Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/u27qjAJ3zDa4elxPtxrv7C6ZRqQ.roa
File: u27qjAJ3zDa4elxPtxrv7C6ZRqQ.roa (raw, json)
Hash identifier: q6Un89CaSBOZ9WZZSuL2TOnl3fURzT39uzc7izeAqig=
Subject key identifier: BB:6E:EA:8C:02:77:CC:36:B8:7A:5C:4F:B7:1A:EF:EC:2E:99:46:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01830722C4E3594457D959CF4EC6B7D76428
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/u27qjAJ3zDa4elxPtxrv7C6ZRqQ.roa
Signing time: Sun 04 Sep 2022 06:14:22 +0000
ROA not before: Sun 04 Sep 2022 06:14:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:07:22:c4:e3:59:44:57:d9:59:cf:4e:c6:b7:d7:64:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 4 06:14:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb6eea8c0277cc36b87a5c4fb71aefec2e9946a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b6:0a:60:bf:38:97:83:68:72:4e:53:6f:2c:
d8:6a:ff:35:43:4d:93:ab:80:d3:5f:c0:d5:e5:45:
7f:d0:05:51:0f:b7:52:a8:f9:dd:49:5e:2a:3d:26:
9e:7f:c1:38:4c:af:f2:a1:42:ff:65:54:88:66:c6:
9f:34:fb:b9:84:75:5b:26:92:e3:c6:97:9b:01:db:
32:b7:77:6a:31:0c:9d:9c:ae:4f:32:d9:6d:e8:82:
7d:8d:77:3e:f2:7c:cd:d8:50:9f:6e:b0:a5:31:1d:
67:3b:ad:11:bd:eb:80:78:18:b2:4f:9f:67:82:ff:
0d:ea:c2:03:64:4d:2a:fc:91:36:40:ac:be:a3:f8:
cb:bd:5c:04:fc:3e:14:d1:d6:15:03:7a:c6:03:35:
06:13:ed:f0:4a:9c:38:41:84:2f:66:20:4c:5a:b3:
ed:ac:2b:a5:97:9a:16:50:8d:f1:28:5b:7d:7c:f7:
b3:f1:22:b5:42:5d:48:c9:a6:1a:a2:a3:47:d9:36:
8c:3f:23:69:17:a1:5e:e3:f3:e3:77:46:00:ac:d4:
64:64:d3:12:12:5a:28:02:f9:e1:51:cc:db:54:b0:
2f:7b:41:6d:ae:47:50:78:72:23:fc:02:6f:70:a8:
d8:30:eb:59:3c:c0:be:6d:11:7a:74:e6:40:de:ea:
1b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:6E:EA:8C:02:77:CC:36:B8:7A:5C:4F:B7:1A:EF:EC:2E:99:46:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/u27qjAJ3zDa4elxPtxrv7C6ZRqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:1b:9c:de:ed:62:06:d0:c1:4b:a1:4b:71:cb:5f:fc:4e:26:
06:d3:ae:c7:cb:b7:9a:b0:4d:80:52:3c:2b:cc:84:a2:29:4b:
bb:c7:e5:82:07:cc:d5:4a:03:6f:19:4c:2f:6d:dc:83:7d:ce:
33:2f:cf:75:42:ca:bb:c6:ff:2f:ec:0d:da:6b:82:65:62:22:
1e:c9:3a:8e:61:7d:22:ed:9a:3a:fa:f3:c1:41:e4:1f:c6:22:
d6:b6:ff:38:98:f2:18:b8:2a:9b:07:c8:5e:6d:1b:ad:3f:8c:
32:6f:73:42:5c:20:a3:06:d2:6b:a6:ea:70:c9:d0:cf:bf:98:
6f:12:ed:e0:ca:4e:ac:ee:13:11:c0:17:c5:e0:d6:cd:ed:ca:
a1:58:fe:42:ec:0b:e8:5a:95:c8:93:c2:0f:36:79:b3:9e:33:
a9:27:28:26:54:bf:f7:c5:b6:ba:3f:b2:b5:26:e0:71:27:4b:
f2:3d:25:9b:0c:9b:46:99:44:73:8b:d0:ff:af:a6:12:01:ab:
c6:36:c2:c9:f4:72:27:c2:4f:6e:a8:ca:9c:8a:d4:fe:57:ed:
b3:89:c6:5a:bd:b6:de:4c:fd:ea:cf:4c:6a:59:f1:f6:e2:c7:
25:ec:bf:91:63:3e:b4:97:af:53:ad:46:38:9c:f1:58:e7:aa:
50:3a:3d:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMHIsTjWURX2VnPTsa312QoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA0MDYxNDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjZlZWE4YzAyNzdjYzM2Yjg3YTVjNGZiNzFhZWZlYzJlOTk0NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLYKYL84l4Nock5TbyzYav81Q02T
q4DTX8DV5UV/0AVRD7dSqPndSV4qPSaef8E4TK/yoUL/ZVSIZsafNPu5hHVbJpLj
xpebAdsyt3dqMQydnK5PMtlt6IJ9jXc+8nzN2FCfbrClMR1nO60RveuAeBiyT59n
gv8N6sIDZE0q/JE2QKy+o/jLvVwE/D4U0dYVA3rGAzUGE+3wSpw4QYQvZiBMWrPt
rCull5oWUI3xKFt9fPez8SK1Ql1IyaYaoqNH2TaMPyNpF6Fe4/Pjd0YArNRkZNMS
ElooAvnhUczbVLAve0FtrkdQeHIj/AJvcKjYMOtZPMC+bRF6dOZA3uobbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLtu6owCd8w2uHpcT7ca7+wumUakMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdTI3cWpBSjN6RGE0ZWx4UHR4cnY3QzZaUnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAIbnN7tYgbQwUuhS3HL
X/xOJgbTrsfLt5qwTYBSPCvMhKIpS7vH5YIHzNVKA28ZTC9t3IN9zjMvz3VCyrvG
/y/sDdprgmViIh7JOo5hfSLtmjr688FB5B/GIta2/ziY8hi4KpsHyF5tG60/jDJv
c0JcIKMG0mum6nDJ0M+/mG8S7eDKTqzuExHAF8Xg1s3tyqFY/kLsC+halciTwg82
ebOeM6knKCZUv/fFtro/srUm4HEnS/I9JZsMm0aZRHOL0P+vphIBq8Y2wsn0cifC
T26oypyK1P5X7bOJxlq9tt5M/erPTGpZ8fbixyXsv5FjPrSXr1OtRjic8VjnqlA6
Pag=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:33 2025 by rpki-client