Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2-KI9ybdiao6vTCsDtMmnX_xUJ0.roa
File: 2-KI9ybdiao6vTCsDtMmnX_xUJ0.roa (raw, json)
Hash identifier: tvkFsu5if5tah/5H73gKpaAfcF1rrl4eyRfSY/26MYM=
Subject key identifier: DB:E2:88:F7:26:DD:89:AA:3A:BD:30:AC:0E:D3:26:9D:7F:F1:50:9D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 76A793B6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2-KI9ybdiao6vTCsDtMmnX_xUJ0.roa
Signing time: Tue 29 Mar 2022 09:09:37 +0000
ROA not before: Tue 29 Mar 2022 09:09:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1990693814 (0x76a793b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 29 09:09:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbe288f726dd89aa3abd30ac0ed3269d7ff1509d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:aa:16:f7:bd:b2:73:59:47:79:40:50:7e:e8:
22:86:88:86:2b:71:a5:59:f4:89:97:29:e2:fe:f5:
7e:a4:e3:d0:8c:5d:ae:7c:95:1f:f1:bb:64:94:a0:
01:1e:88:28:cf:ab:38:6a:1d:11:28:92:17:c6:6e:
2d:95:bb:2b:e6:27:e1:c0:2c:67:a9:46:66:90:06:
78:87:b4:8c:36:f1:d3:53:19:ba:1e:d9:27:f3:00:
35:8f:4f:15:c2:2d:c7:5c:0f:d6:c5:c2:20:35:23:
f1:c0:cd:9f:60:c3:4a:40:a5:fb:e7:c0:06:ac:0c:
bf:59:73:37:1d:3e:9e:a6:21:9d:9d:f1:d7:dc:e9:
17:5a:05:37:11:67:15:0d:41:be:01:41:30:ed:f8:
c4:5f:33:42:f7:26:90:72:e8:1a:bb:d8:62:36:e3:
1a:02:3e:24:5e:30:cc:68:29:e1:b1:2e:4e:27:94:
32:cc:3c:0c:b7:2e:b6:7c:65:68:dd:a9:de:71:dc:
0b:0b:41:47:8e:30:7c:33:02:53:15:e8:77:5b:03:
b3:2c:ca:8d:d7:77:0a:d8:00:e7:2c:21:78:9b:8e:
13:34:fe:d8:ef:11:00:61:ec:cc:63:c0:01:10:bd:
af:7a:41:dc:24:17:f6:d4:be:68:f7:03:53:9e:54:
c5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E2:88:F7:26:DD:89:AA:3A:BD:30:AC:0E:D3:26:9D:7F:F1:50:9D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2-KI9ybdiao6vTCsDtMmnX_xUJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:92:39:2b:40:dc:96:bc:34:de:30:57:b9:5a:c0:6b:55:da:
07:0a:2d:5c:78:19:12:1a:be:e8:3c:20:47:06:21:fc:4c:ba:
59:6d:dc:48:3f:56:67:d5:ca:51:32:e4:12:0f:8e:b5:2a:92:
0b:ef:1f:dd:4a:17:ac:a8:4b:82:7a:d9:60:e1:56:a8:a9:bd:
bc:0f:5d:a0:b6:c4:fa:cd:8b:e7:19:38:19:01:f9:8a:5f:06:
eb:34:c4:17:99:a5:0d:b7:46:d9:01:28:79:3a:67:d4:be:65:
94:ed:5f:6e:29:89:4e:a7:4e:63:28:f5:43:4a:d7:2f:2b:b8:
94:0c:83:3b:c4:6c:58:7a:ed:44:7a:e5:4c:42:0b:5c:66:75:
ad:47:f5:b7:7c:fc:0a:27:15:d2:a9:17:ee:cb:c3:91:7b:02:
89:9b:3b:4c:09:ea:e3:4b:40:59:25:dd:92:4f:71:ae:ce:c1:
af:60:a8:42:eb:bb:06:57:9a:2b:26:7b:72:4e:4a:0b:ce:e5:
ee:7d:4e:70:04:b0:83:2d:27:73:07:5e:dd:ac:c2:dc:11:49:
af:35:79:8b:02:11:28:e5:9e:f4:d2:90:36:29:01:90:b2:19:
8e:1c:3e:c7:a3:69:bc:19:13:d5:21:f6:54:3e:60:d8:f4:43:
68:71:f1:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdqeTtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMy
OTA5MDkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJlMjg4ZjcyNmRk
ODlhYTNhYmQzMGFjMGVkMzI2OWQ3ZmYxNTA5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqqFve9snNZR3lAUH7oIoaIhitxpVn0iZcp4v71fqTj0Ixd
rnyVH/G7ZJSgAR6IKM+rOGodESiSF8ZuLZW7K+Yn4cAsZ6lGZpAGeIe0jDbx01MZ
uh7ZJ/MANY9PFcItx1wP1sXCIDUj8cDNn2DDSkCl++fABqwMv1lzNx0+nqYhnZ3x
19zpF1oFNxFnFQ1BvgFBMO34xF8zQvcmkHLoGrvYYjbjGgI+JF4wzGgp4bEuTieU
Msw8DLcutnxlaN2p3nHcCwtBR44wfDMCUxXod1sDsyzKjdd3CtgA5ywheJuOEzT+
2O8RAGHszGPAARC9r3pB3CQX9tS+aPcDU55Uxb8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTb4oj3Jt2Jqjq9MKwO0yadf/FQnTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzItS0k5eWJkaWFvNnZUQ3NEdE1tblhfeFVKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBLkjkrQNyWvDTeMFe5WsBrVdoHCi1ceBkSGr7o
PCBHBiH8TLpZbdxIP1Zn1cpRMuQSD461KpIL7x/dShesqEuCetlg4Vaoqb28D12g
tsT6zYvnGTgZAfmKXwbrNMQXmaUNt0bZASh5OmfUvmWU7V9uKYlOp05jKPVDStcv
K7iUDIM7xGxYeu1EeuVMQgtcZnWtR/W3fPwKJxXSqRfuy8ORewKJmztMCerjS0BZ
Jd2ST3GuzsGvYKhC67sGV5orJntyTkoLzuXufU5wBLCDLSdzB17drMLcEUmvNXmL
AhEo5Z700pA2KQGQshmOHD7Ho2m8GRPVIfZUPmDY9ENocfFL
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:46:29 2025 by rpki-client