Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/s4hPW8EY6IhdbickS4Ma-qjWYBo.roa
File: s4hPW8EY6IhdbickS4Ma-qjWYBo.roa (raw, json)
Hash identifier: MlRWIUF9M/iPkA45TUFhxWpFaEPh/Rskx/pmHCUc4vk=
Subject key identifier: B3:88:4F:5B:C1:18:E8:88:5D:6E:27:24:4B:83:1A:FA:A8:D6:60:1A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018544733F14CF9A93C13E463562B840ED50
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/s4hPW8EY6IhdbickS4Ma-qjWYBo.roa
Signing time: Sat 24 Dec 2022 14:04:41 +0000
ROA not before: Sat 24 Dec 2022 14:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:4472:b61e/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:73:3f:14:cf:9a:93:c1:3e:46:35:62:b8:40:ed:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 14:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3884f5bc118e8885d6e27244b831afaa8d6601a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:9f:d3:eb:57:78:6c:41:e6:9a:c4:08:13:f1:
73:88:1b:22:e8:14:65:72:21:41:93:08:fb:7e:0d:
1b:5a:e7:11:1d:f3:48:c2:42:9a:fe:b8:f3:75:57:
6a:b4:d0:38:5c:1c:08:5f:2b:68:10:d3:ef:d7:07:
ee:97:d3:c8:4a:1d:f6:4d:08:e6:ee:8f:59:e2:a0:
6c:a1:1b:44:eb:1a:d6:ba:a7:00:81:37:57:97:cb:
c2:9d:b4:85:f2:34:29:4e:c7:aa:b1:09:62:26:a0:
f0:b1:e2:f6:91:75:56:b9:2a:77:e0:ea:d2:3e:a8:
88:27:f2:30:f5:ff:dc:5f:ef:a9:79:04:10:d9:ee:
81:b4:5e:35:e8:b0:86:06:c9:ff:c0:8e:4f:00:76:
89:80:41:32:9c:4d:4f:5e:0f:59:8e:9d:9a:c4:d3:
23:04:0a:6d:e8:ef:b7:64:7e:e0:b2:fc:05:6f:db:
9f:c9:bb:eb:7b:e5:60:be:bd:c3:79:2b:9c:d3:11:
6b:d1:21:b5:59:9c:dc:13:ad:3d:f6:b6:4c:9c:81:
bc:07:27:e0:65:99:a0:c3:42:24:ef:cb:e3:e9:3a:
99:3c:45:47:b1:58:09:3d:04:e8:83:a3:e3:f9:6f:
1b:7f:58:55:3b:9e:9c:15:b6:4f:dd:5b:e7:4a:08:
9f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:88:4F:5B:C1:18:E8:88:5D:6E:27:24:4B:83:1A:FA:A8:D6:60:1A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/s4hPW8EY6IhdbickS4Ma-qjWYBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:8d:70:eb:5f:e2:22:54:3c:20:ca:db:a5:39:ac:b9:36:69:
6a:b1:66:88:59:f6:95:47:5b:f0:61:8b:fe:c2:92:f2:c0:63:
4a:4c:39:b8:de:ed:54:2c:e5:e7:30:0e:9c:1e:5d:f0:4e:81:
e0:4f:63:a3:a3:6d:4c:98:75:ed:88:fc:9c:57:0d:a3:9a:7f:
7a:20:61:02:87:b9:9c:54:8b:91:34:e8:a1:a7:fc:0f:de:16:
87:66:00:65:f0:69:cf:06:a9:de:40:b9:7f:bf:79:bd:1b:1c:
6a:99:eb:76:af:0e:a2:4f:7b:9f:c1:c4:a5:38:77:4d:8e:04:
26:b9:c5:8f:62:10:31:f5:6b:cb:ae:2f:c3:1e:cc:e1:4c:1b:
05:ce:e7:fa:de:4f:6c:41:e8:f7:2c:7e:bd:30:62:7a:91:5a:
42:26:3b:d6:80:c2:87:75:5e:2f:d5:81:af:10:7f:7c:92:9f:
da:d0:0a:c0:31:43:13:11:56:c5:0c:65:d9:db:85:56:30:52:
16:e0:6c:0f:08:cb:f3:db:a2:71:60:c7:99:51:66:2b:24:50:
c3:ce:63:7e:99:93:a9:7c:b6:de:7a:7b:e5:ca:d8:3b:da:c7:
96:90:c5:bc:70:9e:5d:b1:02:64:3c:09:10:1f:c4:20:30:85:
5a:42:1b:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVEcz8Uz5qTwT5GNWK4QO1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MTQwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzg4NGY1YmMxMThlODg4NWQ2ZTI3MjQ0YjgzMWFmYWE4ZDY2MDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Z/T61d4bEHmmsQIE/FziBsi6BRl
ciFBkwj7fg0bWucRHfNIwkKa/rjzdVdqtNA4XBwIXytoENPv1wful9PISh32TQjm
7o9Z4qBsoRtE6xrWuqcAgTdXl8vCnbSF8jQpTseqsQliJqDwseL2kXVWuSp34OrS
PqiIJ/Iw9f/cX++peQQQ2e6BtF416LCGBsn/wI5PAHaJgEEynE1PXg9Zjp2axNMj
BApt6O+3ZH7gsvwFb9ufybvre+Vgvr3DeSuc0xFr0SG1WZzcE6099rZMnIG8Byfg
ZZmgw0Ik78vj6TqZPEVHsVgJPQTog6Pj+W8bf1hVO56cFbZP3VvnSgifBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLOIT1vBGOiIXW4nJEuDGvqo1mAaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvczRoUFc4RVk2SWhkYmlja1M0TWEtcWpXWUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHiNcOtf4iJUPCDK26U5
rLk2aWqxZohZ9pVHW/Bhi/7CkvLAY0pMObje7VQs5ecwDpweXfBOgeBPY6OjbUyY
de2I/JxXDaOaf3ogYQKHuZxUi5E06KGn/A/eFodmAGXwac8Gqd5AuX+/eb0bHGqZ
63avDqJPe5/BxKU4d02OBCa5xY9iEDH1a8uuL8MezOFMGwXO5/reT2xB6Pcsfr0w
YnqRWkImO9aAwod1Xi/Vga8Qf3ySn9rQCsAxQxMRVsUMZdnbhVYwUhbgbA8Iy/Pb
onFgx5lRZiskUMPOY36Zk6l8tt56e+XK2Dvax5aQxbxwnl2xAmQ8CRAfxCAwhVpC
G3g=
-----END CERTIFICATE-----
Generated at Sun May 4 04:27:01 2025 by rpki-client