Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/u7iKGiIHBjeqDHsteH56F2r6yzA.roa
File: u7iKGiIHBjeqDHsteH56F2r6yzA.roa (raw, json)
Hash identifier: I4FNo1U1J4BAt/siJAkqba7IrueSdUnkL+GD89aW8zA=
Subject key identifier: BB:B8:8A:1A:22:07:06:37:AA:0C:7B:2D:78:7E:7A:17:6A:FA:CB:30
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 77BD6F11
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/u7iKGiIHBjeqDHsteH56F2r6yzA.roa
Signing time: Sat 02 Apr 2022 09:11:38 +0000
ROA not before: Sat 02 Apr 2022 09:11:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2008903441 (0x77bd6f11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 2 09:11:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbb88a1a22070637aa0c7b2d787e7a176afacb30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:05:6b:30:9c:fb:5b:d3:95:ec:40:a1:eb:4e:
0b:4d:85:4a:78:84:19:59:e4:32:f2:1c:a7:ec:a3:
40:5e:75:f3:19:ad:6f:b5:76:ef:99:4b:87:72:1e:
a9:c1:7f:da:b8:6f:c7:3a:e5:a6:e6:17:80:46:61:
2c:d1:cb:fb:9a:52:71:c8:13:63:3a:75:a9:7b:b3:
b7:02:34:d7:02:f6:2c:10:04:2f:a9:99:96:2e:61:
04:2a:09:a0:68:09:9f:07:dd:6e:78:19:dd:4e:f4:
82:bd:6a:4d:21:fc:a6:26:14:bb:c8:17:0a:3e:a3:
74:a6:f3:9a:6b:be:7a:92:7e:81:8c:e0:5c:41:23:
4d:37:5e:d2:9c:4b:ab:47:07:99:6e:74:e3:c0:0e:
d1:aa:58:b6:09:fa:2a:b5:53:34:7f:29:96:72:86:
97:92:c0:b5:64:1e:2d:86:5b:c1:41:ca:76:2c:7a:
cb:b1:5b:d1:6d:47:1f:af:38:06:df:e2:6e:f1:36:
6d:b2:a5:0c:84:e8:67:88:0d:c7:31:cd:31:a6:2f:
82:a4:74:21:a3:50:b8:52:ca:a8:a3:1f:ae:7d:41:
f4:a2:f9:4d:91:be:c2:98:eb:9d:62:07:b2:26:93:
7d:54:42:f1:7b:92:eb:f1:c0:9e:da:9b:cc:be:d9:
8c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B8:8A:1A:22:07:06:37:AA:0C:7B:2D:78:7E:7A:17:6A:FA:CB:30
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/u7iKGiIHBjeqDHsteH56F2r6yzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:ec:92:a0:c8:bd:f5:94:5e:ba:18:46:0e:50:61:ed:9c:ea:
c2:22:e3:a2:a6:fc:f4:8e:d0:53:ee:27:93:b3:4c:aa:6a:06:
6b:12:d1:9a:bf:79:6b:61:83:1c:b5:b3:b3:27:92:f5:4c:d6:
87:dd:cb:07:12:dc:9d:3a:42:c1:1c:cd:1d:bd:55:c2:d1:95:
0e:62:dd:87:b8:bd:1e:01:63:36:f1:6d:9f:32:bc:87:8b:f4:
7d:e4:ce:c8:5d:32:de:65:3d:64:f1:3e:f9:24:1d:5c:46:11:
39:0c:03:5f:97:bc:7a:25:5a:20:1d:4e:1e:fb:1d:03:f7:4d:
69:57:56:52:96:db:67:4b:d5:67:cd:50:47:6b:97:03:f4:51:
56:6e:7e:27:f0:0a:38:62:73:05:d5:68:c7:d3:4e:19:27:0c:
73:ff:e7:d5:c7:59:84:5b:99:3a:0a:bf:b7:20:5e:ca:ed:f3:
17:f4:b2:fd:2c:ed:46:54:92:8e:7b:b7:bb:84:12:39:24:52:
be:39:45:a9:38:97:fc:28:cc:5c:0b:5f:b2:c9:ff:0e:24:f4:
bc:a3:95:7f:20:fd:e0:23:c3:99:72:29:c8:97:29:34:27:e1:
e5:b8:9d:18:96:59:93:00:e7:dd:dd:25:c8:70:0e:ec:0d:ed:
3a:57:86:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEd71vETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
MjA5MTEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJiODhhMWEyMjA3
MDYzN2FhMGM3YjJkNzg3ZTdhMTc2YWZhY2IzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJcFazCc+1vTlexAoetOC02FSniEGVnkMvIcp+yjQF518xmt
b7V275lLh3IeqcF/2rhvxzrlpuYXgEZhLNHL+5pSccgTYzp1qXuztwI01wL2LBAE
L6mZli5hBCoJoGgJnwfdbngZ3U70gr1qTSH8piYUu8gXCj6jdKbzmmu+epJ+gYzg
XEEjTTde0pxLq0cHmW5048AO0apYtgn6KrVTNH8plnKGl5LAtWQeLYZbwUHKdix6
y7Fb0W1HH684Bt/ibvE2bbKlDIToZ4gNxzHNMaYvgqR0IaNQuFLKqKMfrn1B9KL5
TZG+wpjrnWIHsiaTfVRC8XuS6/HAntqbzL7ZjIcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS7uIoaIgcGN6oMey14fnoXavrLMDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3U3aUtHaUlIQmplcURIc3RlSDU2RjJyNnl6QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQB07JKgyL31lF66GEYOUGHtnOrCIuOipvz0jtBT
7ieTs0yqagZrEtGav3lrYYMctbOzJ5L1TNaH3csHEtydOkLBHM0dvVXC0ZUOYt2H
uL0eAWM28W2fMryHi/R95M7IXTLeZT1k8T75JB1cRhE5DANfl7x6JVogHU4e+x0D
901pV1ZSlttnS9VnzVBHa5cD9FFWbn4n8Ao4YnMF1WjH004ZJwxz/+fVx1mEW5k6
Cr+3IF7K7fMX9LL9LO1GVJKOe7e7hBI5JFK+OUWpOJf8KMxcC1+yyf8OJPS8o5V/
IP3gI8OZcinIlyk0J+HluJ0YllmTAOfd3SXIcA7sDe06V4af
-----END CERTIFICATE-----
Generated at Sat May 3 08:21:05 2025 by rpki-client