Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NRzniNMxvo9fDJkBcbyx2OTjItw.roa
File: NRzniNMxvo9fDJkBcbyx2OTjItw.roa (raw, json)
Hash identifier: 2AztTaaDXGtREazSVx2sg64Wmt+DSDzCjN2oWTYvFgk=
Subject key identifier: 35:1C:E7:88:D3:31:BE:8F:5F:0C:99:01:71:BC:B1:D8:E4:E3:22:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856703D35ED19D461D96F425EFC05C0ED9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NRzniNMxvo9fDJkBcbyx2OTjItw.roa
Signing time: Sat 31 Dec 2022 07:09:42 +0000
ROA not before: Sat 31 Dec 2022 07:09:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:67:03:d3:5e:d1:9d:46:1d:96:f4:25:ef:c0:5c:0e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 31 07:09:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=351ce788d331be8f5f0c990171bcb1d8e4e322dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7e:d6:d2:b5:13:b5:ae:50:28:07:76:af:7f:
2a:e1:9f:d3:56:da:4e:b3:73:1e:86:df:36:67:44:
e9:52:10:ca:14:eb:52:09:c0:2b:b4:f1:01:6c:2a:
fe:89:a6:45:62:55:0f:64:85:02:b8:aa:89:b1:80:
a0:7c:14:30:73:91:5e:7e:3c:1d:af:50:08:53:3e:
30:fb:d3:74:06:1b:7b:c3:71:b6:11:fe:8f:dd:03:
da:40:ac:52:74:59:ee:60:d0:6a:17:74:9a:21:89:
d5:09:8f:20:d7:25:37:29:d7:57:66:4f:2b:12:2f:
7f:19:3b:57:93:50:60:61:3a:17:d1:25:60:cb:a2:
91:89:af:f0:ed:bc:14:63:cf:6b:a6:ac:fa:f5:96:
b6:d1:fc:62:55:e1:3e:ef:f2:c7:55:38:43:16:cf:
2d:60:54:2c:5f:5e:8a:07:ca:d6:9b:ce:f0:b2:3d:
88:84:e0:16:92:ca:02:8c:29:c9:b0:2e:b8:28:f2:
d3:1b:33:e3:45:ef:59:0d:eb:08:09:c3:69:ba:b9:
0d:ce:ec:f0:a5:72:94:27:24:14:ce:b7:4d:c7:26:
fd:24:4c:5c:e3:74:41:36:39:c3:63:cd:9c:6b:80:
72:61:dd:4d:5c:c9:d1:72:ef:45:87:e1:7b:b9:62:
8c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1C:E7:88:D3:31:BE:8F:5F:0C:99:01:71:BC:B1:D8:E4:E3:22:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NRzniNMxvo9fDJkBcbyx2OTjItw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:84:b9:5d:d6:60:63:a4:d6:f5:d6:cb:3c:b5:9b:5c:b7:5b:
a0:83:b8:35:9e:4c:21:2f:3e:d3:b4:4e:99:9a:31:5d:2e:71:
65:96:21:3f:d6:ac:52:bc:ac:ca:2e:7b:09:71:13:03:6d:5d:
79:14:43:5b:8f:78:e7:93:ff:06:5e:45:7f:b0:a7:0e:6b:e4:
b7:ec:b3:85:6f:72:50:11:70:b6:77:0a:df:18:05:b7:72:e9:
be:3a:f9:67:2d:af:05:8c:7b:11:89:f7:2e:dc:19:f3:da:16:
3c:8e:8a:93:f0:03:da:f7:83:b6:a0:a7:cb:ca:d2:e7:4c:22:
b6:81:2e:5e:23:34:73:0d:61:78:e7:a2:d0:07:cc:c9:9f:d3:
f5:20:88:17:9c:dc:65:20:82:61:d4:bf:87:2a:26:da:54:a6:
5a:6b:d0:a8:dd:fb:83:57:1b:a4:87:b5:24:a4:ee:d3:56:4f:
8b:2c:01:79:cd:5f:8f:43:bc:95:22:0a:4b:f4:4d:60:6a:a2:
5e:2f:ef:4e:33:f8:74:1d:63:9f:a7:d1:4c:bb:3e:c2:85:1f:
14:34:bd:22:96:5f:59:5a:91:33:56:ff:88:ae:9a:c6:c8:3e:
40:8c:8c:75:b3:f6:7d:b4:fe:08:ea:82:e5:21:7f:fb:7a:ed:
0f:7f:87:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVnA9Ne0Z1GHZb0Je/AXA7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMxMDcwOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFjZTc4OGQzMzFiZThmNWYwYzk5MDE3MWJjYjFkOGU0ZTMyMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwn7W0rUTta5QKAd2r38q4Z/TVtpO
s3Meht82Z0TpUhDKFOtSCcArtPEBbCr+iaZFYlUPZIUCuKqJsYCgfBQwc5Fefjwd
r1AIUz4w+9N0Bht7w3G2Ef6P3QPaQKxSdFnuYNBqF3SaIYnVCY8g1yU3KddXZk8r
Ei9/GTtXk1BgYToX0SVgy6KRia/w7bwUY89rpqz69Za20fxiVeE+7/LHVThDFs8t
YFQsX16KB8rWm87wsj2IhOAWksoCjCnJsC64KPLTGzPjRe9ZDesICcNpurkNzuzw
pXKUJyQUzrdNxyb9JExc43RBNjnDY82ca4ByYd1NXMnRcu9Fh+F7uWKMQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDUc54jTMb6PXwyZAXG8sdjk4yLcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTlJ6bmlOTXh2bzlmREprQmNieXgyT1RqSXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJGEuV3WYGOk1vXWyzy1
m1y3W6CDuDWeTCEvPtO0TpmaMV0ucWWWIT/WrFK8rMouewlxEwNtXXkUQ1uPeOeT
/wZeRX+wpw5r5Lfss4VvclARcLZ3Ct8YBbdy6b46+WctrwWMexGJ9y7cGfPaFjyO
ipPwA9r3g7agp8vK0udMIraBLl4jNHMNYXjnotAHzMmf0/UgiBec3GUggmHUv4cq
JtpUplpr0Kjd+4NXG6SHtSSk7tNWT4ssAXnNX49DvJUiCkv0TWBqol4v704z+HQd
Y5+n0Uy7PsKFHxQ0vSKWX1lakTNW/4iumsbIPkCMjHWz9n20/gjqguUhf/t67Q9/
h2M=
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:18:02 2025 by rpki-client