Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/j0b34NNtAF3L5srf4QGm8uvPanY.roa
File: j0b34NNtAF3L5srf4QGm8uvPanY.roa (raw, json)
Hash identifier: sNKvDpTFTBADHf6PCyXDNMjcWaurRONbJHLXl4m2muQ=
Subject key identifier: 8F:46:F7:E0:D3:6D:00:5D:CB:E6:CA:DF:E1:01:A6:F2:EB:CF:6A:76
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855AC7CD7F5EA8DA10CF49F4131422F889
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/j0b34NNtAF3L5srf4QGm8uvPanY.roa
Signing time: Wed 28 Dec 2022 22:08:41 +0000
ROA not before: Wed 28 Dec 2022 22:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5a:c7:cd:7f:5e:a8:da:10:cf:49:f4:13:14:22:f8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 28 22:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f46f7e0d36d005dcbe6cadfe101a6f2ebcf6a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:f5:09:d9:f9:34:0e:13:b2:2b:da:7e:a4:
80:c1:52:13:89:48:77:90:0b:f7:24:58:1b:70:15:
82:9d:0e:c5:85:f0:81:f7:59:97:3c:a5:23:04:30:
68:cc:9f:1b:92:70:74:9d:7d:7c:ed:9b:00:5a:52:
c9:4e:d6:15:7a:23:47:16:9f:4c:56:b7:9f:73:90:
1f:fc:b6:4b:7e:05:db:2d:d2:92:36:cb:ce:40:0c:
5b:fc:78:ad:dc:27:af:e4:a6:3c:f0:9c:e6:30:4e:
fc:e0:ad:a1:2d:b5:04:ea:58:fb:30:7a:a7:2b:a4:
94:19:29:ac:4d:55:6d:60:30:fa:c4:01:eb:b5:af:
10:8a:62:84:3c:99:40:7a:6c:ce:77:72:50:af:8c:
dc:ef:ad:e2:bc:17:53:ed:99:ab:40:ed:fc:10:9d:
0c:d6:64:44:df:64:21:06:85:a3:8f:af:e1:bf:20:
19:2c:3e:65:76:84:c7:51:ab:8f:04:8b:fd:03:65:
d9:4d:8b:de:5b:1f:7e:54:61:32:e3:ec:51:86:6a:
27:1e:53:85:d2:c0:90:70:b2:bb:51:b0:cc:6e:22:
2c:1a:8e:c6:f8:6e:f4:b9:0e:7a:f0:00:a2:eb:fc:
7f:32:2d:1c:76:40:28:83:28:66:e6:4d:c6:71:ad:
cf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:46:F7:E0:D3:6D:00:5D:CB:E6:CA:DF:E1:01:A6:F2:EB:CF:6A:76
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/j0b34NNtAF3L5srf4QGm8uvPanY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:11:00:d3:0d:57:e1:cb:00:af:00:cf:7a:e4:00:7e:6d:2b:
c4:5d:ea:bb:fe:d7:c3:9d:44:79:1d:fc:ce:dc:75:20:de:ca:
d7:c4:f3:43:15:70:14:e2:0f:1f:67:88:94:be:15:d8:30:1e:
b0:89:0c:52:b0:f3:1d:51:0b:a1:be:8e:37:db:d9:53:dc:65:
f3:75:18:91:2d:9e:98:80:e5:9a:7c:eb:ed:00:86:42:66:08:
7f:66:1f:8c:7b:0e:61:01:43:e9:34:21:dc:b4:75:70:a6:a5:
bb:2e:01:fc:c5:49:d8:d1:b6:92:11:21:be:61:47:0d:15:f2:
60:1d:a6:d2:90:02:d5:02:04:0d:62:e5:bb:36:aa:68:bc:ed:
c7:82:ae:65:e6:fd:cf:7d:29:70:6b:e2:8a:00:a2:44:6e:63:
7b:13:a9:7f:fc:32:21:e6:2e:36:8a:06:9c:32:1f:47:1c:6b:
f1:8d:ad:d4:f8:0c:e3:fc:76:e0:b3:96:ab:c8:b8:38:e0:c1:
8b:a0:0b:74:e2:ac:8a:d3:56:05:29:e3:f6:d7:1f:75:3f:27:
44:0c:02:90:ff:11:f1:63:ac:58:32:eb:e6:f8:f5:55:8a:44:
e3:64:14:21:57:48:97:c6:32:31:ea:49:26:90:14:c1:e7:57:
b3:11:46:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVax81/XqjaEM9J9BMUIviJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI4MjIwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQ2ZjdlMGQzNmQwMDVkY2JlNmNhZGZlMTAxYTZmMmViY2Y2YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBH1Cdn5NA4TsivafqSAwVITiUh3
kAv3JFgbcBWCnQ7FhfCB91mXPKUjBDBozJ8bknB0nX187ZsAWlLJTtYVeiNHFp9M
Vrefc5Af/LZLfgXbLdKSNsvOQAxb/Hit3Cev5KY88JzmME784K2hLbUE6lj7MHqn
K6SUGSmsTVVtYDD6xAHrta8QimKEPJlAemzOd3JQr4zc763ivBdT7ZmrQO38EJ0M
1mRE32QhBoWjj6/hvyAZLD5ldoTHUauPBIv9A2XZTYveWx9+VGEy4+xRhmonHlOF
0sCQcLK7UbDMbiIsGo7G+G70uQ568ACi6/x/Mi0cdkAogyhm5k3Gca3P+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI9G9+DTbQBdy+bK3+EBpvLrz2p2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvajBiMzROTnRBRjNMNXNyZjRRR204dXZQYW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKMRANMNV+HLAK8Az3rk
AH5tK8Rd6rv+18OdRHkd/M7cdSDeytfE80MVcBTiDx9niJS+FdgwHrCJDFKw8x1R
C6G+jjfb2VPcZfN1GJEtnpiA5Zp86+0AhkJmCH9mH4x7DmEBQ+k0Idy0dXCmpbsu
AfzFSdjRtpIRIb5hRw0V8mAdptKQAtUCBA1i5bs2qmi87ceCrmXm/c99KXBr4ooA
okRuY3sTqX/8MiHmLjaKBpwyH0cca/GNrdT4DOP8duCzlqvIuDjgwYugC3TirIrT
VgUp4/bXH3U/J0QMApD/EfFjrFgy6+b49VWKRONkFCFXSJfGMjHqSSaQFMHnV7MR
Rj0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:54:33 2025 by rpki-client