Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zf5utNG0MWDDiNylSPxLS3WHb0.roa
File: 2zf5utNG0MWDDiNylSPxLS3WHb0.roa (raw, json)
Hash identifier: pTSniCSaIb06jpf6fd+y9+WOh7Uke/4toz33iBOtRM0=
Subject key identifier: DB:37:F9:BA:D3:46:D0:C5:83:0E:23:72:95:23:F1:2D:2D:D6:1D:BD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185EBD57634401E4A47433CD0806C234010
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zf5utNG0MWDDiNylSPxLS3WHb0.roa
Signing time: Thu 26 Jan 2023 02:08:33 +0000
ROA not before: Thu 26 Jan 2023 02:08:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:eb:d5:76:34:40:1e:4a:47:43:3c:d0:80:6c:23:40:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 26 02:08:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db37f9bad346d0c5830e23729523f12d2dd61dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c8:4e:67:34:ea:25:eb:64:f9:9b:3f:8a:7f:
dd:cd:e1:b8:39:33:37:5d:3c:f1:39:0c:3a:ca:23:
eb:68:3e:2b:33:88:6e:02:61:6a:10:e1:d6:29:88:
25:71:cd:5a:cd:9c:db:cb:62:7d:1f:4a:9e:b8:b3:
fb:5c:19:0a:a6:72:2e:42:e8:73:59:cc:26:df:0c:
e3:d8:05:ee:6f:ff:49:9a:a6:8e:ea:e8:97:06:1a:
5f:bb:bb:98:06:09:ed:63:34:39:76:63:52:a9:c3:
18:07:bc:73:d7:01:24:f0:72:a9:3f:a6:16:d1:bf:
cb:73:df:b9:24:e6:4c:53:0b:9a:15:fb:93:a8:fa:
76:00:97:b1:29:ce:45:80:82:f1:bd:db:38:17:30:
fd:a4:9c:32:7c:b1:23:ab:25:b0:49:65:85:f4:5e:
56:c2:91:7e:84:ae:63:0c:02:61:65:fe:ec:13:d6:
b0:51:c0:65:88:be:e5:a0:ef:66:24:cf:38:3f:15:
92:6e:6b:18:d2:0a:ed:0f:3a:7c:ac:b5:b6:6d:0b:
08:5e:c8:11:26:65:9d:e3:46:58:63:55:46:c2:34:
12:27:5f:d4:48:52:a0:ff:20:a9:64:ea:be:a0:d1:
b4:bd:e0:18:54:79:62:30:79:02:2b:90:fa:c3:e5:
38:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:37:F9:BA:D3:46:D0:C5:83:0E:23:72:95:23:F1:2D:2D:D6:1D:BD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zf5utNG0MWDDiNylSPxLS3WHb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:34:b1:b5:9d:4f:19:8d:c2:ce:df:80:99:3f:d0:fb:91:05:
82:9d:99:af:b2:69:df:2c:28:fe:11:fa:29:7e:48:28:49:4d:
3e:68:63:4d:9f:8e:13:76:7a:81:ba:d3:04:0a:7a:ce:83:99:
e9:04:99:27:d9:5c:01:14:4b:ee:9d:74:54:4c:60:fd:f1:66:
fe:a8:41:8f:35:f4:b7:6a:98:f4:c0:9b:de:b1:21:94:32:d2:
20:b7:00:44:53:91:4b:72:bc:7e:af:d6:9b:09:16:89:0e:a9:
60:cc:b2:f0:d3:cf:c6:fd:a7:01:dd:ed:54:30:1d:02:00:44:
50:08:ea:a9:c3:6b:05:cb:14:10:5c:22:34:a4:3a:e7:73:fa:
03:85:11:e2:58:26:45:8b:3a:fb:35:f9:a8:df:ed:0e:80:6e:
00:e1:53:0a:70:bb:0f:75:d5:64:e2:03:fc:2b:71:ea:01:8b:
ad:1f:d4:5c:a0:eb:55:aa:96:af:78:dc:ee:60:25:92:30:29:
99:3b:47:3a:88:cb:31:47:50:ee:39:18:69:67:d9:47:cf:8a:
a3:4f:77:49:94:37:35:d2:86:0b:bf:e5:60:7d:d9:c1:ae:1b:
66:2c:85:4c:d7:15:27:a5:0b:17:4c:99:4a:32:ce:97:49:42:
48:fd:9b:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXr1XY0QB5KR0M80IBsI0AQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI2MDIwODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM3ZjliYWQzNDZkMGM1ODMwZTIzNzI5NTIzZjEyZDJkZDYxZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxchOZzTqJetk+Zs/in/dzeG4OTM3
XTzxOQw6yiPraD4rM4huAmFqEOHWKYglcc1azZzby2J9H0qeuLP7XBkKpnIuQuhz
Wcwm3wzj2AXub/9JmqaO6uiXBhpfu7uYBgntYzQ5dmNSqcMYB7xz1wEk8HKpP6YW
0b/Lc9+5JOZMUwuaFfuTqPp2AJexKc5FgILxvds4FzD9pJwyfLEjqyWwSWWF9F5W
wpF+hK5jDAJhZf7sE9awUcBliL7loO9mJM84PxWSbmsY0grtDzp8rLW2bQsIXsgR
JmWd40ZYY1VGwjQSJ1/USFKg/yCpZOq+oNG0veAYVHliMHkCK5D6w+U4cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNs3+brTRtDFgw4jcpUj8S0t1h29MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMnpmNXV0TkcwTVdERGlOeWxTUHhMUzNXSGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKc0sbWdTxmNws7fgJk/
0PuRBYKdma+yad8sKP4R+il+SChJTT5oY02fjhN2eoG60wQKes6DmekEmSfZXAEU
S+6ddFRMYP3xZv6oQY819LdqmPTAm96xIZQy0iC3AERTkUtyvH6v1psJFokOqWDM
svDTz8b9pwHd7VQwHQIARFAI6qnDawXLFBBcIjSkOudz+gOFEeJYJkWLOvs1+ajf
7Q6AbgDhUwpwuw911WTiA/wrceoBi60f1Fyg61Wqlq943O5gJZIwKZk7RzqIyzFH
UO45GGln2UfPiqNPd0mUNzXShgu/5WB92cGuG2YshUzXFSelCxdMmUoyzpdJQkj9
m9g=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:21:34 2025 by rpki-client