Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SGNSaHPKnWCIVkLwp42iI3Yr0Rk.roa
File: SGNSaHPKnWCIVkLwp42iI3Yr0Rk.roa (raw, json)
Hash identifier: d7aW+827RUQeK48tGvYsoCb9lOPus8hXURpxETeDCrA=
Subject key identifier: 48:63:52:68:73:CA:9D:60:88:56:42:F0:A7:8D:A2:23:76:2B:D1:19
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01836F3242DEAE95AF5349A5AA08E70DE0FF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SGNSaHPKnWCIVkLwp42iI3Yr0Rk.roa
Signing time: Sat 24 Sep 2022 11:11:48 +0000
ROA not before: Sat 24 Sep 2022 11:11:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6f:32:42:de:ae:95:af:53:49:a5:aa:08:e7:0d:e0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 24 11:11:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4863526873ca9d60885642f0a78da223762bd119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f3:d1:4e:81:b8:d8:0f:a5:0c:26:2c:fb:54:
eb:25:6a:63:7a:18:50:14:28:4f:48:52:ef:7f:a2:
2f:58:14:9c:7d:c3:8b:e2:d5:00:96:c5:2d:50:f6:
5c:fc:47:cb:77:95:d5:b4:cf:58:ec:4a:09:5c:af:
10:06:f8:97:0e:85:ba:e2:41:40:5f:4c:3b:2b:7e:
3f:12:2f:ae:57:94:72:81:38:96:f8:11:4d:2f:63:
b0:bb:07:8e:89:cf:7c:72:17:e4:f8:89:b6:67:72:
31:86:e5:92:a8:2a:85:f8:10:dd:6b:8e:61:09:6e:
53:be:53:6c:7a:b5:d1:83:cd:96:7c:0a:30:d9:b4:
f7:9c:40:24:73:96:c9:85:41:4b:46:d4:8f:15:69:
cf:56:42:6b:48:29:c9:63:65:b9:9b:cc:d2:da:9b:
be:38:ab:48:a5:7d:ac:6b:da:10:4f:f8:5e:89:cf:
41:04:e0:8d:4b:05:26:5f:2e:68:59:7c:50:28:e5:
b5:2f:61:3d:40:69:50:49:91:8b:64:8b:1e:96:a9:
cf:1c:f8:39:0c:c1:d1:b9:a5:d1:75:8c:f4:17:f7:
a1:08:72:52:76:05:d2:5b:c1:dd:40:87:b4:3f:8b:
df:5d:97:41:5f:8d:70:99:13:2d:bf:1e:25:52:ad:
c1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:63:52:68:73:CA:9D:60:88:56:42:F0:A7:8D:A2:23:76:2B:D1:19
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SGNSaHPKnWCIVkLwp42iI3Yr0Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:5b:68:0c:a2:22:1e:ad:61:5a:02:dd:0e:6b:01:cd:42:aa:
08:20:c8:59:44:a4:4f:4f:37:38:b8:42:56:5c:72:fb:e8:d9:
52:fa:79:28:81:84:6b:5c:ee:bd:8b:15:b5:83:da:3a:12:0d:
6d:ed:6d:bb:44:fb:a9:fd:b5:72:db:1d:00:ba:63:5e:7e:37:
51:07:55:d3:24:e7:ac:94:20:cc:de:a9:5a:af:51:c6:a6:f2:
19:b5:bd:d2:87:02:15:24:ae:22:e7:23:a6:b7:99:c9:93:fc:
c5:fa:4e:2d:4d:4b:d3:9e:f0:2c:7b:17:1e:c0:8b:94:75:72:
2f:e4:37:00:0d:59:e4:69:e0:98:b3:6b:15:56:1f:a4:48:07:
d3:0f:08:be:37:e8:5a:2a:e3:38:b7:2a:36:95:e6:0a:6a:80:
47:d5:7c:79:6f:b4:22:c9:4f:90:d0:df:01:4b:d5:70:c8:85:
9d:d2:98:55:f0:88:01:46:e4:7e:e2:c7:f2:b2:4e:69:e1:91:
90:61:f8:2e:32:7a:48:7f:51:42:0f:af:50:cc:8a:60:a7:fa:
ab:c2:37:42:75:ee:1a:8a:17:93:00:cc:93:1b:7d:26:95:35:
f7:c9:b8:5a:fe:b9:cb:c7:63:8b:f4:86:b4:8c:66:64:46:43:
5c:78:87:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNvMkLerpWvU0mlqgjnDeD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTI0MTExMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYzNTI2ODczY2E5ZDYwODg1NjQyZjBhNzhkYTIyMzc2MmJkMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPPRToG42A+lDCYs+1TrJWpjehhQ
FChPSFLvf6IvWBScfcOL4tUAlsUtUPZc/EfLd5XVtM9Y7EoJXK8QBviXDoW64kFA
X0w7K34/Ei+uV5RygTiW+BFNL2OwuweOic98chfk+Im2Z3IxhuWSqCqF+BDda45h
CW5TvlNserXRg82WfAow2bT3nEAkc5bJhUFLRtSPFWnPVkJrSCnJY2W5m8zS2pu+
OKtIpX2sa9oQT/heic9BBOCNSwUmXy5oWXxQKOW1L2E9QGlQSZGLZIselqnPHPg5
DMHRuaXRdYz0F/ehCHJSdgXSW8HdQIe0P4vfXZdBX41wmRMtvx4lUq3BnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhjUmhzyp1giFZC8KeNoiN2K9EZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU0dOU2FIUEtuV0NJVmtMd3A0MmlJM1lyMFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGBbaAyiIh6tYVoC3Q5r
Ac1CqgggyFlEpE9PNzi4QlZccvvo2VL6eSiBhGtc7r2LFbWD2joSDW3tbbtE+6n9
tXLbHQC6Y15+N1EHVdMk56yUIMzeqVqvUcam8hm1vdKHAhUkriLnI6a3mcmT/MX6
Ti1NS9Oe8Cx7Fx7Ai5R1ci/kNwANWeRp4JizaxVWH6RIB9MPCL436Foq4zi3KjaV
5gpqgEfVfHlvtCLJT5DQ3wFL1XDIhZ3SmFXwiAFG5H7ix/KyTmnhkZBh+C4yekh/
UUIPr1DMimCn+qvCN0J17hqKF5MAzJMbfSaVNffJuFr+ucvHY4v0hrSMZmRGQ1x4
hzM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:54:56 2025 by rpki-client