Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AISKSP7CcVygLkg69XCgaAj0QGY.roa
File: AISKSP7CcVygLkg69XCgaAj0QGY.roa (raw, json)
Hash identifier: Nd8oDSocIjXHT3J78bYPW/gBbKzDI+3QxOT43vqLGAE=
Subject key identifier: 00:84:8A:48:FE:C2:71:5C:A0:2E:48:3A:F5:70:A0:68:08:F4:40:66
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8B3646DC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AISKSP7CcVygLkg69XCgaAj0QGY.roa
Signing time: Thu 09 Jun 2022 06:08:02 +0000
ROA not before: Thu 09 Jun 2022 06:08:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2335590108 (0x8b3646dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 9 06:08:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00848a48fec2715ca02e483af570a06808f44066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:37:9f:65:90:db:46:0a:05:32:3e:de:60:bb:
5d:ea:e7:44:32:00:06:24:e6:3f:80:49:f5:17:5b:
17:ab:4b:7c:85:70:b5:69:cf:71:f7:4d:18:12:02:
2a:13:69:69:ea:d7:66:4b:ab:f5:e7:62:91:db:9e:
c9:73:b8:e4:c2:10:c8:50:45:01:27:90:96:5c:37:
a6:70:78:09:de:cf:fb:58:6b:e6:8f:20:dc:a2:7c:
b1:a7:c1:7a:31:8b:1e:c2:3f:3d:37:08:1e:af:92:
b5:e8:d6:16:ba:ef:41:45:b9:5e:7a:51:bf:1d:df:
5d:82:40:49:dd:51:14:70:99:28:5a:43:89:0d:4e:
21:bd:50:f2:7f:d3:ac:a8:8e:50:4d:8d:05:37:e3:
d5:c3:d4:35:d7:06:d9:32:68:ba:19:b4:f9:21:b9:
c6:1b:1a:ca:cd:56:b2:c4:09:bf:88:2f:0f:20:1f:
7f:70:bc:4c:94:4c:91:cc:f8:b1:ee:69:d1:34:19:
1b:90:e2:fe:2b:c0:f0:db:97:c9:33:fa:d0:85:a2:
6e:ef:83:56:e5:ac:7c:54:6b:fd:0d:4f:d1:3d:16:
dc:89:72:20:da:db:c2:d1:a2:81:cd:73:58:dc:ee:
bf:a1:eb:bc:07:9b:68:b5:28:75:73:12:1a:5a:62:
fd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:84:8A:48:FE:C2:71:5C:A0:2E:48:3A:F5:70:A0:68:08:F4:40:66
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AISKSP7CcVygLkg69XCgaAj0QGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:8f:b7:78:8f:2f:56:e9:12:a6:19:e9:ac:a2:77:a2:60:14:
00:de:15:8b:eb:2a:76:4f:62:d2:8c:60:47:63:32:f8:bb:db:
f7:61:4d:12:51:f2:38:60:a7:68:45:51:ac:0f:e5:ad:76:6d:
d5:22:90:87:c5:36:d1:57:2c:c8:63:44:2e:f4:c9:8c:7e:e9:
1b:b8:5a:4b:e6:bb:1a:65:70:e6:ff:a8:38:52:99:6c:e8:67:
99:98:d2:60:10:db:a0:d7:92:2c:99:87:a9:05:f1:3e:f0:a4:
f3:1c:99:3b:9e:2d:10:a8:c4:21:bb:ce:da:a1:a3:58:42:4c:
d6:02:ff:38:71:61:36:e7:6d:c5:80:2d:fc:af:a8:38:4e:74:
13:05:ec:af:fe:11:7b:2f:01:5e:7c:df:a2:f1:16:5a:60:f8:
38:85:aa:07:65:67:a9:cc:38:79:a8:a9:6f:6b:af:f0:cc:65:
3e:14:40:64:1c:1b:50:be:6b:9f:c7:f5:29:85:86:a0:c0:7b:
ae:7c:46:04:ab:92:1d:68:1c:e1:17:f8:d1:3d:2b:cc:4b:77:
c9:ea:ab:8a:76:f8:fd:74:65:d2:74:6f:4d:fb:17:e0:19:8a:
cc:0e:a8:64:84:53:3e:ae:6c:5c:59:14:bf:c4:5c:4d:ff:1a:
c3:7d:14:30
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIs2RtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDkwNjA4MDJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDAwODQ4YTQ4ZmVj
MjcxNWNhMDJlNDgzYWY1NzBhMDY4MDhmNDQwNjYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1N59lkNtGCgUyPt5gu13q50QyAAYk5j+ASfUXWxerS3yF
cLVpz3H3TRgSAioTaWnq12ZLq/XnYpHbnslzuOTCEMhQRQEnkJZcN6ZweAnez/tY
a+aPINyifLGnwXoxix7CPz03CB6vkrXo1ha670FFuV56Ub8d312CQEndURRwmSha
Q4kNTiG9UPJ/06yojlBNjQU349XD1DXXBtkyaLoZtPkhucYbGsrNVrLECb+ILw8g
H39wvEyUTJHM+LHuadE0GRuQ4v4rwPDbl8kz+tCFom7vg1blrHxUa/0NT9E9FtyJ
ciDa28LRooHNc1jc7r+h67wHm2i1KHVzEhpaYv2fAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUAISKSP7CcVygLkg69XCgaAj0QGYwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9BSVNLU1A3Q2NWeWdMa2c2OVhDZ2FBajBRR1kucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAS4+3eI8vVukSphnprKJ3omAUAN4Vi+sqdk9i
0oxgR2My+Lvb92FNElHyOGCnaEVRrA/lrXZt1SKQh8U20VcsyGNELvTJjH7pG7ha
S+a7GmVw5v+oOFKZbOhnmZjSYBDboNeSLJmHqQXxPvCk8xyZO54tEKjEIbvO2qGj
WEJM1gL/OHFhNudtxYAt/K+oOE50EwXsr/4Rey8BXnzfovEWWmD4OIWqB2Vnqcw4
eaipb2uv8MxlPhRAZBwbUL5rn8f1KYWGoMB7rnxGBKuSHWgc4Rf40T0rzEt3yeqr
inb4/XRl0nRvTfsX4BmKzA6oZIRTPq5sXFkUv8RcTf8aw30UMA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:48:19 2025 by rpki-client