Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rGiOu7ViDjK2DVcqKV0woR6trXo.roa
File: rGiOu7ViDjK2DVcqKV0woR6trXo.roa (raw, json)
Hash identifier: lna/2N3DZ7r2W70g+Ly7DS9bm+NZcghTBgHA/FGhJdU=
Subject key identifier: AC:68:8E:BB:B5:62:0E:32:B6:0D:57:2A:29:5D:30:A1:1E:AD:AD:7A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8976C7AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rGiOu7ViDjK2DVcqKV0woR6trXo.roa
Signing time: Fri 03 Jun 2022 03:05:20 +0000
ROA not before: Fri 03 Jun 2022 03:05:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:2785:af24/128 maxlen: 128
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2306262957 (0x8976c7ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 3 03:05:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac688ebbb5620e32b60d572a295d30a11eadad7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:20:19:4b:18:a2:01:97:f0:62:c7:a9:f8:54:
d2:92:61:0d:3d:ff:1d:57:7d:87:cd:d2:d3:14:df:
26:8b:41:eb:36:47:84:f8:60:40:87:5d:70:41:04:
38:07:8b:0c:84:fc:a7:1c:bb:08:42:51:3a:47:05:
34:69:b0:d6:a4:3f:bf:49:a1:12:12:ba:f7:cf:9c:
7a:37:e2:ed:9e:6f:25:01:99:db:38:d1:3b:56:d3:
63:1f:2e:ad:0d:21:e7:17:06:82:43:c6:3f:a0:d0:
42:f1:c6:bc:64:82:cb:ae:27:55:f7:64:c5:ba:31:
bf:ed:ba:5d:67:36:f2:32:09:35:66:c4:2b:74:3b:
16:61:96:9d:95:0d:a8:0d:7d:a2:33:c6:49:ef:2d:
4b:69:40:26:c8:ee:71:17:99:65:ef:4c:0a:c2:d3:
d2:4e:e4:d0:c9:56:ff:8f:5a:e8:c0:95:6f:b6:fc:
3f:50:99:e2:cd:18:dd:a8:fe:4b:b2:1c:6a:cd:10:
56:97:51:a1:73:f2:b6:95:6d:d2:8f:78:21:c6:79:
23:d3:00:3d:6f:3e:25:fa:88:68:69:43:5a:84:ed:
5d:e4:a9:cb:b7:5d:d3:e7:f8:04:16:da:c6:3a:b3:
30:08:37:03:8a:75:96:5b:ce:cf:e4:1d:0c:66:df:
8b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:68:8E:BB:B5:62:0E:32:B6:0D:57:2A:29:5D:30:A1:1E:AD:AD:7A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rGiOu7ViDjK2DVcqKV0woR6trXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:77:84:72:f7:3d:4c:a6:c3:f4:cd:b5:c0:b5:85:c1:58:fb:
9b:49:81:55:87:bc:a8:5c:3d:ed:56:05:2a:8d:f5:f3:2c:9b:
f6:c3:a6:d4:6c:27:f2:66:77:13:06:c9:ba:8c:74:4c:c6:0c:
bc:21:1a:c5:3e:c1:fb:06:c3:c6:23:9e:33:19:e4:5b:5f:dd:
d1:b9:b2:7c:c4:a4:a7:19:bc:0c:5c:d0:67:2a:dc:95:f6:4c:
e9:f3:64:ff:51:49:8e:df:b8:97:46:3b:d2:0f:97:a0:d8:1f:
de:c0:25:59:17:ac:67:14:f7:ec:75:32:f9:cf:8b:2c:77:78:
4a:5a:3b:8b:d2:25:6b:bb:74:17:1e:44:89:6f:ad:c2:c2:a4:
79:c3:26:23:8f:e1:d2:61:30:ec:14:97:c8:5a:e0:03:7a:34:
97:a0:77:58:75:08:cb:ad:e3:14:c1:74:24:49:7a:c2:57:23:
49:d5:09:eb:ca:4f:9b:2f:df:5f:e8:1f:a1:fa:fa:50:ba:b3:
55:c9:36:23:01:62:e8:a9:69:3f:af:8c:ae:73:af:db:96:b7:
10:b6:3c:b4:eb:86:79:b8:22:f2:dc:e3:70:c6:45:6b:7a:b9:
09:f2:69:71:31:f3:11:60:76:65:5b:f2:20:69:41:81:9a:8f:
27:89:8f:25
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIl2x60wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDMwMzA1MjBaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGFjNjg4ZWJiYjU2
MjBlMzJiNjBkNTcyYTI5NWQzMGExMWVhZGFkN2EwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYIBlLGKIBl/Bix6n4VNKSYQ09/x1XfYfN0tMU3yaLQes2
R4T4YECHXXBBBDgHiwyE/KccuwhCUTpHBTRpsNakP79JoRISuvfPnHo34u2ebyUB
mds40TtW02MfLq0NIecXBoJDxj+g0ELxxrxkgsuuJ1X3ZMW6Mb/tul1nNvIyCTVm
xCt0OxZhlp2VDagNfaIzxknvLUtpQCbI7nEXmWXvTArC09JO5NDJVv+PWujAlW+2
/D9QmeLNGN2o/kuyHGrNEFaXUaFz8raVbdKPeCHGeSPTAD1vPiX6iGhpQ1qE7V3k
qcu3XdPn+AQW2sY6szAINwOKdZZbzs/kHQxm34tTAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUrGiOu7ViDjK2DVcqKV0woR6trXowHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9yR2lPdTdWaURqSzJEVmNxS1Ywd29SNnRyWG8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAoneEcvc9TKbD9M21wLWFwVj7m0mBVYe8qFw9
7VYFKo318yyb9sOm1Gwn8mZ3EwbJuox0TMYMvCEaxT7B+wbDxiOeMxnkW1/d0bmy
fMSkpxm8DFzQZyrclfZM6fNk/1FJjt+4l0Y70g+XoNgf3sAlWResZxT37HUy+c+L
LHd4Slo7i9Ila7t0Fx5EiW+twsKkecMmI4/h0mEw7BSXyFrgA3o0l6B3WHUIy63j
FMF0JEl6wlcjSdUJ68pPmy/fX+gfofr6ULqzVck2IwFi6KlpP6+MrnOv25a3ELY8
tOuGebgi8tzjcMZFa3q5CfJpcTHzEWB2ZVvyIGlBgZqPJ4mPJQ==
-----END CERTIFICATE-----
Generated at Thu May 1 04:42:44 2025 by rpki-client