Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a97iKxrdRqpiW6VROw049Frm1-k.roa
File: a97iKxrdRqpiW6VROw049Frm1-k.roa (raw, json)
Hash identifier: /Gk/GiCjxdDbFO0TG0AnyqO5Cbnloe+2FrO5NPvXJdg=
Subject key identifier: 6B:DE:E2:2B:1A:DD:46:AA:62:5B:A5:51:3B:0D:38:F4:5A:E6:D7:E9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D39C53DDDAB64149835AB15C7E7C0D89
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a97iKxrdRqpiW6VROw049Frm1-k.roa
Signing time: Fri 02 Dec 2022 16:12:28 +0000
ROA not before: Fri 02 Dec 2022 16:12:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:9c:53:dd:da:b6:41:49:83:5a:b1:5c:7e:7c:0d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 2 16:12:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bdee22b1add46aa625ba5513b0d38f45ae6d7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8d:1a:ab:4b:c2:b3:eb:2b:88:6a:e8:97:41:
50:7a:f2:9d:6b:cb:75:c7:9e:09:9f:fd:d6:1a:cb:
28:34:dc:16:85:6a:6a:eb:c6:ad:db:d5:3d:8e:07:
29:fc:d8:fa:94:01:19:e4:e0:a5:e9:78:6d:94:39:
01:c9:de:c5:bd:02:9e:91:13:5a:27:dd:9b:90:96:
5a:e3:ac:51:c0:90:41:dd:8e:ee:c9:cf:37:c9:c6:
cc:1c:22:cb:33:50:18:b6:bc:4e:d9:9c:3c:ac:e8:
7a:16:c5:f1:e3:94:0f:47:29:69:b4:0b:82:54:ee:
cc:e3:9b:55:08:ed:04:4e:f0:93:a7:03:17:9f:1a:
65:0b:0d:a7:23:ad:29:b4:51:f3:49:03:e1:10:a5:
8a:ce:2a:c0:63:a7:e3:82:5f:b7:be:10:6b:ca:31:
88:25:ea:16:86:90:5b:db:b4:ad:df:92:65:52:12:
92:a0:9d:af:79:ab:02:0c:df:12:2a:73:e8:82:b6:
ac:e6:4a:12:3f:c6:1a:fb:76:ce:76:d5:7a:7d:79:
39:54:86:f0:53:1a:c0:f0:78:97:c7:e4:cf:cf:69:
47:bd:fc:4a:19:65:43:cf:67:fa:d7:1f:32:f1:01:
33:89:11:a9:4e:de:dc:cd:57:46:28:d8:2a:f9:40:
fd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DE:E2:2B:1A:DD:46:AA:62:5B:A5:51:3B:0D:38:F4:5A:E6:D7:E9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a97iKxrdRqpiW6VROw049Frm1-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:6a:f1:ae:23:74:b1:4d:d5:a2:c2:6d:a2:44:46:c9:88:89:
77:c1:12:3b:7b:51:e8:41:eb:64:fd:a7:35:a7:6b:af:a5:9e:
fc:ee:1b:67:42:9a:90:c5:75:01:c9:59:76:18:3f:3c:93:cd:
bd:d5:69:d3:f2:be:69:da:a9:b1:9e:f3:1c:94:70:b0:e1:38:
fa:d5:b1:89:71:c9:8e:4e:ab:91:b9:ed:82:33:20:0e:c1:02:
d9:7e:16:7d:eb:7d:b6:16:aa:e0:77:83:9c:38:3f:c6:fb:91:
54:d9:4e:56:48:91:aa:a2:7d:2c:fb:f6:6e:f5:ef:d4:e4:ce:
e5:f0:95:55:58:e0:6c:94:6e:6c:e2:0f:d3:8d:97:83:eb:30:
99:98:db:aa:05:7d:69:1d:0f:c7:16:16:26:67:da:db:92:85:
68:dc:22:3d:9e:3a:58:52:d9:a7:21:52:d2:2c:b5:73:cd:28:
a9:00:13:54:c6:46:c4:07:11:47:9a:b7:65:dc:d5:60:ed:3b:
2e:8e:ff:ed:29:00:58:41:07:40:09:4b:87:22:25:ba:c7:df:
68:a6:13:a7:b8:6b:2c:3d:a8:4f:c4:61:da:4b:e8:df:ce:36:
8e:25:73:51:0d:52:b0:5b:1f:26:87:b9:fa:c2:8a:c8:f9:29:
0f:9a:f3:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTTnFPd2rZBSYNasVx+fA2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAyMTYxMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRlZTIyYjFhZGQ0NmFhNjI1YmE1NTEzYjBkMzhmNDVhZTZkN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr40aq0vCs+sriGrol0FQevKda8t1
x54Jn/3WGssoNNwWhWpq68at29U9jgcp/Nj6lAEZ5OCl6XhtlDkByd7FvQKekRNa
J92bkJZa46xRwJBB3Y7uyc83ycbMHCLLM1AYtrxO2Zw8rOh6FsXx45QPRylptAuC
VO7M45tVCO0ETvCTpwMXnxplCw2nI60ptFHzSQPhEKWKzirAY6fjgl+3vhBryjGI
JeoWhpBb27St35JlUhKSoJ2veasCDN8SKnPogras5koSP8Ya+3bOdtV6fXk5VIbw
UxrA8HiXx+TPz2lHvfxKGWVDz2f61x8y8QEziRGpTt7czVdGKNgq+UD9JwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGve4isa3UaqYlulUTsNOPRa5tfpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYTk3aUt4cmRScXBpVzZWUk93MDQ5RnJtMS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKhq8a4jdLFN1aLCbaJE
RsmIiXfBEjt7UehB62T9pzWna6+lnvzuG2dCmpDFdQHJWXYYPzyTzb3VadPyvmna
qbGe8xyUcLDhOPrVsYlxyY5Oq5G57YIzIA7BAtl+Fn3rfbYWquB3g5w4P8b7kVTZ
TlZIkaqifSz79m7179TkzuXwlVVY4GyUbmziD9ONl4PrMJmY26oFfWkdD8cWFiZn
2tuShWjcIj2eOlhS2achUtIstXPNKKkAE1TGRsQHEUeat2Xc1WDtOy6O/+0pAFhB
B0AJS4ciJbrH32imE6e4ayw9qE/EYdpL6N/ONo4lc1ENUrBbHyaHufrCisj5KQ+a
82I=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:11:03 2025 by rpki-client