Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Id3ycX8KYjRs6XxN2I64wh6E84c.roa
File: Id3ycX8KYjRs6XxN2I64wh6E84c.roa (raw, json)
Hash identifier: ZVOMkZ7p9imuhnaV1cjVdkjeV5eboqRF5BLJgR7klRY=
Subject key identifier: 21:DD:F2:71:7F:0A:62:34:6C:E9:7C:4D:D8:8E:B8:C2:1E:84:F3:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 86663731
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Id3ycX8KYjRs6XxN2I64wh6E84c.roa
Signing time: Sun 22 May 2022 19:09:29 +0000
ROA not before: Sun 22 May 2022 19:09:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2254845745 (0x86663731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 22 19:09:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21ddf2717f0a62346ce97c4dd88eb8c21e84f387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:81:29:f3:48:e1:6a:b8:e5:c9:bd:b5:3c:
95:28:92:ce:fe:ad:c8:d0:b6:7e:90:2a:08:04:08:
76:66:57:7b:7b:4d:f0:3f:3c:20:fd:b1:87:51:d5:
e3:3d:24:33:1a:f0:a9:5d:5b:1d:90:b1:f2:d4:ed:
d1:49:9b:41:dc:6a:df:ba:6b:a3:00:75:c9:a7:7f:
59:6b:41:83:23:d4:b1:52:a9:cf:bb:12:17:c2:ca:
6e:a6:9c:3c:f6:b1:81:65:dd:9b:85:99:b8:0c:c3:
b5:26:fe:46:c6:dd:0b:83:f8:41:6b:81:8c:2a:a4:
61:c6:27:8d:9a:55:3f:f5:72:b8:a8:48:a4:1c:fc:
67:ed:22:eb:10:d3:c0:81:5e:e7:fc:33:5d:40:e5:
5a:eb:ae:87:1b:32:f5:ac:c4:93:4e:09:9f:28:13:
77:28:68:00:87:e7:51:c3:5d:01:4c:7f:06:06:9c:
e1:43:57:1f:bf:9e:ce:1a:71:e7:51:0d:d9:74:2e:
c1:a9:2c:a8:2b:72:9a:06:bf:91:50:32:fd:3c:52:
77:82:51:fb:77:32:28:d4:8c:31:43:a2:17:7e:bc:
4f:45:c9:c6:c3:ee:ec:19:37:5d:25:55:8f:8d:55:
71:fa:c1:cb:fc:5a:7c:d2:0f:43:f4:dd:c2:b0:e1:
e2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DD:F2:71:7F:0A:62:34:6C:E9:7C:4D:D8:8E:B8:C2:1E:84:F3:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Id3ycX8KYjRs6XxN2I64wh6E84c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:f1:4d:b7:65:23:44:f9:10:01:4c:5c:8f:31:43:34:4b:f3:
5e:9f:67:6e:54:49:6a:1f:4f:b8:19:b1:55:23:ea:7d:c1:55:
4d:5d:00:7b:b0:9d:42:7e:c3:86:2c:04:43:2d:e9:ed:d5:bc:
ea:21:9a:17:be:92:6c:15:6a:9f:e5:19:ab:61:15:6c:51:e2:
7c:57:be:be:08:be:e8:bd:ac:f6:d2:48:c1:a5:32:a1:09:36:
5c:a9:6f:f7:d7:5f:0e:ec:7a:bf:ab:00:9f:48:3f:c1:84:87:
4b:cd:5d:94:05:91:76:0c:50:35:37:66:8d:08:97:f7:d1:d4:
7d:40:ab:3b:8e:c6:ae:6b:38:cd:8b:4d:3e:bc:74:06:fe:18:
f7:16:43:7b:46:18:38:07:9d:93:0e:dd:e8:bd:f0:00:3d:07:
04:35:98:d8:0f:6f:d9:b5:9a:a2:b8:f3:71:ab:f9:e5:76:aa:
64:b6:17:dd:dd:2e:3e:7b:ba:64:ab:3c:b4:1c:c9:58:53:bd:
68:a1:50:ad:c0:74:8a:30:80:1e:c7:ca:2f:2b:39:b6:9c:4a:
00:61:2e:09:e1:6a:da:f2:43:30:ca:52:b0:53:56:52:fc:08:
e0:82:b3:dd:50:3c:dd:2a:ba:29:14:ac:a1:e3:46:2a:f5:11:
0d:35:c4:bf
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIZmNzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjIxOTA5MjlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIxZGRmMjcxN2Yw
YTYyMzQ2Y2U5N2M0ZGQ4OGViOGMyMWU4NGYzODcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAioEp80jharjlyb21PJUoks7+rcjQtn6QKggECHZmV3t7
TfA/PCD9sYdR1eM9JDMa8KldWx2QsfLU7dFJm0Hcat+6a6MAdcmnf1lrQYMj1LFS
qc+7EhfCym6mnDz2sYFl3ZuFmbgMw7Um/kbG3QuD+EFrgYwqpGHGJ42aVT/1crio
SKQc/GftIusQ08CBXuf8M11A5VrrrocbMvWsxJNOCZ8oE3coaACH51HDXQFMfwYG
nOFDVx+/ns4acedRDdl0LsGpLKgrcpoGv5FQMv08UneCUft3MijUjDFDohd+vE9F
ycbD7uwZN10lVY+NVXH6wcv8WnzSD0P03cKw4eKLAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUId3ycX8KYjRs6XxN2I64wh6E84cwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9JZDN5Y1g4S1lqUnM2WHhOMkk2NHdoNkU4NGMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAAvFNt2UjRPkQAUxcjzFDNEvzXp9nblRJah9P
uBmxVSPqfcFVTV0Ae7CdQn7DhiwEQy3p7dW86iGaF76SbBVqn+UZq2EVbFHifFe+
vgi+6L2s9tJIwaUyoQk2XKlv99dfDux6v6sAn0g/wYSHS81dlAWRdgxQNTdmjQiX
99HUfUCrO47Grms4zYtNPrx0Bv4Y9xZDe0YYOAedkw7d6L3wAD0HBDWY2A9v2bWa
orjzcav55XaqZLYX3d0uPnu6ZKs8tBzJWFO9aKFQrcB0ijCAHsfKLys5tpxKAGEu
CeFq2vJDMMpSsFNWUvwI4IKz3VA83Sq6KRSsoeNGKvURDTXEvw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:22:16 2025 by rpki-client