Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fh4jc6l-ni-BAbq-DfitkefIYsw.roa
File: fh4jc6l-ni-BAbq-DfitkefIYsw.roa (raw, json)
Hash identifier: wa8wjzXWilakaBdoxiesoOhDjhJ/0goAHreDElVkBdU=
Subject key identifier: 7E:1E:23:73:A9:7E:9E:2F:81:01:BA:BE:0D:F8:AD:91:E7:C8:62:CC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7F1386F0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fh4jc6l-ni-BAbq-DfitkefIYsw.roa
Signing time: Wed 27 Apr 2022 23:11:04 +0000
ROA not before: Wed 27 Apr 2022 23:11:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2131986160 (0x7f1386f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 27 23:11:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1e2373a97e9e2f8101babe0df8ad91e7c862cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cb:0f:b2:5b:7e:8a:2a:94:38:56:71:3d:e6:
b8:ff:65:8d:16:5d:d7:aa:8b:a0:b1:cf:30:42:54:
c3:5c:82:27:2d:ae:1c:a4:42:d4:e7:bf:ab:06:ee:
92:90:66:68:2d:ff:2d:85:06:55:7e:74:e4:04:ea:
25:4e:08:77:f2:a1:1f:af:0d:38:e2:cc:f6:6c:9d:
52:9c:eb:03:4d:b2:e6:19:c2:a5:5e:2a:6a:7b:16:
8b:c7:a9:0f:f1:6e:2e:c8:ee:82:cf:de:e1:36:96:
a6:14:d1:c4:c9:62:23:c3:3e:86:1a:96:f7:48:8f:
eb:12:1c:0a:7b:9d:f3:95:32:35:0d:88:5a:d8:60:
5b:35:e6:9f:98:3d:6e:1b:6a:25:55:52:72:ed:29:
40:cf:83:a0:eb:1f:e6:fb:cb:da:83:23:d6:a0:30:
39:8a:a0:57:c5:cb:11:6e:19:0c:2b:71:d4:5e:1b:
0e:17:b5:fe:72:4f:77:73:50:bb:d8:2e:4a:5f:cc:
6d:a1:a9:07:57:9e:72:84:3f:7e:9c:4f:51:09:70:
9a:0c:eb:cf:9b:86:bc:27:bc:df:c6:d3:10:f3:6d:
a2:83:88:7a:e6:ab:c6:8f:44:db:3a:a6:24:63:b5:
4d:da:42:5b:03:d1:c2:92:d6:fe:8b:7c:0a:bd:1e:
3a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1E:23:73:A9:7E:9E:2F:81:01:BA:BE:0D:F8:AD:91:E7:C8:62:CC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fh4jc6l-ni-BAbq-DfitkefIYsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:d5:f1:b8:be:94:80:1d:55:a4:91:d7:cd:97:15:8e:01:cd:
a5:e9:93:47:6b:be:0f:0b:41:4a:42:05:82:d2:69:b5:1b:e7:
ca:eb:6f:91:0b:8a:89:a6:6b:f4:14:00:15:61:7e:36:a8:8a:
f3:c8:db:fc:02:94:9c:d6:e1:57:72:d4:8e:aa:15:45:8f:17:
9a:40:78:01:17:7f:72:5b:01:44:d4:90:34:50:7d:2c:9c:66:
ea:e7:a8:80:b6:87:70:c7:1f:59:36:bb:bc:d7:ab:36:1d:99:
99:cb:de:18:41:e3:6c:d0:9d:1f:af:f4:f3:99:91:3e:d8:d0:
9e:01:a8:04:4f:69:a4:cb:88:f7:d7:75:74:a4:7e:9b:33:6d:
74:6c:3e:9b:71:d4:6b:ff:57:4c:b5:99:ec:6b:0d:4a:96:e1:
f4:9a:f5:92:8f:b0:a0:e1:73:5f:66:5e:b4:a7:7b:85:2e:ce:
f6:bb:fb:48:c4:be:c6:1f:23:42:99:d7:a0:ee:30:12:d0:91:
07:0c:5d:2b:1f:58:52:b2:19:92:06:83:92:be:2d:50:b4:d1:
9d:08:76:68:2f:87:9d:bd:fa:87:44:30:e7:8c:ed:ee:5b:bb:
7b:0d:04:a5:6a:b3:bc:29:ec:8e:c9:40:34:a7:53:02:86:9a:
05:aa:43:68
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEfxOG8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQy
NzIzMTEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UxZTIzNzNhOTdl
OWUyZjgxMDFiYWJlMGRmOGFkOTFlN2M4NjJjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfLD7JbfooqlDhWcT3muP9ljRZd16qLoLHPMEJUw1yCJy2u
HKRC1Oe/qwbukpBmaC3/LYUGVX505ATqJU4Id/KhH68NOOLM9mydUpzrA02y5hnC
pV4qansWi8epD/FuLsjugs/e4TaWphTRxMliI8M+hhqW90iP6xIcCnud85UyNQ2I
WthgWzXmn5g9bhtqJVVScu0pQM+DoOsf5vvL2oMj1qAwOYqgV8XLEW4ZDCtx1F4b
Dhe1/nJPd3NQu9guSl/MbaGpB1eecoQ/fpxPUQlwmgzrz5uGvCe838bTEPNtooOI
euarxo9E2zqmJGO1TdpCWwPRwpLW/ot8Cr0eOkcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR+HiNzqX6eL4EBur4N+K2R58hizDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2ZoNGpjNmwtbmktQkFicS1EZml0a2VmSVlzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBf1fG4vpSAHVWkkdfNlxWOAc2l6ZNHa74PC0FK
QgWC0mm1G+fK62+RC4qJpmv0FAAVYX42qIrzyNv8ApSc1uFXctSOqhVFjxeaQHgB
F39yWwFE1JA0UH0snGbq56iAtodwxx9ZNru816s2HZmZy94YQeNs0J0fr/TzmZE+
2NCeAagET2mky4j313V0pH6bM210bD6bcdRr/1dMtZnsaw1KluH0mvWSj7Cg4XNf
Zl60p3uFLs72u/tIxL7GHyNCmdeg7jAS0JEHDF0rH1hSshmSBoOSvi1QtNGdCHZo
L4edvfqHRDDnjO3uW7t7DQSlarO8KeyOyUA0p1MChpoFqkNo
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:02:31 2025 by rpki-client