Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/chxTkdqEiHERQHNcwbRlxZN-2rM.roa
File: chxTkdqEiHERQHNcwbRlxZN-2rM.roa (raw, json)
Hash identifier: Ey3VM7QqrLgjHVMgZxutmieUJFezTiDYeppntJ3FiYY=
Subject key identifier: 72:1C:53:91:DA:84:88:71:11:40:73:5C:C1:B4:65:C5:93:7E:DA:B3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01831B0F7EEBF8BECCAF3659DD078E08AC2D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/chxTkdqEiHERQHNcwbRlxZN-2rM.roa
Signing time: Thu 08 Sep 2022 03:05:43 +0000
ROA not before: Thu 08 Sep 2022 03:05:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64:ffff:0:183:1b0e:9e37/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1b:0f:7e:eb:f8:be:cc:af:36:59:dd:07:8e:08:ac:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 8 03:05:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=721c5391da8488711140735cc1b465c5937edab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c2:21:d6:4d:63:05:4a:01:8e:92:2b:50:e5:
82:8f:44:d2:c9:9a:b0:d7:63:43:e3:42:ea:3d:d6:
3a:bd:c2:03:10:aa:34:13:5f:bd:4b:90:a7:de:b9:
e9:42:c2:2a:b9:3f:9d:e6:c5:cf:89:dd:29:9f:dd:
0d:fa:04:a3:c0:69:44:ee:7c:c1:45:24:ef:8d:00:
0e:d9:6a:73:4b:db:4d:7c:8e:6d:37:8e:92:98:99:
d8:ca:1b:24:07:8b:23:4f:14:f0:22:00:bd:4b:be:
54:80:5c:db:2d:35:ac:f4:0c:aa:f3:e4:69:86:1c:
b8:65:ad:32:0f:5e:fe:c2:68:52:53:da:21:e0:9a:
d7:c2:1c:d5:70:b7:4f:aa:62:95:f7:72:be:ce:d1:
ee:45:b7:0e:c9:2e:33:9f:06:f0:97:c6:f8:fe:de:
a1:10:c1:10:7c:fb:bf:36:e4:81:b9:da:3b:46:61:
76:0c:28:66:47:d8:3e:0f:c1:b0:3c:b6:58:d0:31:
12:08:90:a2:12:a5:51:ff:43:68:f0:df:da:10:26:
3f:aa:67:a7:da:ed:8d:a4:6a:e1:c5:64:9e:75:1c:
a6:20:d6:6e:50:57:b8:f5:72:ca:9f:8e:d0:2a:56:
56:40:98:4e:60:c2:36:65:85:15:13:d2:9a:a1:08:
2b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1C:53:91:DA:84:88:71:11:40:73:5C:C1:B4:65:C5:93:7E:DA:B3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/chxTkdqEiHERQHNcwbRlxZN-2rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:a7:90:55:23:df:d2:80:4f:47:8c:bd:2b:73:a0:31:13:95:
b4:89:69:18:b4:41:ab:2f:ab:ab:84:b1:83:6f:81:12:12:72:
5a:a4:6b:ea:17:38:02:7c:d0:3a:cb:57:58:1d:f1:02:7c:67:
f4:82:a9:83:53:65:9b:a3:a5:e9:0b:5f:3e:39:ed:5d:c7:77:
7c:ba:f9:9d:ff:3d:29:51:6b:e9:33:6a:b1:12:44:e0:a3:be:
b3:8a:9d:73:26:2f:f5:dc:da:af:5b:aa:c1:ab:36:eb:e8:ce:
7d:9a:7e:8b:23:de:4e:98:2e:48:d6:9d:ec:17:6f:55:1b:24:
97:0b:09:17:41:c9:b6:62:49:7d:a5:c9:b2:06:48:79:b2:0a:
ce:9c:3a:03:b3:00:9f:ff:af:7c:85:a9:1f:f8:a4:2d:65:6f:
a1:01:72:4c:ac:f0:19:08:07:b3:a4:66:64:e8:46:34:a8:36:
0c:18:30:d2:46:1d:07:96:42:f4:e4:06:79:a8:7f:dc:0e:b0:
ea:84:98:49:1f:48:f3:e1:8c:0b:90:dd:2a:ef:99:c3:9e:6c:
c3:67:00:a2:90:dc:c4:9f:bd:38:58:ff:de:be:07:d0:e9:f6:
58:a3:ae:4d:28:7c:29:f5:7b:05:a1:35:16:03:9f:1f:89:52:
9f:2a:14:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMbD37r+L7MrzZZ3QeOCKwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA4MDMwNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjFjNTM5MWRhODQ4ODcxMTE0MDczNWNjMWI0NjVjNTkzN2VkYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsIh1k1jBUoBjpIrUOWCj0TSyZqw
12ND40LqPdY6vcIDEKo0E1+9S5Cn3rnpQsIquT+d5sXPid0pn90N+gSjwGlE7nzB
RSTvjQAO2WpzS9tNfI5tN46SmJnYyhskB4sjTxTwIgC9S75UgFzbLTWs9Ayq8+Rp
hhy4Za0yD17+wmhSU9oh4JrXwhzVcLdPqmKV93K+ztHuRbcOyS4znwbwl8b4/t6h
EMEQfPu/NuSBudo7RmF2DChmR9g+D8GwPLZY0DESCJCiEqVR/0No8N/aECY/qmen
2u2NpGrhxWSedRymINZuUFe49XLKn47QKlZWQJhOYMI2ZYUVE9KaoQgrKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHIcU5HahIhxEUBzXMG0ZcWTftqzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY2h4VGtkcUVpSEVSUUhOY3diUmx4Wk4tMnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJOnkFUj39KAT0eMvStz
oDETlbSJaRi0Qasvq6uEsYNvgRISclqka+oXOAJ80DrLV1gd8QJ8Z/SCqYNTZZuj
pekLXz457V3Hd3y6+Z3/PSlRa+kzarESROCjvrOKnXMmL/Xc2q9bqsGrNuvozn2a
fosj3k6YLkjWnewXb1UbJJcLCRdBybZiSX2lybIGSHmyCs6cOgOzAJ//r3yFqR/4
pC1lb6EBckys8BkIB7OkZmToRjSoNgwYMNJGHQeWQvTkBnmof9wOsOqEmEkfSPPh
jAuQ3SrvmcOebMNnAKKQ3MSfvThY/96+B9Dp9lijrk0ofCn1ewWhNRYDnx+JUp8q
FBA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:02:00 2025 by rpki-client