97:db:c8:16:1c:e0:ff:f6:97:96:eb:85:7c:2b:b4:3f:
8c:f4:96:6d:4b:4e:db:9e:3a:9d:48:f0:fb:b2:9d:03:5f:60:
b3:d6:2f:e7:c6:bf:a3:3b:62:bd:69:dd:2e:2d:11:b0:57:36:
d9:f1:e9:8e:d7:98:3a:63:7f:20:ea:d7:44:c9:f8:4d:33:05:
89:f6:d4:23:67:d0:da:b5:96:83:ad:ef:63:f1:7b:c6:f2:16:
7f:aa:c2:2d:ce:c8:a8:03:37:59:57:36:11:10:d6:b4:bd:a0:
38:2d:5b:7c:35:31:6a:45:2b:87:49:99:8f:04:bf:d0:1b:e1:
c4:b4:68:d2:cc:45:93:7b:f5:b4:45:cb:9e:bb:99:d5:1d:6a:
14:67:a5:96:83:96:30:b6:73:e3:e0:a2:af:e6:20:96:b8:6d:
27:2c:e5:e2:ea:e4:62:35:9b:b8:2b:fa:3c:cb:8d:34:84:c2:
ed:90:b1:84:6a:90:77:88:32:e9:a4:bb:cb:8f:f6:4d:09:fa:
a0:a5:45:02:e5:3b:ca:94:26:c3:6b:63:ff:04:a3:10:f5:23:
7b:56:31:ae:8d:fd:ba:66:ae:1c:db:3a:2d:88:fb:11:07:15:
8b:65:97:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWg7thHEV1KQRWQcV7uMrlYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTExMTMwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI5MGE4MTk5NWYyZGRmMzVhYzJmYWRlNDFiMzQ1MGU4YjA2YjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyVQ8ArRT/JL5RuxFubxoWwsvr83
dFA68PFpVUJCOi25MtgffUhQvlRXjPF5XIuajcOoAVydqva39XIF/1ERgh+Z1CsX
XbV5gn8jnRtCIXhHlQdvxxFfTusWmVJf6jfGBzaYJTjeu3v4Aw+imofoKj8WqMSM
n0e+FwZwxZr9NZo34C0PtP+WiDIZP/PGxsPEOjn2hvfrYF47urWHoMBNad7KKlNm
gnthYQpNvytkYkOHzj/dSul0HiuHgo69A0/ArVxdLuPowHqbLs4riPcIUt3raDWa
rLxPp+sRuLMHZqgUN9dEIxAQEOBhCoauns37+7Zot86ah+HbpvO9sPBw4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKcpCoGZXy3fNawvreQbNFDosGuNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcHlrS2dabGZMZDgxckMtdDVCczBVT2l3YTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFoYeUx1unG8tcGGL0Bo
wgnt0fCSl9vIFhzg//aXluuFfCu0P4z0lm1LTtueOp1I8PuynQNfYLPWL+fGv6M7
Yr1p3S4tEbBXNtnx6Y7XmDpjfyDq10TJ+E0zBYn21CNn0Nq1loOt72Pxe8byFn+q
wi3OyKgDN1lXNhEQ1rS9oDgtW3w1MWpFK4dJmY8Ev9Ab4cS0aNLMRZN79bRFy567
mdUdahRnpZaDljC2c+Pgoq/mIJa4bScs5eLq5GI1m7gr+jzLjTSEwu2QsYRqkHeI
Mumku8uP9k0J+qClRQLlO8qUJsNrY/8EoxD1I3tWMa6N/bpmrhzbOi2I+xEHFYtl
l3A=
-----END CERTIFICATE-----
Generated at Fri May 2 12:03:48 2025 by rpki-client