Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aKaNAJ64oQQ2nNkjzmj3r7_n_Fo.roa
File: aKaNAJ64oQQ2nNkjzmj3r7_n_Fo.roa (raw, json)
Hash identifier: 8dFnAlrMvK2lJzHM4SWcmlpLSL5Jb54Xw4EMPHZST3I=
Subject key identifier: 68:A6:8D:00:9E:B8:A1:04:36:9C:D9:23:CE:68:F7:AF:BF:E7:FC:5A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869F74B1D0A9648B06284C3A9C544A1ED4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aKaNAJ64oQQ2nNkjzmj3r7_n_Fo.roa
Signing time: Wed 01 Mar 2023 23:14:30 +0000
ROA not before: Wed 01 Mar 2023 23:14:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9f:74:b1:d0:a9:64:8b:06:28:4c:3a:9c:54:4a:1e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 23:14:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68a68d009eb8a104369cd923ce68f7afbfe7fc5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:18:d6:0e:75:b9:66:51:b0:91:26:98:39:
5e:ae:b3:e7:87:b4:be:fe:55:88:c4:38:0a:ea:56:
45:5e:49:1e:2c:e2:e6:5e:66:bd:f4:8c:cb:16:c6:
62:52:84:b9:06:44:6b:ce:aa:3a:c2:c3:aa:72:b3:
48:b7:0e:80:2d:98:9f:91:4b:0d:ec:e5:33:c5:00:
cd:45:85:8d:cd:8b:fc:07:f3:c1:75:4f:c2:ba:0a:
2a:30:20:1e:74:19:cf:4e:5c:2e:40:bb:6d:9a:98:
07:75:c8:af:fe:ba:65:3f:f2:2c:10:41:a4:6a:88:
c5:7b:b5:14:18:d7:ee:da:6a:30:f5:aa:02:63:81:
41:b0:58:7b:57:86:4e:b9:86:c4:9a:d2:ad:a6:df:
62:d4:8f:f4:e3:6f:69:08:7e:fd:53:53:57:54:24:
08:cf:d8:ac:2c:3e:b8:4b:33:c9:2f:b1:9e:f4:d5:
6e:2f:f4:c9:ce:c0:c5:76:06:22:5f:b6:31:60:15:
20:33:8f:d1:73:60:d2:0d:73:ae:34:89:25:73:0b:
32:41:f5:6e:1d:6f:4a:d6:ef:51:7b:bd:42:f1:09:
92:8d:10:d3:3f:7d:d2:30:10:9c:86:dc:db:d7:b0:
9a:8f:36:c7:2c:85:30:d2:1b:b6:7f:6d:96:54:e8:
ce:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A6:8D:00:9E:B8:A1:04:36:9C:D9:23:CE:68:F7:AF:BF:E7:FC:5A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aKaNAJ64oQQ2nNkjzmj3r7_n_Fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:27:de:2f:bf:9b:1f:5d:fd:2a:fe:67:41:0f:5e:1d:30:c4:
97:02:1b:34:ec:68:04:b4:df:09:8d:07:68:35:e9:cc:30:d4:
59:f4:58:03:13:d0:17:f5:15:b5:c7:22:92:a3:46:7f:96:76:
28:d2:e1:82:0f:f3:64:65:3d:71:37:b4:63:13:68:ce:00:b6:
da:2b:a7:e2:b7:ed:2f:e5:e5:09:a0:03:27:da:66:69:7d:63:
84:ff:03:a1:4a:67:d4:dd:95:93:1d:7e:b5:50:52:b0:4b:2c:
2d:53:1d:54:df:6d:3c:f7:48:4b:1c:1f:32:6c:d3:e0:05:f4:
d7:69:bc:eb:bf:b5:c8:6c:66:a8:8e:d6:4f:32:31:9c:d2:a3:
de:77:38:0d:a1:90:c4:eb:a7:3d:c3:7c:a1:95:7c:63:9c:78:
6a:0f:ee:07:5e:37:7f:91:41:11:da:eb:26:e7:d9:7c:fa:7f:
0e:14:b0:3d:76:72:f8:72:fb:ec:ab:1e:91:84:d3:b5:5b:f3:
53:ba:fe:cb:37:8e:d1:56:12:28:67:ca:db:50:4a:34:2b:72:
4d:bd:ca:74:7a:06:f8:8e:0f:70:24:fe:8c:d4:a7:36:23:73:
4f:6c:b6:e5:f6:44:7f:92:bc:f0:d1:5f:a6:88:62:32:23:13:
25:5d:52:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYafdLHQqWSLBihMOpxUSh7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMjMxNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE2OGQwMDllYjhhMTA0MzY5Y2Q5MjNjZTY4ZjdhZmJmZTdmYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt8Y1g51uWZRsJEmmDlerrPnh7S+
/lWIxDgK6lZFXkkeLOLmXma99IzLFsZiUoS5BkRrzqo6wsOqcrNItw6ALZifkUsN
7OUzxQDNRYWNzYv8B/PBdU/CugoqMCAedBnPTlwuQLttmpgHdciv/rplP/IsEEGk
aojFe7UUGNfu2mow9aoCY4FBsFh7V4ZOuYbEmtKtpt9i1I/0429pCH79U1NXVCQI
z9isLD64SzPJL7Ge9NVuL/TJzsDFdgYiX7YxYBUgM4/Rc2DSDXOuNIklcwsyQfVu
HW9K1u9Re71C8QmSjRDTP33SMBCchtzb17CajzbHLIUw0hu2f22WVOjOpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGimjQCeuKEENpzZI85o96+/5/xaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYUthTkFKNjRvUVEybk5ranptajNyN19uX0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFYn3i+/mx9d/Sr+Z0EP
Xh0wxJcCGzTsaAS03wmNB2g16cww1Fn0WAMT0Bf1FbXHIpKjRn+WdijS4YIP82Rl
PXE3tGMTaM4Attorp+K37S/l5QmgAyfaZml9Y4T/A6FKZ9TdlZMdfrVQUrBLLC1T
HVTfbTz3SEscHzJs0+AF9NdpvOu/tchsZqiO1k8yMZzSo953OA2hkMTrpz3DfKGV
fGOceGoP7gdeN3+RQRHa6ybn2Xz6fw4UsD12cvhy++yrHpGE07Vb81O6/ss3jtFW
EihnyttQSjQrck29ynR6BviOD3Ak/ozUpzYjc09stuX2RH+SvPDRX6aIYjIjEyVd
Uk0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:16:44 2025 by rpki-client