Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rZYfUw1RZV0njsB0GNfAmteG6QE.roa
File: rZYfUw1RZV0njsB0GNfAmteG6QE.roa (raw, json)
Hash identifier: nvNXuxSOoa4xDGzE1tEGCnz/pycSjiFU1SJO0R7Lpug=
Subject key identifier: AD:96:1F:53:0D:51:65:5D:27:8E:C0:74:18:D7:C0:9A:D7:86:E9:01
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018523381060DAFA423379474C71D9B9C913
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rZYfUw1RZV0njsB0GNfAmteG6QE.roa
Signing time: Sun 18 Dec 2022 03:12:34 +0000
ROA not before: Sun 18 Dec 2022 03:12:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:23:38:10:60:da:fa:42:33:79:47:4c:71:d9:b9:c9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 03:12:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad961f530d51655d278ec07418d7c09ad786e901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ce:7b:ba:89:56:27:73:5d:30:47:6a:fb:52:
04:69:80:d3:c0:7f:69:9a:e9:98:0c:e6:1c:4d:8c:
e6:bf:9e:cd:b8:0a:9b:37:10:8f:42:a2:5a:44:e5:
64:91:68:c6:b4:6f:8e:5d:54:37:50:db:47:36:71:
6a:46:db:b5:db:2c:01:41:b1:cf:98:a2:73:b7:7d:
59:2c:e9:c3:cf:c4:17:de:f7:cd:0a:46:4b:1c:bf:
26:c1:86:66:c3:87:de:10:9c:38:b3:5f:2a:77:46:
7a:72:20:e6:e3:c4:6e:dd:d6:74:10:b5:3f:25:28:
8a:8a:e6:4b:52:89:0b:46:20:ee:20:6c:b2:c0:9a:
aa:97:df:4c:82:c0:65:a1:39:f4:2b:c4:5a:42:49:
21:db:43:f3:42:51:93:0c:74:cd:3b:ba:12:14:42:
82:d3:cb:fa:f1:8d:b0:9a:c8:a7:c2:06:68:b5:c1:
00:13:36:2f:a6:7e:86:5b:7f:2f:d7:a9:9c:15:06:
00:5d:eb:ce:8e:ad:42:60:6d:49:cb:ef:f3:05:3e:
72:1c:74:07:6f:af:75:f7:c0:96:46:af:08:f5:f9:
fe:94:09:1b:89:98:6a:93:c4:5e:a7:26:b2:75:23:
94:fb:68:a6:42:a3:1f:44:67:76:42:60:5b:f8:55:
34:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:96:1F:53:0D:51:65:5D:27:8E:C0:74:18:D7:C0:9A:D7:86:E9:01
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rZYfUw1RZV0njsB0GNfAmteG6QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:f4:47:ba:91:4e:2a:c5:05:a5:86:6c:22:12:07:ca:02:71:
ee:29:c1:be:3c:3d:3e:6d:72:05:7c:3f:c5:df:39:11:a7:0b:
57:d4:14:a2:35:5a:b3:a1:4a:8d:8f:c3:f3:21:b5:9e:98:76:
16:11:5a:82:ae:57:f0:25:e3:a6:9b:09:ad:3d:c0:30:de:71:
f1:ca:d5:ae:67:0a:0a:8f:a2:7d:a4:1a:10:ae:02:78:ac:57:
8a:6d:83:dc:d0:bc:82:d3:28:2c:17:5b:dc:e4:ef:61:d3:c2:
b0:0f:ec:1c:12:67:ea:dd:6c:d6:5c:42:a1:b7:c1:99:12:6e:
5e:df:2c:77:3e:6c:a5:c5:5a:58:70:25:98:04:03:d8:61:d8:
00:41:9b:76:ee:f8:fe:77:27:2e:2b:70:f1:22:dd:56:5a:ce:
cb:da:e9:53:d7:87:3c:ff:d3:ab:c2:a7:ab:31:49:1a:a8:c9:
cd:64:92:92:a3:38:61:7d:29:c7:46:1f:20:07:d4:0a:0e:81:
9b:86:2d:f9:6f:e2:0a:73:58:d9:a5:41:1c:59:23:aa:97:6d:
19:51:62:16:04:a3:ed:46:1c:a8:63:55:4e:d9:ef:78:e4:a8:
3d:b0:73:f9:74:92:2f:4d:3b:4e:62:b3:53:48:6a:6e:3c:4f:
b4:ca:e9:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUjOBBg2vpCM3lHTHHZuckTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MDMxMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk2MWY1MzBkNTE2NTVkMjc4ZWMwNzQxOGQ3YzA5YWQ3ODZlOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus57uolWJ3NdMEdq+1IEaYDTwH9p
mumYDOYcTYzmv57NuAqbNxCPQqJaROVkkWjGtG+OXVQ3UNtHNnFqRtu12ywBQbHP
mKJzt31ZLOnDz8QX3vfNCkZLHL8mwYZmw4feEJw4s18qd0Z6ciDm48Ru3dZ0ELU/
JSiKiuZLUokLRiDuIGyywJqql99MgsBloTn0K8RaQkkh20PzQlGTDHTNO7oSFEKC
08v68Y2wmsinwgZotcEAEzYvpn6GW38v16mcFQYAXevOjq1CYG1Jy+/zBT5yHHQH
b69198CWRq8I9fn+lAkbiZhqk8RepyaydSOU+2imQqMfRGd2QmBb+FU0QwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2WH1MNUWVdJ47AdBjXwJrXhukBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvclpZZlV3MVJaVjBuanNCMEdOZkFtdGVHNlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACb0R7qRTirFBaWGbCIS
B8oCce4pwb48PT5tcgV8P8XfORGnC1fUFKI1WrOhSo2Pw/MhtZ6YdhYRWoKuV/Al
46abCa09wDDecfHK1a5nCgqPon2kGhCuAnisV4ptg9zQvILTKCwXW9zk72HTwrAP
7BwSZ+rdbNZcQqG3wZkSbl7fLHc+bKXFWlhwJZgEA9hh2ABBm3bu+P53Jy4rcPEi
3VZazsva6VPXhzz/06vCp6sxSRqoyc1kkpKjOGF9KcdGHyAH1AoOgZuGLflv4gpz
WNmlQRxZI6qXbRlRYhYEo+1GHKhjVU7Z73jkqD2wc/l0ki9NO05is1NIam48T7TK
6es=
-----END CERTIFICATE-----
Generated at Fri May 2 17:38:14 2025 by rpki-client