Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rnkNX9mLQdTbNOfmimdBYaG5qpo.roa
File: rnkNX9mLQdTbNOfmimdBYaG5qpo.roa (raw, json)
Hash identifier: /rRT9MFWK+pXneMExgHl0cya1j8/bvbHS+i7aLEAwLI=
Subject key identifier: AE:79:0D:5F:D9:8B:41:D4:DB:34:E7:E6:8A:67:41:61:A1:B9:AA:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183ADA8F090A912AB2374F5B20865AEFFC2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rnkNX9mLQdTbNOfmimdBYaG5qpo.roa
Signing time: Thu 06 Oct 2022 14:17:53 +0000
ROA not before: Thu 06 Oct 2022 14:17:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ad:a8:f0:90:a9:12:ab:23:74:f5:b2:08:65:ae:ff:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 6 14:17:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae790d5fd98b41d4db34e7e68a674161a1b9aa9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ca:95:eb:5a:af:df:72:82:32:c6:d4:b5:9a:
fa:f6:00:85:21:16:b7:cd:37:9a:4b:58:b3:b9:bd:
43:67:76:e9:e7:ab:4b:52:56:c8:60:95:89:4c:a9:
17:ee:d6:b3:88:3e:38:c8:7e:f3:0a:24:3c:13:23:
22:2b:f7:06:f8:fa:8a:0b:7c:48:d5:87:c4:e7:f8:
b5:f3:7d:55:fb:eb:08:22:52:4a:9d:a4:2d:f2:81:
7e:56:f1:fd:90:16:df:6f:b9:5a:34:64:3c:8d:38:
e6:93:54:b2:8e:61:04:56:1b:15:9a:09:94:3a:e5:
b4:9b:77:e3:83:5e:60:f1:48:0f:ed:14:81:c2:86:
24:e4:25:bd:99:34:6a:e5:d3:95:98:8c:7e:b6:ad:
76:a3:e8:f1:23:56:94:4a:32:0a:82:cd:a2:68:c3:
04:83:1a:54:b7:5b:70:85:9e:9d:55:99:37:a1:a7:
0b:99:17:ff:f4:37:24:83:ed:18:dd:da:ce:1b:42:
f9:71:3c:01:81:45:d5:0f:96:43:4b:ec:b2:d2:d8:
8e:7b:f8:f1:d4:16:23:95:e9:37:a1:94:0b:09:6d:
af:ad:ef:98:23:85:22:85:2b:54:da:0c:d5:f5:27:
81:57:dc:58:ca:1e:e0:ae:09:86:48:81:33:1f:82:
a2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:79:0D:5F:D9:8B:41:D4:DB:34:E7:E6:8A:67:41:61:A1:B9:AA:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rnkNX9mLQdTbNOfmimdBYaG5qpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:9a:8b:04:02:fb:4a:d6:cc:20:81:af:e2:99:5c:9d:d0:f5:
52:9c:eb:8f:36:47:c6:e1:48:9c:18:53:fb:db:9b:ca:3c:ca:
9b:ea:ba:84:aa:b6:90:ad:c4:35:9b:06:32:b9:ee:b0:0d:cb:
2e:db:e7:4d:92:84:e2:78:16:fd:a8:1c:2b:40:32:67:0f:0f:
9a:77:7f:05:97:4a:60:1f:b7:40:51:5f:2f:51:f5:5e:d7:2b:
82:41:aa:65:b6:7a:56:10:ce:ee:d7:be:b9:73:3b:95:f1:18:
81:79:cf:21:92:84:ec:a0:b8:1c:ba:63:31:84:c8:5a:8d:ac:
b2:96:34:93:78:95:8e:df:43:e3:ba:92:82:25:b2:a3:84:d3:
3c:0f:16:6d:88:f7:cf:79:c0:05:2c:6f:73:65:2d:81:08:08:
99:2e:3c:b0:a9:5d:63:27:02:94:e2:53:e4:72:c6:d9:36:04:
57:bf:ea:c8:bc:43:96:6d:70:6b:a5:41:7a:d0:66:09:2d:d3:
72:bc:93:34:44:ec:c1:33:d2:49:4f:9a:e1:c8:44:a5:04:39:
8f:9d:a0:a2:79:3d:13:68:fd:95:7b:58:41:83:52:f4:a0:cc:
7d:b0:fe:77:63:c7:33:88:b2:eb:fa:87:c1:6d:06:8c:28:71:
25:65:cd:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYOtqPCQqRKrI3T1sghlrv/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDA2MTQxNzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTc5MGQ1ZmQ5OGI0MWQ0ZGIzNGU3ZTY4YTY3NDE2MWExYjlhYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcqV61qv33KCMsbUtZr69gCFIRa3
zTeaS1izub1DZ3bp56tLUlbIYJWJTKkX7taziD44yH7zCiQ8EyMiK/cG+PqKC3xI
1YfE5/i1831V++sIIlJKnaQt8oF+VvH9kBbfb7laNGQ8jTjmk1SyjmEEVhsVmgmU
OuW0m3fjg15g8UgP7RSBwoYk5CW9mTRq5dOVmIx+tq12o+jxI1aUSjIKgs2iaMME
gxpUt1twhZ6dVZk3oacLmRf/9Dckg+0Y3drOG0L5cTwBgUXVD5ZDS+yy0tiOe/jx
1BYjlek3oZQLCW2vre+YI4UihStU2gzV9SeBV9xYyh7grgmGSIEzH4Ki5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK55DV/Zi0HU2zTn5opnQWGhuaqaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcm5rTlg5bUxRZFRiTk9mbWltZEJZYUc1cXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK6aiwQC+0rWzCCBr+KZ
XJ3Q9VKc6482R8bhSJwYU/vbm8o8ypvquoSqtpCtxDWbBjK57rANyy7b502ShOJ4
Fv2oHCtAMmcPD5p3fwWXSmAft0BRXy9R9V7XK4JBqmW2elYQzu7XvrlzO5XxGIF5
zyGShOyguBy6YzGEyFqNrLKWNJN4lY7fQ+O6koIlsqOE0zwPFm2I9895wAUsb3Nl
LYEICJkuPLCpXWMnApTiU+Ryxtk2BFe/6si8Q5ZtcGulQXrQZgkt03K8kzRE7MEz
0klPmuHIRKUEOY+doKJ5PRNo/ZV7WEGDUvSgzH2w/ndjxzOIsuv6h8FtBowocSVl
zdE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:27:41 2025 by rpki-client