Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa
File: aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa (raw, json)
Hash identifier: x3feyKkf7tNEkymPc1bIxDe/rBKT2lXLC5qnZY1Iwuw=
Subject key identifier: 69:08:7B:B1:5D:76:76:09:87:07:C0:69:F0:56:42:37:43:44:B0:8F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182BA11FB27B63636CD4C832ABD52C808F3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa
Signing time: Sat 20 Aug 2022 07:05:16 +0000
ROA not before: Sat 20 Aug 2022 07:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:ba11:3e9f/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ba:11:fb:27:b6:36:36:cd:4c:83:2a:bd:52:c8:08:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 20 07:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69087bb15d7676098707c069f05642374344b08f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:ca:12:10:8c:f4:4c:d7:8c:d4:ed:64:18:
7c:dd:52:51:a6:50:3b:f6:ba:30:54:b2:ff:57:ee:
db:02:57:67:cf:e8:7e:3e:5b:70:8a:1a:f1:02:18:
a1:70:5d:fd:b3:52:3e:75:ab:76:b5:67:87:8f:cd:
ed:d2:b7:bd:07:18:36:75:a7:20:24:32:c2:0f:c4:
b2:d1:0c:73:2a:95:eb:0c:e1:13:ef:21:bc:82:43:
3a:8b:b5:21:43:97:1b:78:f9:70:3b:85:b2:e6:69:
0a:bf:68:dd:f5:05:46:33:29:cb:cc:89:2d:c2:9e:
c7:a1:8e:f2:06:92:e0:44:c4:df:e7:d1:dd:3d:59:
69:9a:23:80:7e:bc:0b:19:a6:ec:7e:ed:cf:ac:d1:
da:52:cc:f0:83:8d:a6:ce:ad:e9:68:05:a5:60:62:
e7:06:4c:3a:74:cb:9a:12:28:b6:71:f2:11:09:d6:
f4:94:0a:1a:af:58:f7:0f:c7:fa:4b:22:88:a5:68:
f9:26:be:e6:65:f9:0e:95:79:c1:8c:cb:24:a7:42:
98:67:11:68:f6:fd:34:24:17:f9:84:f5:e8:2f:27:
89:2e:a1:7f:df:c3:8e:28:08:78:6f:7c:57:32:f7:
78:ea:0c:7e:20:1d:c3:36:ec:b0:a1:c2:43:dc:b9:
51:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:08:7B:B1:5D:76:76:09:87:07:C0:69:F0:56:42:37:43:44:B0:8F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aQh7sV12dgmHB8Bp8FZCN0NEsI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:3c:b9:4d:e7:94:08:72:32:66:6d:2c:93:a4:3c:63:c1:69:
25:4a:2a:89:ab:9e:4a:84:19:e0:ee:b7:e9:41:b6:6c:9b:87:
0b:f8:0b:50:53:dd:6f:a4:5a:11:7b:30:6b:62:de:c4:11:25:
ef:a5:f7:04:70:2a:d7:b8:e5:c7:25:20:86:e8:30:8f:7f:5c:
c0:85:ec:12:de:ff:3e:88:44:65:ec:4e:66:5d:0b:f4:1f:e4:
e6:17:eb:90:a3:3a:c1:ff:dd:90:25:b7:e8:9a:ae:fb:27:a4:
e4:63:b3:c6:d8:51:2f:f2:53:e5:e8:8a:8b:86:b4:a4:c1:86:
66:88:8e:bc:c0:ba:63:98:40:18:a8:96:d7:df:43:1d:9f:0e:
eb:26:cc:b9:34:3d:a2:9c:cf:3b:21:8a:f6:56:47:13:03:b3:
3b:84:b5:df:05:2e:c1:88:58:93:68:0b:0f:fc:a9:6a:94:7c:
d6:b4:1f:9b:c5:06:89:aa:65:9a:3a:65:70:44:dc:4a:90:10:
f1:45:ec:14:73:2d:0e:25:e2:ae:37:a1:31:39:6c:21:ec:b8:
22:29:cd:71:c8:d0:52:83:24:39:88:86:f5:7d:29:06:b5:20:
3f:91:15:28:a0:c4:ed:cc:ec:2f:d9:18:11:8b:db:61:f0:2b:
54:74:32:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYK6EfsntjY2zUyDKr1SyAjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODIwMDcwNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA4N2JiMTVkNzY3NjA5ODcwN2MwNjlmMDU2NDIzNzQzNDRiMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE3KEhCM9EzXjNTtZBh83VJRplA7
9rowVLL/V+7bAldnz+h+PltwihrxAhihcF39s1I+dat2tWeHj83t0re9Bxg2dacg
JDLCD8Sy0QxzKpXrDOET7yG8gkM6i7UhQ5cbePlwO4Wy5mkKv2jd9QVGMynLzIkt
wp7HoY7yBpLgRMTf59HdPVlpmiOAfrwLGabsfu3PrNHaUszwg42mzq3paAWlYGLn
Bkw6dMuaEii2cfIRCdb0lAoar1j3D8f6SyKIpWj5Jr7mZfkOlXnBjMskp0KYZxFo
9v00JBf5hPXoLyeJLqF/38OOKAh4b3xXMvd46gx+IB3DNuywocJD3LlRPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGkIe7FddnYJhwfAafBWQjdDRLCPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYVFoN3NWMTJkZ21IQjhCcDhGWkNOME5Fc0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEI8uU3nlAhyMmZtLJOk
PGPBaSVKKomrnkqEGeDut+lBtmybhwv4C1BT3W+kWhF7MGti3sQRJe+l9wRwKte4
5cclIIboMI9/XMCF7BLe/z6IRGXsTmZdC/Qf5OYX65CjOsH/3ZAlt+iarvsnpORj
s8bYUS/yU+XoiouGtKTBhmaIjrzAumOYQBioltffQx2fDusmzLk0PaKczzshivZW
RxMDszuEtd8FLsGIWJNoCw/8qWqUfNa0H5vFBomqZZo6ZXBE3EqQEPFF7BRzLQ4l
4q43oTE5bCHsuCIpzXHI0FKDJDmIhvV9KQa1ID+RFSigxO3M7C/ZGBGL22HwK1R0
MvQ=
-----END CERTIFICATE-----
Generated at Sat Jun 14 07:24:09 2025 by rpki-client