Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kDLyws0yjobq5DfmTkqurD_ARMA.roa
File: kDLyws0yjobq5DfmTkqurD_ARMA.roa (raw, json)
Hash identifier: uUt0naUTYXD/2ldLWz+dJhRYSx6JUzjFwjg3VMCD3w4=
Subject key identifier: 90:32:F2:C2:CD:32:8E:86:EA:E4:37:E6:4E:4A:AE:AC:3F:C0:44:C0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184EA5AAA1524D4B948DACF4DF8757EC461
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kDLyws0yjobq5DfmTkqurD_ARMA.roa
Signing time: Wed 07 Dec 2022 02:12:00 +0000
ROA not before: Wed 07 Dec 2022 02:12:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ea:5a:aa:15:24:d4:b9:48:da:cf:4d:f8:75:7e:c4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 7 02:12:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9032f2c2cd328e86eae437e64e4aaeac3fc044c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:85:17:a6:54:17:04:89:d2:0c:4c:f4:02:d2:
0f:b8:77:e8:be:01:07:59:42:96:74:3d:28:2a:5f:
ee:00:4e:45:65:46:12:d8:30:59:7e:44:d4:1a:b1:
af:e0:7c:f8:91:cb:c4:ef:45:30:d6:1e:e8:4e:29:
a1:29:b1:f1:f3:a8:75:1d:04:05:be:4c:46:59:79:
81:27:fe:83:fa:de:00:d5:75:69:7b:bb:5d:5d:70:
c2:83:99:1b:7c:7b:30:1c:44:e7:6f:36:ed:1e:d4:
a1:d5:98:59:8f:66:9f:80:52:ac:83:fa:f3:2f:e6:
f1:dd:f5:43:16:4c:df:f3:6c:ee:9b:b9:1b:d2:12:
9f:42:7f:ba:31:ed:eb:a4:b6:2e:6a:76:c0:43:b6:
c5:2c:61:7e:3d:21:00:a6:33:de:cc:9c:23:72:6d:
75:2e:bb:2c:92:c6:18:5e:05:dc:f6:fd:9e:1f:a8:
ea:7a:83:30:e5:3c:b8:8f:b1:91:73:12:ef:44:a8:
7f:dc:44:da:0b:4d:ce:d0:d5:8f:29:34:a0:b2:bc:
34:8b:e7:5a:e0:9e:31:4b:8d:0a:0e:1c:af:31:af:
42:68:95:13:de:25:60:24:a5:39:05:91:2c:ed:79:
14:04:84:fc:a1:56:92:70:d7:e1:2d:71:a1:6b:79:
ea:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:32:F2:C2:CD:32:8E:86:EA:E4:37:E6:4E:4A:AE:AC:3F:C0:44:C0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kDLyws0yjobq5DfmTkqurD_ARMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:24:c3:19:62:d5:8d:28:52:54:5b:aa:d6:05:46:ae:28:f2:
66:7a:cb:c5:7f:0e:51:9a:ff:0b:f8:e5:8e:61:71:2e:45:bd:
36:67:b9:d0:c7:72:a0:41:2d:e3:ed:84:c0:03:1e:02:02:6d:
b0:6b:c7:3a:be:ac:1b:a8:38:7e:b5:c3:63:ad:48:31:19:de:
85:71:bd:dc:da:ef:e3:f7:6f:4a:7d:1f:b4:23:ed:7c:35:f8:
8a:33:6b:07:51:24:7c:27:38:56:79:1f:c2:29:e3:5e:91:91:
b3:cf:d1:63:7c:58:38:6c:b6:ed:12:96:58:90:59:8b:eb:6a:
2b:94:f3:58:3d:11:74:d1:74:a5:f7:04:c9:c3:4d:53:38:d5:
f8:c9:c2:26:9f:37:72:2e:e1:da:b5:56:fc:49:19:0d:f9:97:
c3:e1:8c:25:9b:26:4a:77:ee:0b:55:9c:06:fb:9f:22:32:8b:
3d:25:47:8a:a7:e6:8f:23:1e:9b:03:50:2d:6c:37:0c:26:e9:
68:eb:26:91:27:ec:0e:4a:bb:54:99:82:96:fb:02:5b:54:77:
ae:39:2f:6a:d9:37:69:b0:c4:de:40:38:18:6e:73:2d:41:37:
3a:87:43:4d:b3:84:6b:bb:35:13:27:c7:e5:69:25:b8:1b:b6:
a9:7f:94:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTqWqoVJNS5SNrPTfh1fsRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA3MDIxMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDMyZjJjMmNkMzI4ZTg2ZWFlNDM3ZTY0ZTRhYWVhYzNmYzA0NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYUXplQXBInSDEz0AtIPuHfovgEH
WUKWdD0oKl/uAE5FZUYS2DBZfkTUGrGv4Hz4kcvE70Uw1h7oTimhKbHx86h1HQQF
vkxGWXmBJ/6D+t4A1XVpe7tdXXDCg5kbfHswHETnbzbtHtSh1ZhZj2afgFKsg/rz
L+bx3fVDFkzf82zum7kb0hKfQn+6Me3rpLYuanbAQ7bFLGF+PSEApjPezJwjcm11
LrssksYYXgXc9v2eH6jqeoMw5Ty4j7GRcxLvRKh/3ETaC03O0NWPKTSgsrw0i+da
4J4xS40KDhyvMa9CaJUT3iVgJKU5BZEs7XkUBIT8oVaScNfhLXGha3nqxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJAy8sLNMo6G6uQ35k5Krqw/wETAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva0RMeXdzMHlqb2JxNURmbVRrcXVyRF9BUk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQkwxli1Y0oUlRbqtYF
Rq4o8mZ6y8V/DlGa/wv45Y5hcS5FvTZnudDHcqBBLePthMADHgICbbBrxzq+rBuo
OH61w2OtSDEZ3oVxvdza7+P3b0p9H7Qj7Xw1+IozawdRJHwnOFZ5H8Ip416RkbPP
0WN8WDhstu0SlliQWYvraiuU81g9EXTRdKX3BMnDTVM41fjJwiafN3Iu4dq1VvxJ
GQ35l8PhjCWbJkp37gtVnAb7nyIyiz0lR4qn5o8jHpsDUC1sNwwm6WjrJpEn7A5K
u1SZgpb7AltUd645L2rZN2mwxN5AOBhucy1BNzqHQ02zhGu7NRMnx+VpJbgbtql/
lBw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:42:32 2025 by rpki-client