Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ai-kYT7suIanwZffdmBc59tr8zw.roa
File: ai-kYT7suIanwZffdmBc59tr8zw.roa (raw, json)
Hash identifier: DEegdiNywQgfjEHjuoXyB9Oh2CBAsW47aN73Kt+VyEs=
Subject key identifier: 6A:2F:A4:61:3E:EC:B8:86:A7:C1:97:DF:76:60:5C:E7:DB:6B:F3:3C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018311395BA2CF0D563A8AA7CBFF6411FE28
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ai-kYT7suIanwZffdmBc59tr8zw.roa
Signing time: Tue 06 Sep 2022 05:15:15 +0000
ROA not before: Tue 06 Sep 2022 05:15:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:11:39:5b:a2:cf:0d:56:3a:8a:a7:cb:ff:64:11:fe:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 6 05:15:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a2fa4613eecb886a7c197df76605ce7db6bf33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0c:b1:3d:12:01:40:bd:be:40:2f:4e:f5:e9:
e6:21:77:28:21:9d:f4:2e:7d:3f:ba:d3:36:68:8f:
cf:8d:b3:66:8f:d2:e6:45:2f:19:73:e9:7e:65:6c:
39:14:43:54:3d:1d:a3:38:03:c0:ec:f8:cc:79:e2:
1f:e6:21:0d:ad:6c:3b:f6:40:4c:71:f0:bf:c0:db:
70:97:64:4a:0f:01:3a:c0:72:ee:2a:ea:34:cb:4b:
f8:e6:3a:20:7a:6e:d5:30:77:bc:54:f3:c1:02:af:
61:55:1a:79:30:ef:21:a5:b3:0d:41:d1:bd:c4:d3:
11:f2:16:09:69:f2:e7:48:3f:bc:ac:d6:87:8a:39:
22:76:48:f4:1f:ce:8a:3b:69:b7:c8:8e:32:d7:85:
1f:2f:fa:93:c9:32:f8:19:20:95:b3:75:d6:c2:be:
08:c7:49:6d:68:e4:11:16:ee:b5:7d:ea:ac:41:d8:
d0:d7:d8:e6:c0:30:52:f7:45:d2:83:ee:51:93:9d:
b8:5b:65:69:9a:cc:59:d9:27:ab:8b:c6:5b:ba:06:
7e:d9:8e:03:1f:f6:1f:98:89:bc:03:eb:17:be:3d:
47:d7:9c:b0:18:63:24:5b:5b:90:a4:a4:f2:a9:04:
ec:80:6b:b0:06:18:a8:c7:6f:c1:2b:21:a1:70:f2:
b8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2F:A4:61:3E:EC:B8:86:A7:C1:97:DF:76:60:5C:E7:DB:6B:F3:3C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ai-kYT7suIanwZffdmBc59tr8zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:b2:de:ee:61:bf:8c:e7:15:b3:37:d0:fa:49:bc:25:0b:15:
2b:82:b7:b1:40:d4:8d:2e:7b:52:09:c3:32:50:de:79:73:7d:
0a:a7:7a:c4:af:61:4f:86:d9:79:c5:c9:3d:c7:3d:60:fc:2e:
a3:93:ae:d4:9b:a2:52:77:87:70:ed:56:01:93:61:c8:02:df:
12:f5:d1:84:1d:92:f1:71:29:51:83:ce:b5:1d:86:c0:26:04:
52:4b:f2:cd:35:7e:37:53:4f:ae:84:3d:84:b4:2f:62:45:59:
e5:d7:87:5a:62:05:7f:01:2b:3b:85:60:59:02:e8:8c:de:26:
48:33:ca:ec:a5:2b:68:c8:23:be:c7:00:ad:5c:e4:bd:b7:05:
f4:ef:38:a6:86:e9:1b:cb:bf:bd:89:13:87:33:df:0c:3b:d9:
13:1f:92:10:9e:bc:54:f8:37:62:63:54:31:95:78:b8:88:7d:
ea:56:f7:c5:0f:8f:e4:ac:19:71:f4:44:b9:ab:ab:78:be:94:
ed:ff:bb:37:07:fb:b2:71:c7:d3:af:f1:89:a6:bb:e2:4c:51:
9f:8f:54:b1:a8:ef:63:0d:dc:33:f9:c5:8f:4d:a8:52:8f:8e:
4e:fd:eb:a0:98:81:bc:3b:79:8c:d6:c8:ec:73:64:4e:90:54:
20:14:6d:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMROVuizw1WOoqny/9kEf4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA2MDUxNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTJmYTQ2MTNlZWNiODg2YTdjMTk3ZGY3NjYwNWNlN2RiNmJmMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwyxPRIBQL2+QC9O9enmIXcoIZ30
Ln0/utM2aI/PjbNmj9LmRS8Zc+l+ZWw5FENUPR2jOAPA7PjMeeIf5iENrWw79kBM
cfC/wNtwl2RKDwE6wHLuKuo0y0v45jogem7VMHe8VPPBAq9hVRp5MO8hpbMNQdG9
xNMR8hYJafLnSD+8rNaHijkidkj0H86KO2m3yI4y14UfL/qTyTL4GSCVs3XWwr4I
x0ltaOQRFu61feqsQdjQ19jmwDBS90XSg+5Rk524W2VpmsxZ2Seri8ZbugZ+2Y4D
H/YfmIm8A+sXvj1H15ywGGMkW1uQpKTyqQTsgGuwBhiox2/BKyGhcPK46QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGovpGE+7LiGp8GX33ZgXOfba/M8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYWkta1lUN3N1SWFud1pmZmRtQmM1OXRyOHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACqy3u5hv4znFbM30PpJ
vCULFSuCt7FA1I0ue1IJwzJQ3nlzfQqnesSvYU+G2XnFyT3HPWD8LqOTrtSbolJ3
h3DtVgGTYcgC3xL10YQdkvFxKVGDzrUdhsAmBFJL8s01fjdTT66EPYS0L2JFWeXX
h1piBX8BKzuFYFkC6IzeJkgzyuylK2jII77HAK1c5L23BfTvOKaG6RvLv72JE4cz
3ww72RMfkhCevFT4N2JjVDGVeLiIfepW98UPj+SsGXH0RLmrq3i+lO3/uzcH+7Jx
x9Ov8Ymmu+JMUZ+PVLGo72MN3DP5xY9NqFKPjk7966CYgbw7eYzWyOxzZE6QVCAU
bUk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:43:41 2025 by rpki-client