Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3_2DURoj1jgwzjnvQjDzTi0N-YM.roa
File: 3_2DURoj1jgwzjnvQjDzTi0N-YM.roa (raw, json)
Hash identifier: 6fS/Trq1WVmccUPYD8e/XAGFlEd3h3D6mdXkUroh1yM=
Subject key identifier: DF:FD:83:51:1A:23:D6:38:30:CE:39:EF:42:30:F3:4E:2D:0D:F9:83
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 871E51AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3_2DURoj1jgwzjnvQjDzTi0N-YM.roa
Signing time: Wed 25 May 2022 16:09:13 +0000
ROA not before: Wed 25 May 2022 16:09:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2266911149 (0x871e51ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 25 16:09:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dffd83511a23d63830ce39ef4230f34e2d0df983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:29:01:de:c1:97:71:6a:48:26:61:48:37:f5:
02:5d:31:19:08:ba:01:34:35:f8:f0:ef:63:e1:6a:
c1:5b:bb:46:04:ba:80:ef:29:b7:98:b3:f1:01:94:
0a:4f:a6:21:bd:c5:9f:04:5f:dd:5f:1d:39:73:27:
1e:45:29:c1:c3:bb:b9:10:83:16:3e:64:2e:ec:8f:
99:78:20:99:1c:6e:3d:0d:a8:4a:03:1a:bb:e6:f1:
0b:52:28:6e:9d:38:64:f5:0b:4d:54:e3:8f:34:49:
23:05:fc:8c:ec:b5:e8:fb:26:70:47:e4:17:ad:ee:
b2:76:68:5a:85:bd:d6:3e:68:cc:6b:f0:fd:ea:00:
7e:45:aa:b2:c8:d7:6f:2b:5f:17:37:61:2e:e2:1b:
33:be:6a:ec:83:a6:71:9a:6b:41:bd:40:42:a6:50:
69:29:b9:82:85:d5:c9:54:54:d2:4d:d8:37:da:56:
fa:7b:bc:a7:55:0f:0e:5e:56:fa:b8:1c:e0:05:a1:
5b:9f:ec:dc:9b:da:c1:3d:91:f1:f5:aa:2b:3c:4d:
30:82:43:4b:2d:4e:d8:9a:4b:b7:2f:b3:00:c7:e3:
a9:ac:bc:7b:88:17:db:11:a0:3b:2d:30:15:ed:b9:
51:a0:43:be:59:20:66:b3:69:b4:83:94:aa:25:30:
ee:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FD:83:51:1A:23:D6:38:30:CE:39:EF:42:30:F3:4E:2D:0D:F9:83
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3_2DURoj1jgwzjnvQjDzTi0N-YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:8d:8c:e7:c5:e3:b9:52:c0:96:c7:db:7e:3b:69:99:fb:c5:
03:6e:9e:65:15:11:e1:af:84:17:b5:3a:5c:34:9b:0f:a7:dc:
b0:75:16:8f:86:ec:ff:c3:1c:3d:57:78:74:c1:17:17:96:1d:
2a:90:c5:90:de:40:6a:59:55:ba:4b:7a:dd:4c:1b:cb:a9:bb:
70:f9:48:e4:e1:fc:24:a1:ee:44:99:67:12:31:06:b3:9b:ed:
ef:68:ed:7f:ae:07:0a:2f:14:f4:df:9b:13:26:83:3e:e5:23:
86:54:a4:66:a5:76:d2:4e:43:bd:1f:18:6c:20:c9:5a:c7:3c:
ee:65:74:86:47:39:8c:2d:b2:46:3e:96:87:1b:f5:3a:96:21:
e3:79:7a:f5:93:00:e8:1f:b0:ae:dd:40:b7:58:9f:7c:4f:f2:
96:ac:79:69:c8:4d:10:ed:30:a3:6c:ca:23:5c:f1:29:4a:a5:
9d:a3:37:db:c2:34:d1:78:71:75:57:fd:4b:85:5a:a9:32:fb:
b6:6b:2a:f4:f4:5d:c0:ed:16:4b:9e:cb:81:47:98:c0:8b:34:
52:59:99:21:af:06:7f:c1:46:07:75:79:71:3b:05:96:de:85:
f6:64:df:4b:f4:44:97:0e:85:2b:92:28:db:db:0e:22:46:b6:
c5:e5:ee:01
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIceUa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjUxNjA5MTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGRmZmQ4MzUxMWEy
M2Q2MzgzMGNlMzllZjQyMzBmMzRlMmQwZGY5ODMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4KQHewZdxakgmYUg39QJdMRkIugE0Nfjw72PhasFbu0YE
uoDvKbeYs/EBlApPpiG9xZ8EX91fHTlzJx5FKcHDu7kQgxY+ZC7sj5l4IJkcbj0N
qEoDGrvm8QtSKG6dOGT1C01U4480SSMF/Izstej7JnBH5Bet7rJ2aFqFvdY+aMxr
8P3qAH5FqrLI128rXxc3YS7iGzO+auyDpnGaa0G9QEKmUGkpuYKF1clUVNJN2Dfa
Vvp7vKdVDw5eVvq4HOAFoVuf7Nyb2sE9kfH1qis8TTCCQ0stTtiaS7cvswDH46ms
vHuIF9sRoDstMBXtuVGgQ75ZIGazabSDlKolMO7fAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU3/2DURoj1jgwzjnvQjDzTi0N+YMwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS8zXzJEVVJvajFqZ3d6am52UWpEelRpME4tWU0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAL42M58XjuVLAlsfbfjtpmfvFA26eZRUR4a+E
F7U6XDSbD6fcsHUWj4bs/8McPVd4dMEXF5YdKpDFkN5AallVukt63Uwby6m7cPlI
5OH8JKHuRJlnEjEGs5vt72jtf64HCi8U9N+bEyaDPuUjhlSkZqV20k5DvR8YbCDJ
Wsc87mV0hkc5jC2yRj6Whxv1OpYh43l69ZMA6B+wrt1At1iffE/ylqx5achNEO0w
o2zKI1zxKUqlnaM328I00XhxdVf9S4VaqTL7tmsq9PRdwO0WS57LgUeYwIs0UlmZ
Ia8Gf8FGB3V5cTsFlt6F9mTfS/RElw6FK5Io29sOIka2xeXuAQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 16:42:49 2025 by rpki-client