Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1gIdJ9wU4uKbLW96biJQVIwmlYE.roa
File: 1gIdJ9wU4uKbLW96biJQVIwmlYE.roa (raw, json)
Hash identifier: VECVi1N/MDEWjdger0ZfoEB+DpBEcEzkV79onw0Rn0I=
Subject key identifier: D6:02:1D:27:DC:14:E2:E2:9B:2D:6F:7A:6E:22:50:54:8C:26:95:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018627EBCB0E0F4F848DAA7B37CF50F32E90
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1gIdJ9wU4uKbLW96biJQVIwmlYE.roa
Signing time: Mon 06 Feb 2023 18:10:09 +0000
ROA not before: Mon 06 Feb 2023 18:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:27:eb:cb:0e:0f:4f:84:8d:aa:7b:37:cf:50:f3:2e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 6 18:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6021d27dc14e2e29b2d6f7a6e2250548c269581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:02:22:34:3a:01:3f:b1:60:10:c6:84:31:
2d:ae:b2:8e:e5:91:8e:15:3d:2c:81:a0:35:f8:f9:
81:bc:44:4d:a9:a3:1d:bd:10:d9:71:36:66:af:a4:
d4:55:4c:29:25:c1:c5:17:ff:73:7a:05:ac:c1:0c:
c7:9d:00:c8:3a:39:b3:dd:9d:20:61:7b:d8:ee:ae:
2b:53:3c:fe:82:25:4c:f5:a2:d7:6b:b2:7f:6f:9d:
05:04:6f:22:83:88:78:6d:99:43:da:57:31:3e:bf:
38:eb:e6:67:16:3e:9c:a7:65:37:df:95:b8:e8:19:
7a:4c:4b:d2:9c:0b:47:b1:47:10:88:e2:2c:e9:6e:
fa:fb:9c:5a:01:8a:55:44:ae:35:94:40:9b:29:56:
6e:04:ca:a8:1e:1a:9d:eb:7e:53:95:e2:86:1f:bf:
b4:24:a7:60:c2:56:22:b3:f4:35:0d:6c:76:63:aa:
6c:4f:29:a5:10:f2:c6:19:b6:d1:59:22:de:aa:68:
3e:20:57:5b:9e:2f:b6:6c:ed:ef:18:45:03:b9:81:
96:3a:5c:b5:fb:22:c1:16:23:92:ce:26:2a:cc:6e:
07:86:5d:2e:92:b4:cb:34:3b:65:b7:c3:31:d8:a4:
7e:41:9e:40:2d:a8:e2:55:dc:a0:7e:24:27:f3:5b:
86:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:02:1D:27:DC:14:E2:E2:9B:2D:6F:7A:6E:22:50:54:8C:26:95:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1gIdJ9wU4uKbLW96biJQVIwmlYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:f2:62:c9:c8:c5:0a:4c:e3:0c:63:ce:2d:84:69:aa:fc:25:
0a:2c:12:db:31:ec:35:59:97:2e:0c:41:09:7f:86:95:a1:31:
2c:02:2a:fb:80:fc:f3:af:46:85:71:50:a5:a3:2a:15:87:02:
60:2a:3c:2e:19:61:2f:51:a7:30:15:e8:45:3c:b8:ee:d0:0d:
08:b4:96:2b:c4:4f:30:45:ff:9a:97:61:82:88:d8:20:f2:97:
dd:53:60:07:21:4b:a5:a2:0b:91:ac:36:06:24:4a:6d:c4:cb:
d8:a8:b7:6d:95:ca:15:7c:a5:3e:48:73:c5:e7:12:b0:b5:58:
d4:90:a8:da:1c:dc:2a:d9:bd:ea:df:62:c5:28:eb:61:62:06:
71:59:2c:7e:25:4a:c4:f8:2b:2d:3a:73:f4:75:78:93:27:aa:
12:73:1f:2c:42:73:eb:f6:b5:ca:a3:27:19:e7:d3:b9:6d:aa:
fa:bb:e5:6f:9e:80:aa:58:eb:b8:49:fb:ee:c4:3d:8d:d7:bd:
7d:6f:80:82:61:db:7d:73:84:49:a4:38:fa:21:8d:4f:7f:25:
21:e2:ed:2c:27:6a:6b:d0:ae:74:10:55:e2:5c:27:81:6d:62:
c9:7e:31:9a:44:61:97:79:7b:d8:5b:af:a0:4b:d2:9a:37:68:
84:76:3f:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYn68sOD0+Ejap7N89Q8y6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA2MTgxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjAyMWQyN2RjMTRlMmUyOWIyZDZmN2E2ZTIyNTA1NDhjMjY5NTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgwCIjQ6AT+xYBDGhDEtrrKO5ZGO
FT0sgaA1+PmBvERNqaMdvRDZcTZmr6TUVUwpJcHFF/9zegWswQzHnQDIOjmz3Z0g
YXvY7q4rUzz+giVM9aLXa7J/b50FBG8ig4h4bZlD2lcxPr846+ZnFj6cp2U335W4
6Bl6TEvSnAtHsUcQiOIs6W76+5xaAYpVRK41lECbKVZuBMqoHhqd635TleKGH7+0
JKdgwlYis/Q1DWx2Y6psTymlEPLGGbbRWSLeqmg+IFdbni+2bO3vGEUDuYGWOly1
+yLBFiOSziYqzG4Hhl0ukrTLNDtlt8Mx2KR+QZ5ALajiVdygfiQn81uG1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYCHSfcFOLimy1vem4iUFSMJpWBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMWdJZEo5d1U0dUtiTFc5NmJpSlFWSXdtbFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKfyYsnIxQpM4wxjzi2E
aar8JQosEtsx7DVZly4MQQl/hpWhMSwCKvuA/POvRoVxUKWjKhWHAmAqPC4ZYS9R
pzAV6EU8uO7QDQi0livETzBF/5qXYYKI2CDyl91TYAchS6WiC5GsNgYkSm3Ey9io
t22VyhV8pT5Ic8XnErC1WNSQqNoc3CrZverfYsUo62FiBnFZLH4lSsT4Ky06c/R1
eJMnqhJzHyxCc+v2tcqjJxnn07ltqvq75W+egKpY67hJ++7EPY3XvX1vgIJh231z
hEmkOPohjU9/JSHi7SwnamvQrnQQVeJcJ4FtYsl+MZpEYZd5e9hbr6BL0po3aIR2
PxE=
-----END CERTIFICATE-----
Generated at Mon Jun 9 05:25:43 2025 by rpki-client