Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DrkNQXlyUPtu9jm-KRwXxxpE_sQ.roa
File: DrkNQXlyUPtu9jm-KRwXxxpE_sQ.roa (raw, json)
Hash identifier: eoLP6JRcA+my3m6BVwvORxpL/k8k0ZlLL7Je+B35tD8=
Subject key identifier: 0E:B9:0D:41:79:72:50:FB:6E:F6:39:BE:29:1C:17:C7:1A:44:FE:C4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6C8CE759
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DrkNQXlyUPtu9jm-KRwXxxpE_sQ.roa
Signing time: Mon 21 Feb 2022 17:20:13 +0000
ROA not before: Mon 21 Feb 2022 17:20:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1821173593 (0x6c8ce759)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 17:20:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0eb90d41797250fb6ef639be291c17c71a44fec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9e:b0:45:91:82:ef:5c:1f:a6:6b:5b:92:24:
46:a5:d2:6a:51:0c:0f:75:6a:9f:2e:4c:0c:24:f1:
ec:7b:a7:3b:e6:00:a0:95:d3:9b:35:73:88:37:13:
8c:ae:b6:9a:49:2f:5e:c6:59:48:b9:bb:d7:25:d1:
9c:7f:a4:54:8d:0d:40:82:49:9d:78:33:c1:00:5e:
17:ed:0d:97:be:e4:5d:8a:ce:53:16:89:0a:49:a8:
e8:3c:63:b0:3e:06:9a:07:85:2f:50:97:0e:2a:f6:
73:1f:2d:27:09:12:04:ea:3e:38:f4:2e:69:f8:e6:
2d:d7:d4:22:9b:ad:d9:89:a3:d4:63:59:f8:ef:91:
72:ff:30:a4:64:60:e2:cb:03:b4:59:d9:b4:48:3b:
69:4d:28:ed:77:13:4b:b6:36:1a:42:b3:1b:b3:f5:
74:1b:8f:31:dd:e4:da:d0:d8:e2:dc:22:cb:ee:50:
4f:e9:54:2e:c9:e7:f7:b9:65:bd:62:4a:21:1b:c7:
dd:10:3d:07:ad:0a:4f:ff:c4:40:68:2b:e9:f0:87:
12:31:b2:a4:8e:d5:88:2d:7a:9c:b4:db:1d:75:5e:
39:67:be:4c:de:97:fb:98:14:6e:00:08:0d:fa:8e:
c2:36:56:fc:4f:f2:ea:81:64:f2:d2:bb:98:5a:02:
07:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B9:0D:41:79:72:50:FB:6E:F6:39:BE:29:1C:17:C7:1A:44:FE:C4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DrkNQXlyUPtu9jm-KRwXxxpE_sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:f7:8e:5d:57:19:00:e1:72:f0:39:f8:3a:51:58:c7:61:68:
54:b8:b8:5d:f9:43:ec:1d:f6:2c:e5:23:d2:7e:ca:04:5a:f7:
4c:79:06:e3:24:16:df:60:79:7c:9c:bd:0c:a2:d8:a7:bf:24:
78:c4:13:f7:47:b4:5d:9d:39:7f:d8:18:22:df:dd:00:d5:e5:
48:a4:54:9e:71:22:47:20:1b:8b:60:97:f5:c6:6e:b0:09:c0:
a6:76:c0:31:77:79:90:51:12:9a:59:95:8e:e7:dc:57:cb:05:
ed:23:85:c8:f1:0d:08:6d:57:1d:af:6c:5e:d9:fa:22:ef:44:
57:5e:8d:07:02:03:6a:55:17:6e:0b:56:80:c1:23:4d:3a:4c:
19:dc:bf:f8:60:c3:65:ee:6e:ae:be:a5:50:ca:de:3d:f8:4b:
28:87:d6:48:e8:c7:5f:54:fa:f9:c9:2d:4f:78:bc:10:34:b8:
0b:c8:ae:dd:96:9a:b3:9b:e6:be:03:e8:a9:72:2c:a8:63:be:
7d:4a:48:99:5f:f4:ae:e8:01:30:08:21:09:48:c1:ca:b8:ee:
3d:4a:df:a2:85:67:c1:8e:a9:e3:0c:a1:05:42:86:4d:a3:b4:
02:f4:bc:ca:24:a6:5a:b5:3b:20:a7:ee:29:7d:bf:de:96:96:
8f:9c:29:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbIznWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIy
MTE3MjAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGViOTBkNDE3OTcy
NTBmYjZlZjYzOWJlMjkxYzE3YzcxYTQ0ZmVjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWesEWRgu9cH6ZrW5IkRqXSalEMD3Vqny5MDCTx7HunO+YA
oJXTmzVziDcTjK62mkkvXsZZSLm71yXRnH+kVI0NQIJJnXgzwQBeF+0Nl77kXYrO
UxaJCkmo6DxjsD4GmgeFL1CXDir2cx8tJwkSBOo+OPQuafjmLdfUIput2Ymj1GNZ
+O+Rcv8wpGRg4ssDtFnZtEg7aU0o7XcTS7Y2GkKzG7P1dBuPMd3k2tDY4twiy+5Q
T+lULsnn97llvWJKIRvH3RA9B60KT//EQGgr6fCHEjGypI7ViC16nLTbHXVeOWe+
TN6X+5gUbgAIDfqOwjZW/E/y6oFk8tK7mFoCB0UCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQOuQ1BeXJQ+272Ob4pHBfHGkT+xDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0Rya05RWGx5VVB0dTlqbS1LUndYeHhwRV9zUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBv945dVxkA4XLwOfg6UVjHYWhUuLhd+UPsHfYs
5SPSfsoEWvdMeQbjJBbfYHl8nL0MotinvyR4xBP3R7RdnTl/2Bgi390A1eVIpFSe
cSJHIBuLYJf1xm6wCcCmdsAxd3mQURKaWZWO59xXywXtI4XI8Q0IbVcdr2xe2foi
70RXXo0HAgNqVRduC1aAwSNNOkwZ3L/4YMNl7m6uvqVQyt49+Esoh9ZI6MdfVPr5
yS1PeLwQNLgLyK7dlpqzm+a+A+ipciyoY759SkiZX/Su6AEwCCEJSMHKuO49St+i
hWfBjqnjDKEFQoZNo7QC9LzKJKZatTsgp+4pfb/elpaPnCk0
-----END CERTIFICATE-----
Generated at Mon Jun 9 20:08:41 2025 by rpki-client