Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4qZDjCJkrH6c5vmpNF1mAf_2IGw.roa
File: 4qZDjCJkrH6c5vmpNF1mAf_2IGw.roa (raw, json)
Hash identifier: UYESeC15ZOzqO8WexU9J59idoq9Tz/MVx6yhwkTna3w=
Subject key identifier: E2:A6:43:8C:22:64:AC:7E:9C:E6:F9:A9:34:5D:66:01:FF:F6:20:6C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185E229F1871566A51F3041B9E88F2F3C4E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4qZDjCJkrH6c5vmpNF1mAf_2IGw.roa
Signing time: Tue 24 Jan 2023 05:04:37 +0000
ROA not before: Tue 24 Jan 2023 05:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:e229:ba56/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:29:f1:87:15:66:a5:1f:30:41:b9:e8:8f:2f:3c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 24 05:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2a6438c2264ac7e9ce6f9a9345d6601fff6206c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:c9:2c:7c:96:e4:2a:a5:bc:24:27:6d:64:
f2:b0:cd:3f:68:de:36:a8:19:7f:db:fd:00:ec:79:
b1:4b:bc:45:22:89:e2:e9:f3:41:22:2e:f3:9f:af:
1e:52:57:a9:bb:8a:d7:e8:a7:ec:45:06:66:c8:c5:
02:fb:61:8e:73:d9:ac:11:37:11:02:4f:fa:c0:d0:
a6:7e:c5:59:d8:20:f3:26:5e:6b:25:4d:39:62:41:
75:d7:17:52:ac:06:23:58:cf:6e:fe:ea:89:ea:42:
4b:19:88:35:9c:be:05:72:f6:0f:26:da:9f:1b:85:
bf:19:15:42:53:27:99:7c:c7:e5:23:34:e8:7e:0b:
4d:98:91:57:64:5f:1c:5d:b4:45:fc:bc:1a:8d:ca:
9a:dd:3f:17:c0:6d:3f:d8:cd:0b:9a:37:f7:92:d8:
77:d0:e0:22:8f:64:df:14:28:86:5a:0f:a5:7b:1a:
83:04:cb:3c:e9:81:47:b0:f2:9c:68:ac:34:56:c0:
2a:35:41:11:41:94:2c:99:1b:22:a9:6d:77:07:5c:
a3:51:c6:e1:78:89:de:39:39:32:8e:52:e9:09:bd:
86:11:c9:01:39:61:41:94:8e:4e:fd:e0:8c:56:4a:
4b:db:08:84:df:b2:7e:f8:92:0f:bb:64:4c:b3:36:
7f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A6:43:8C:22:64:AC:7E:9C:E6:F9:A9:34:5D:66:01:FF:F6:20:6C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4qZDjCJkrH6c5vmpNF1mAf_2IGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:d1:0b:d7:a3:8f:0a:08:14:00:cf:39:cd:6a:df:d6:7d:d2:
47:3b:e7:28:ae:30:d4:c1:39:9b:17:60:a5:41:1e:66:15:d7:
0b:86:c8:47:a4:4e:ba:d8:f1:7f:93:bf:ef:44:44:0f:8c:40:
c3:b1:5f:e0:27:8a:b8:d9:d6:1b:88:3e:d0:07:23:af:40:e8:
f8:77:97:d9:e7:a8:4c:63:b5:8d:ef:54:e9:fc:59:03:33:14:
b5:4b:9b:e7:4b:4e:77:47:fe:13:a4:e6:da:2a:57:27:c3:b4:
13:ae:bd:35:d3:34:6d:15:44:fe:f2:e6:9e:8c:1e:15:1e:d1:
89:86:66:60:f0:dd:27:e6:bf:80:31:cb:c9:7e:d5:77:f4:06:
2b:44:4f:01:fe:86:b9:32:f1:ec:8a:cd:0e:9f:15:85:72:9d:
13:7d:41:bb:d8:10:a8:1f:2e:f0:d9:7d:57:f5:3f:62:aa:c0:
5f:48:9c:b4:84:00:8c:51:34:d0:c8:ea:13:3e:dc:fb:b3:c7:
0a:f0:a2:cb:c9:bc:e2:47:e0:19:9b:11:1c:2e:87:75:67:40:
c2:94:91:36:81:f9:92:f6:d4:e8:08:3f:66:1f:a1:c6:fc:54:
14:b6:d2:50:bb:72:3f:24:f7:33:fb:02:c8:7c:10:fc:78:e4:
17:50:bd:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXiKfGHFWalHzBBueiPLzxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI0MDUwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE2NDM4YzIyNjRhYzdlOWNlNmY5YTkzNDVkNjYwMWZmZjYyMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAXJLHyW5CqlvCQnbWTysM0/aN42
qBl/2/0A7HmxS7xFIoni6fNBIi7zn68eUlepu4rX6KfsRQZmyMUC+2GOc9msETcR
Ak/6wNCmfsVZ2CDzJl5rJU05YkF11xdSrAYjWM9u/uqJ6kJLGYg1nL4FcvYPJtqf
G4W/GRVCUyeZfMflIzTofgtNmJFXZF8cXbRF/Lwajcqa3T8XwG0/2M0Lmjf3kth3
0OAij2TfFCiGWg+lexqDBMs86YFHsPKcaKw0VsAqNUERQZQsmRsiqW13B1yjUcbh
eIneOTkyjlLpCb2GEckBOWFBlI5O/eCMVkpL2wiE37J++JIPu2RMszZ/KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOKmQ4wiZKx+nOb5qTRdZgH/9iBsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNHFaRGpDSmtySDZjNXZtcE5GMW1BZl8ySUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEjRC9ejjwoIFADPOc1q
39Z90kc75yiuMNTBOZsXYKVBHmYV1wuGyEekTrrY8X+Tv+9ERA+MQMOxX+AnirjZ
1huIPtAHI69A6Ph3l9nnqExjtY3vVOn8WQMzFLVLm+dLTndH/hOk5toqVyfDtBOu
vTXTNG0VRP7y5p6MHhUe0YmGZmDw3Sfmv4Axy8l+1Xf0BitETwH+hrky8eyKzQ6f
FYVynRN9QbvYEKgfLvDZfVf1P2KqwF9InLSEAIxRNNDI6hM+3PuzxwrwosvJvOJH
4BmbERwuh3VnQMKUkTaB+ZL21OgIP2Yfocb8VBS20lC7cj8k9zP7Ash8EPx45BdQ
vQQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:11:14 2025 by rpki-client