Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tSJPQ65Sejz4LoHbS2o0uCXuNGs.roa
File: tSJPQ65Sejz4LoHbS2o0uCXuNGs.roa (raw, json)
Hash identifier: dWjpYCl5XnPSuANz74cH57izftyQ/8i1vNtUI7+JjWc=
Subject key identifier: B5:22:4F:43:AE:52:7A:3C:F8:2E:81:DB:4B:6A:34:B8:25:EE:34:6B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01850306DFC9EE4DB45C2952918E4C953FA6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tSJPQ65Sejz4LoHbS2o0uCXuNGs.roa
Signing time: Sun 11 Dec 2022 21:11:00 +0000
ROA not before: Sun 11 Dec 2022 21:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:03:06:df:c9:ee:4d:b4:5c:29:52:91:8e:4c:95:3f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 11 21:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5224f43ae527a3cf82e81db4b6a34b825ee346b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:de:23:03:9c:eb:7c:a4:3f:df:63:bb:1e:ba:
b3:28:56:90:ad:a7:45:33:43:23:bf:e4:39:b6:f7:
e7:df:3d:d9:26:54:8a:a9:4a:c3:02:23:7e:95:72:
80:31:5b:cf:40:c7:dd:36:2c:cd:16:56:61:7e:52:
84:72:7d:90:35:42:b2:71:f0:9e:3b:b6:76:e8:82:
e6:ce:4f:9f:0b:6d:9b:b8:0c:64:fb:de:b3:e9:42:
72:3a:47:b1:a5:07:b1:10:ae:54:94:64:d9:4c:ff:
88:ad:65:dd:84:3b:6f:b2:60:b2:22:b1:d0:07:e3:
a7:28:66:0b:35:46:b2:51:29:e1:08:81:6e:8a:8e:
4a:d2:67:74:1e:49:5c:22:35:e7:82:89:01:ca:84:
a0:8e:3f:58:f3:e4:38:46:24:93:20:87:bb:0a:c9:
8a:9f:33:69:a5:5a:07:d4:95:45:df:54:42:b0:2b:
3d:19:e4:a2:ef:38:ae:aa:f0:2d:d5:b9:c9:d6:c3:
f4:77:1e:a9:14:e0:a4:29:34:92:48:59:0e:ef:b6:
78:fa:18:46:2d:e8:19:43:9d:81:93:6f:a7:01:41:
af:5f:a3:27:06:71:de:b1:83:c8:01:a1:fc:d9:12:
e0:f1:37:e9:cc:d7:20:05:51:aa:10:95:66:ca:31:
ad:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:22:4F:43:AE:52:7A:3C:F8:2E:81:DB:4B:6A:34:B8:25:EE:34:6B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tSJPQ65Sejz4LoHbS2o0uCXuNGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:4b:da:43:3f:9e:fd:6c:0c:7b:b1:7a:4f:a5:6d:cf:85:11:
3f:3c:dc:df:42:7a:5c:07:c8:97:99:52:b9:87:ae:2e:bc:aa:
1a:c0:5c:e0:7b:cd:7a:9c:79:32:45:8d:88:b0:26:dc:4b:cd:
86:4a:17:f3:2c:61:eb:81:81:34:ac:d6:e4:61:f7:3e:1d:28:
33:bf:8e:af:16:d3:6d:24:b1:81:75:c1:3a:e5:8a:c1:7b:cb:
67:b8:4f:3b:2a:22:98:ac:33:66:94:93:ce:89:1d:f0:83:1f:
b5:7c:12:08:2f:45:ca:29:61:99:82:1a:24:18:15:51:f8:a2:
2c:e9:62:16:e8:6d:e5:6a:ac:40:67:09:b8:d6:3f:68:69:1e:
db:e9:b5:f4:c7:52:1b:80:ac:cd:24:75:ce:a8:0c:3c:4b:12:
88:95:c6:fd:ee:be:3f:79:97:17:3e:57:72:d5:86:7a:f2:3a:
de:50:fb:6e:c7:d4:32:05:62:1a:df:bf:77:1d:22:99:b2:40:
2a:60:a3:02:14:cd:97:99:22:c7:b7:76:c1:42:ba:f5:1c:8e:
45:58:13:9d:40:c2:fa:1a:e3:e5:01:81:6c:24:a8:70:ff:2b:
bb:67:19:01:62:72:2a:b1:f1:a9:db:77:46:28:55:44:16:97:
2b:f3:e0:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUDBt/J7k20XClSkY5MlT+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjExMjExMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTIyNGY0M2FlNTI3YTNjZjgyZTgxZGI0YjZhMzRiODI1ZWUzNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq94jA5zrfKQ/32O7HrqzKFaQradF
M0Mjv+Q5tvfn3z3ZJlSKqUrDAiN+lXKAMVvPQMfdNizNFlZhflKEcn2QNUKycfCe
O7Z26ILmzk+fC22buAxk+96z6UJyOkexpQexEK5UlGTZTP+IrWXdhDtvsmCyIrHQ
B+OnKGYLNUayUSnhCIFuio5K0md0HklcIjXngokByoSgjj9Y8+Q4RiSTIIe7CsmK
nzNppVoH1JVF31RCsCs9GeSi7ziuqvAt1bnJ1sP0dx6pFOCkKTSSSFkO77Z4+hhG
LegZQ52Bk2+nAUGvX6MnBnHesYPIAaH82RLg8TfpzNcgBVGqEJVmyjGt0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLUiT0OuUno8+C6B20tqNLgl7jRrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdFNKUFE2NVNlano0TG9IYlMybzB1Q1h1TkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABlL2kM/nv1sDHuxek+l
bc+FET883N9CelwHyJeZUrmHri68qhrAXOB7zXqceTJFjYiwJtxLzYZKF/MsYeuB
gTSs1uRh9z4dKDO/jq8W020ksYF1wTrlisF7y2e4TzsqIpisM2aUk86JHfCDH7V8
EggvRcopYZmCGiQYFVH4oizpYhbobeVqrEBnCbjWP2hpHtvptfTHUhuArM0kdc6o
DDxLEoiVxv3uvj95lxc+V3LVhnryOt5Q+27H1DIFYhrfv3cdIpmyQCpgowIUzZeZ
Ise3dsFCuvUcjkVYE51Awvoa4+UBgWwkqHD/K7tnGQFiciqx8anbd0YoVUQWlyvz
4IA=
-----END CERTIFICATE-----
Generated at Thu May 1 00:42:04 2025 by rpki-client