Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/apo7qiaKxpH68Xzd3Prg3KUV44k.roa
File: apo7qiaKxpH68Xzd3Prg3KUV44k.roa (raw, json)
Hash identifier: PhJdT9CigN/wpYimTecKOTRsMaCBmyRBUPJF1zbgZo0=
Subject key identifier: 6A:9A:3B:AA:26:8A:C6:91:FA:F1:7C:DD:DC:FA:E0:DC:A5:15:E3:89
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182015AE43D111F9080CEB1D2EBC6E9AE64
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/apo7qiaKxpH68Xzd3Prg3KUV44k.roa
Signing time: Fri 15 Jul 2022 10:15:10 +0000
ROA not before: Fri 15 Jul 2022 10:15:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:5a:e4:3d:11:1f:90:80:ce:b1:d2:eb:c6:e9:ae:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 15 10:15:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a9a3baa268ac691faf17cdddcfae0dca515e389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6a:f2:53:c5:e0:75:0d:ca:86:3c:97:5c:85:
b8:31:65:61:c4:10:27:7c:33:b2:c7:25:45:0b:6d:
21:f5:29:3b:d8:d4:fc:1d:2d:d5:48:fc:89:fb:d4:
ec:0b:88:ed:37:48:d6:6e:2c:d1:c6:4c:62:bb:db:
16:e7:56:7d:59:98:07:63:2e:fa:04:b9:82:35:33:
a0:14:ff:56:d9:49:3d:b8:de:be:af:6f:e3:3a:70:
65:6d:cc:f1:fa:53:0d:22:43:5a:cd:b4:05:21:01:
f2:b2:15:2b:ef:c0:d4:fe:e7:91:2c:d4:48:e2:ab:
4a:03:78:aa:9d:b5:40:0b:d8:8a:8b:ef:80:48:eb:
cb:cd:77:d7:77:bb:9a:63:4b:7f:3f:4d:bf:67:b7:
29:88:e6:0a:08:9b:84:8c:0a:e0:91:3d:fe:e1:99:
92:41:74:33:d5:0f:ae:ba:49:e0:76:f3:82:7c:22:
93:9a:ab:26:20:e6:d8:45:63:69:6a:fe:1b:32:0f:
95:0f:be:97:21:1f:77:68:d4:0a:b6:47:d5:d8:b0:
b8:30:60:9b:49:94:99:0e:a9:8e:35:12:cb:45:fa:
fd:80:19:b0:6a:dd:22:cf:b9:a9:a6:fc:a3:34:e7:
94:19:d6:ac:5a:5f:37:66:04:60:a0:91:c6:58:a3:
3e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9A:3B:AA:26:8A:C6:91:FA:F1:7C:DD:DC:FA:E0:DC:A5:15:E3:89
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/apo7qiaKxpH68Xzd3Prg3KUV44k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:26:ac:d3:38:61:1f:6e:ca:5c:55:2b:50:de:35:50:7e:06:
eb:e7:0a:2a:d7:e1:80:ea:a7:84:95:d9:de:bc:23:f7:6a:b7:
ec:d9:80:7a:52:c1:8f:cf:fd:63:96:56:58:04:9d:57:e5:97:
85:41:07:a1:ac:01:24:e1:a1:e7:c9:48:59:29:c8:be:44:31:
63:28:ed:db:97:1a:4e:bd:7a:cb:5c:39:ad:59:cf:f1:8e:2c:
c9:c6:c3:04:17:ec:66:23:04:42:53:9c:98:4a:fc:02:24:38:
00:04:47:4a:d0:25:18:70:db:81:ba:fa:99:75:27:23:d1:4c:
07:f0:c4:ae:7e:95:86:02:3e:63:7b:fb:82:c2:55:e8:23:71:
7c:a0:80:83:96:b0:50:23:c4:3b:cf:5e:c5:d6:80:3d:60:81:
df:1a:a0:e7:e0:f9:45:31:60:9e:00:e8:22:db:d6:92:24:35:
3a:1f:13:a1:21:6d:99:61:55:90:b7:9a:ca:0f:c4:d7:97:4d:
00:4f:d6:46:f2:d7:cb:f7:bb:92:fe:ba:e5:3e:93:90:8d:00:
5a:24:9c:b1:19:b8:3f:32:aa:01:b9:ac:7b:85:87:a2:dd:72:
73:25:55:b4:5e:46:db:3e:48:ec:d1:a7:80:76:e2:b4:ca:d4:
dd:f7:4f:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIBWuQ9ER+QgM6x0uvG6a5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzE1MTAxNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTlhM2JhYTI2OGFjNjkxZmFmMTdjZGRkY2ZhZTBkY2E1MTVlMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWryU8XgdQ3KhjyXXIW4MWVhxBAn
fDOyxyVFC20h9Sk72NT8HS3VSPyJ+9TsC4jtN0jWbizRxkxiu9sW51Z9WZgHYy76
BLmCNTOgFP9W2Uk9uN6+r2/jOnBlbczx+lMNIkNazbQFIQHyshUr78DU/ueRLNRI
4qtKA3iqnbVAC9iKi++ASOvLzXfXd7uaY0t/P02/Z7cpiOYKCJuEjArgkT3+4ZmS
QXQz1Q+uukngdvOCfCKTmqsmIObYRWNpav4bMg+VD76XIR93aNQKtkfV2LC4MGCb
SZSZDqmONRLLRfr9gBmwat0iz7mppvyjNOeUGdasWl83ZgRgoJHGWKM+9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqaO6omisaR+vF83dz64NylFeOJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYXBvN3FpYUt4cEg2OFh6ZDNQcmczS1VWNDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEwmrNM4YR9uylxVK1De
NVB+BuvnCirX4YDqp4SV2d68I/dqt+zZgHpSwY/P/WOWVlgEnVfll4VBB6GsASTh
oefJSFkpyL5EMWMo7duXGk69estcOa1Zz/GOLMnGwwQX7GYjBEJTnJhK/AIkOAAE
R0rQJRhw24G6+pl1JyPRTAfwxK5+lYYCPmN7+4LCVegjcXyggIOWsFAjxDvPXsXW
gD1ggd8aoOfg+UUxYJ4A6CLb1pIkNTofE6EhbZlhVZC3msoPxNeXTQBP1kby18v3
u5L+uuU+k5CNAFoknLEZuD8yqgG5rHuFh6LdcnMlVbReRts+SOzRp4B24rTK1N33
T2A=
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:56:11 2025 by rpki-client