Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sPIjJy7G-GKTgt7atDPCAdNKAtM.roa
File: sPIjJy7G-GKTgt7atDPCAdNKAtM.roa (raw, json)
Hash identifier: KkRSzbVyFF+oJ6psAXRYOIhvhEK9I9gzWN39VlIi5GU=
Subject key identifier: B0:F2:23:27:2E:C6:F8:62:93:82:DE:DA:B4:33:C2:01:D3:4A:02:D3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D32773AA0EDCCE7FD6C7381C7FE3F12A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sPIjJy7G-GKTgt7atDPCAdNKAtM.roa
Signing time: Fri 02 Dec 2022 14:04:48 +0000
ROA not before: Fri 02 Dec 2022 14:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:d327:4ad3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:27:73:aa:0e:dc:ce:7f:d6:c7:38:1c:7f:e3:f1:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 2 14:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0f223272ec6f8629382dedab433c201d34a02d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bf:54:a5:9c:0d:14:ed:fb:9f:07:12:a6:2b:
c2:ba:0f:3b:a9:23:b8:8c:e1:ad:5f:93:06:1f:7c:
b3:e5:65:2a:94:f4:d3:90:45:90:01:43:91:03:21:
41:15:23:51:a5:52:84:5b:93:be:c3:95:26:76:c0:
87:a0:5d:a3:5f:82:7f:53:cf:65:f7:0f:47:fc:82:
81:8f:ec:5c:7f:1a:df:11:98:c7:55:f1:68:eb:f5:
8d:65:1e:98:24:ab:d3:8a:63:66:f2:97:28:3c:7c:
5f:49:04:c8:a2:58:36:14:22:57:b0:18:dd:e4:a5:
bd:b8:6d:bf:cb:cc:9b:c7:aa:07:33:82:b3:84:f7:
c5:df:34:ee:e4:a3:c3:7c:94:46:b8:72:57:3e:67:
33:a8:71:ea:73:cc:0d:29:15:33:6f:48:a7:dd:f0:
c5:6d:8c:c9:0f:77:5f:f5:19:e2:3d:c9:ab:8a:1a:
83:5c:12:f0:35:8e:7d:ed:a2:ac:63:f9:a9:f3:de:
91:e7:f0:1e:a8:12:47:db:0a:25:48:19:1e:e3:bf:
04:3c:b4:62:31:47:5f:14:e9:59:be:b3:48:82:f1:
af:cd:d0:b2:d1:a5:8a:e8:8c:88:a8:2a:f6:dd:26:
9a:c0:a6:74:fc:c4:c3:ec:35:70:ad:d0:7d:cf:54:
d3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F2:23:27:2E:C6:F8:62:93:82:DE:DA:B4:33:C2:01:D3:4A:02:D3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sPIjJy7G-GKTgt7atDPCAdNKAtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:db:be:e2:79:6d:09:0e:41:bd:ad:f2:83:04:13:98:81:72:
80:40:25:b8:14:75:f2:3d:77:9c:cb:72:61:bf:f8:b2:42:63:
60:83:3a:22:97:2f:36:c6:08:06:0e:27:a5:59:40:89:45:98:
6b:57:dc:54:1c:6a:93:83:de:e7:41:52:f8:25:c2:03:0a:12:
ec:80:69:ab:13:99:9b:0e:de:20:8e:c3:9b:41:ac:f4:b1:35:
7e:64:b6:46:6f:36:57:87:d7:16:0a:0d:ab:b3:94:37:04:4b:
88:8f:18:6d:9d:0e:01:37:f6:3f:1a:00:bb:46:cc:dc:46:ed:
d9:c7:eb:ca:3a:56:72:f0:1e:f7:48:f2:62:f1:0d:72:ff:72:
74:e8:d7:8f:cc:39:d4:d7:d4:ef:49:64:ea:45:33:dc:ec:4f:
42:fa:b2:c2:90:20:ab:42:2c:98:60:0a:aa:b3:f3:d4:95:df:
82:56:fc:e8:ae:3c:64:54:c4:15:d6:bd:f9:08:6f:86:c4:ac:
13:7a:64:c6:c5:34:38:55:f6:af:34:ae:f8:c2:8e:64:a1:a7:
16:b8:af:9f:80:5d:05:ba:05:02:81:d5:86:86:ff:2c:71:dd:
78:a1:6d:d6:7c:13:90:4a:d3:f2:38:be:41:0f:51:e9:f9:14:
ca:8b:d0:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTTJ3OqDtzOf9bHOBx/4/EqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAyMTQwNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGYyMjMyNzJlYzZmODYyOTM4MmRlZGFiNDMzYzIwMWQzNGEwMmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb9UpZwNFO37nwcSpivCug87qSO4
jOGtX5MGH3yz5WUqlPTTkEWQAUORAyFBFSNRpVKEW5O+w5UmdsCHoF2jX4J/U89l
9w9H/IKBj+xcfxrfEZjHVfFo6/WNZR6YJKvTimNm8pcoPHxfSQTIolg2FCJXsBjd
5KW9uG2/y8ybx6oHM4KzhPfF3zTu5KPDfJRGuHJXPmczqHHqc8wNKRUzb0in3fDF
bYzJD3df9RniPcmrihqDXBLwNY597aKsY/mp896R5/AeqBJH2wolSBke478EPLRi
MUdfFOlZvrNIgvGvzdCy0aWK6IyIqCr23SaawKZ0/MTD7DVwrdB9z1TTaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLDyIycuxvhik4Le2rQzwgHTSgLTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc1BJakp5N0ctR0tUZ3Q3YXREUENBZE5LQXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJnbvuJ5bQkOQb2t8oME
E5iBcoBAJbgUdfI9d5zLcmG/+LJCY2CDOiKXLzbGCAYOJ6VZQIlFmGtX3FQcapOD
3udBUvglwgMKEuyAaasTmZsO3iCOw5tBrPSxNX5ktkZvNleH1xYKDauzlDcES4iP
GG2dDgE39j8aALtGzNxG7dnH68o6VnLwHvdI8mLxDXL/cnTo14/MOdTX1O9JZOpF
M9zsT0L6ssKQIKtCLJhgCqqz89SV34JW/OiuPGRUxBXWvfkIb4bErBN6ZMbFNDhV
9q80rvjCjmShpxa4r5+AXQW6BQKB1YaG/yxx3XihbdZ8E5BK0/I4vkEPUen5FMqL
0CY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:06 2025 by rpki-client