Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S4Bna2rmkDoDJ17uJ4olEASPlSg.roa
File: S4Bna2rmkDoDJ17uJ4olEASPlSg.roa (raw, json)
Hash identifier: KQvfvhtP09IYNg7019zGp4lWlMbtkFomZMp37QpmQ/A=
Subject key identifier: 4B:80:67:6B:6A:E6:90:3A:03:27:5E:EE:27:8A:25:10:04:8F:95:28
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185654B748AE53636D0096CF47CDC79E58C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S4Bna2rmkDoDJ17uJ4olEASPlSg.roa
Signing time: Fri 30 Dec 2022 23:08:41 +0000
ROA not before: Fri 30 Dec 2022 23:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:65:4b:74:8a:e5:36:36:d0:09:6c:f4:7c:dc:79:e5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 23:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b80676b6ae6903a03275eee278a2510048f9528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c1:82:cd:19:aa:35:38:41:0a:0a:a1:fb:19:
7a:22:a9:a7:bb:c9:cb:75:0e:84:52:86:68:d8:b4:
79:07:36:68:f9:d1:86:2e:6c:cf:30:57:7d:fb:b4:
ef:a5:06:04:89:50:51:e7:59:83:5c:c3:37:ab:f6:
c7:cd:da:be:54:fe:fe:99:fc:ef:a1:f9:5a:b6:a5:
3d:48:e3:39:da:a2:d8:b4:ee:1b:80:0a:a4:17:03:
40:10:70:00:dd:ae:c9:b9:65:37:d2:c1:5f:b0:0c:
26:c8:97:d4:25:74:75:e5:67:a8:c8:24:28:c1:8f:
c8:cf:c0:49:15:ca:33:d9:16:2e:b4:24:71:7c:5c:
9c:79:83:10:9e:67:1c:7c:63:1e:c8:9a:78:96:b1:
70:cc:9f:f4:bc:72:84:83:97:7d:2a:1a:77:a1:c0:
14:43:74:b3:dd:8d:2f:d6:ec:23:0f:1b:44:af:87:
ef:97:92:74:e6:64:62:41:2b:aa:61:5a:91:75:c5:
f4:8e:0c:91:1b:2c:d3:17:e7:4e:ea:d6:1d:8f:c1:
1c:1e:4b:0b:30:ea:06:de:0a:a9:08:1d:86:c8:1f:
c8:75:2f:78:40:b5:20:cb:63:be:59:80:24:15:84:
78:61:c5:fd:5c:c1:1c:50:c1:b7:24:55:70:38:19:
fc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:80:67:6B:6A:E6:90:3A:03:27:5E:EE:27:8A:25:10:04:8F:95:28
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S4Bna2rmkDoDJ17uJ4olEASPlSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:96:8f:3a:8c:60:29:94:34:bb:1d:a1:31:8d:17:7c:e6:1a:
6e:e1:80:0a:ce:b8:7b:29:8c:cc:63:fd:c4:2d:ce:46:32:1b:
5e:d9:72:19:dc:13:15:d1:45:f9:fa:60:ee:c9:83:d6:e3:3a:
6d:f3:eb:67:ef:5e:0a:00:33:c3:e7:8a:9d:c7:5d:d1:d6:ae:
9f:06:be:9f:d6:84:43:9d:12:4b:76:3e:66:91:ec:81:68:11:
29:ee:94:ec:31:9e:88:42:51:04:37:e2:bc:ca:1a:46:9c:58:
79:f4:0d:c1:71:64:02:6c:23:be:e1:bd:0f:0c:a5:67:8c:85:
d3:a9:46:15:e1:0a:99:5b:b4:7d:bf:c6:9a:2e:0f:0b:d7:e5:
9e:46:a3:08:ea:31:6a:fd:cf:4b:e2:6a:91:35:38:2c:6f:18:
a6:fd:b7:34:8d:c7:34:f5:93:ea:2c:eb:86:1b:d6:79:42:49:
b8:0f:43:69:04:b5:50:81:4a:69:dc:9f:57:92:fe:37:b0:fe:
55:41:37:18:9c:de:4b:08:a3:9e:69:f2:f2:1a:dc:84:39:b8:
31:a1:fc:1c:67:be:fc:19:d9:8d:ae:1d:f9:58:e5:76:f9:55:
28:4c:2c:d2:b1:e6:f2:e3:8b:a2:2a:63:05:30:4f:e4:83:f8:
0a:c9:07:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVlS3SK5TY20Als9HzceeWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMjMwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjgwNjc2YjZhZTY5MDNhMDMyNzVlZWUyNzhhMjUxMDA0OGY5NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8GCzRmqNThBCgqh+xl6Iqmnu8nL
dQ6EUoZo2LR5BzZo+dGGLmzPMFd9+7TvpQYEiVBR51mDXMM3q/bHzdq+VP7+mfzv
oflatqU9SOM52qLYtO4bgAqkFwNAEHAA3a7JuWU30sFfsAwmyJfUJXR15WeoyCQo
wY/Iz8BJFcoz2RYutCRxfFyceYMQnmccfGMeyJp4lrFwzJ/0vHKEg5d9Khp3ocAU
Q3Sz3Y0v1uwjDxtEr4fvl5J05mRiQSuqYVqRdcX0jgyRGyzTF+dO6tYdj8EcHksL
MOoG3gqpCB2GyB/IdS94QLUgy2O+WYAkFYR4YcX9XMEcUMG3JFVwOBn8lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEuAZ2tq5pA6Ayde7ieKJRAEj5UoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUzRCbmEycm1rRG9ESjE3dUo0b2xFQVNQbFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACCWjzqMYCmUNLsdoTGN
F3zmGm7hgArOuHspjMxj/cQtzkYyG17ZchncExXRRfn6YO7Jg9bjOm3z62fvXgoA
M8Pnip3HXdHWrp8Gvp/WhEOdEkt2PmaR7IFoESnulOwxnohCUQQ34rzKGkacWHn0
DcFxZAJsI77hvQ8MpWeMhdOpRhXhCplbtH2/xpouDwvX5Z5GowjqMWr9z0viapE1
OCxvGKb9tzSNxzT1k+os64Yb1nlCSbgPQ2kEtVCBSmncn1eS/jew/lVBNxic3ksI
o55p8vIa3IQ5uDGh/BxnvvwZ2Y2uHflY5Xb5VShMLNKx5vLji6IqYwUwT+SD+ArJ
B+s=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:06:57 2025 by rpki-client