Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/udInTKMNLPYEzX1zZtv8b-D2e88.roa
File: udInTKMNLPYEzX1zZtv8b-D2e88.roa (raw, json)
Hash identifier: nlJpdTJqK0YZV9QgzZF/mBMTAaBNQQmJ5kDys7pK098=
Subject key identifier: B9:D2:27:4C:A3:0D:2C:F6:04:CD:7D:73:66:DB:FC:6F:E0:F6:7B:CF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 88282D0B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/udInTKMNLPYEzX1zZtv8b-D2e88.roa
Signing time: Sun 29 May 2022 10:09:13 +0000
ROA not before: Sun 29 May 2022 10:09:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:180:ff9c:1e7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2284334347 (0x88282d0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 29 10:09:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9d2274ca30d2cf604cd7d7366dbfc6fe0f67bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:99:6a:b8:0e:31:c4:49:89:f1:0f:40:de:a2:
52:14:2d:04:6f:54:2a:e1:40:af:0f:71:31:88:b8:
a7:6e:16:d1:f9:88:cb:01:f3:1b:3e:73:b6:ea:b8:
95:cc:8c:6e:7f:de:7d:1a:7d:54:4d:85:da:bc:f0:
c9:85:93:42:d6:37:f3:f9:cf:49:21:aa:57:09:17:
51:17:76:43:d6:70:6a:61:62:2f:a8:dd:57:b8:db:
b9:91:0e:34:0d:ca:43:0b:c0:3a:01:97:ef:74:d3:
9c:c5:c2:40:e0:72:57:a5:80:83:68:8d:7a:bc:0d:
0d:f0:23:59:1a:11:ad:9a:c1:27:39:1d:87:4c:c9:
e9:75:3a:25:74:49:dd:3a:d2:27:28:c6:df:a4:d1:
70:57:6d:71:84:dc:fb:8b:67:f3:5d:29:3a:82:81:
ad:0b:b0:ee:3f:8c:55:73:a9:a5:c6:2b:87:3e:a9:
7b:a6:4c:9b:5c:50:65:8f:35:c6:9a:87:d6:19:08:
59:ff:00:0b:04:a3:0f:da:e8:e6:b0:95:f8:11:f1:
79:59:41:77:d5:d8:81:5e:e9:77:af:df:8e:0b:c1:
36:b4:67:6f:f0:c3:75:2c:5c:66:c8:75:bb:82:ac:
de:46:69:a4:6c:2d:74:0e:8b:8f:f7:1a:2a:45:07:
d3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D2:27:4C:A3:0D:2C:F6:04:CD:7D:73:66:DB:FC:6F:E0:F6:7B:CF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/udInTKMNLPYEzX1zZtv8b-D2e88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:19:2b:d9:9e:fd:5d:93:f5:90:ea:8e:16:6b:a4:98:39:5f:
13:b9:43:fd:a4:84:20:06:9d:ad:4b:28:2f:12:24:a4:15:82:
49:e4:84:4b:b1:8d:a3:fd:f5:a3:83:2d:b2:44:c8:2c:68:e3:
52:33:50:cd:df:64:1c:b8:69:32:75:1d:99:51:df:f5:e4:5e:
cb:c5:bb:20:33:64:0f:2c:4a:74:88:4f:f7:21:ae:55:c7:02:
25:90:d4:e2:ec:b8:96:29:9e:69:d0:69:ae:8c:5a:25:d4:12:
ab:b0:b2:c3:53:6e:2f:22:a7:3e:80:a7:21:4f:3e:5f:17:56:
b8:0e:15:f0:66:0c:91:6f:23:42:35:c0:32:d9:f6:e9:f3:b3:
38:6c:37:b4:df:9f:5a:18:6a:9c:62:7e:44:ff:b4:cb:11:74:
7e:a3:8f:cf:5d:ab:b4:de:b2:8a:fe:ae:00:3a:8b:fd:23:a7:
08:e4:73:c3:e2:cf:9e:85:3e:33:3e:04:b7:91:3a:eb:7b:32:
f2:a9:75:d6:24:40:1e:6b:7c:59:f8:f7:f4:ee:87:a3:b3:88:
5d:0f:cd:65:ee:aa:ad:98:fb:78:b6:63:a1:20:07:1c:41:c2:
1f:40:af:fe:a0:65:f9:09:dc:38:8b:1d:7e:c7:7a:53:2a:29:
2b:27:d3:d4
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIgoLQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjkxMDA5MTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGI5ZDIyNzRjYTMw
ZDJjZjYwNGNkN2Q3MzY2ZGJmYzZmZTBmNjdiY2YwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZmWq4DjHESYnxD0DeolIULQRvVCrhQK8PcTGIuKduFtH5
iMsB8xs+c7bquJXMjG5/3n0afVRNhdq88MmFk0LWN/P5z0khqlcJF1EXdkPWcGph
Yi+o3Ve427mRDjQNykMLwDoBl+9005zFwkDgclelgINojXq8DQ3wI1kaEa2awSc5
HYdMyel1OiV0Sd060icoxt+k0XBXbXGE3PuLZ/NdKTqCga0LsO4/jFVzqaXGK4c+
qXumTJtcUGWPNcaah9YZCFn/AAsEow/a6OawlfgR8XlZQXfV2IFe6Xev344LwTa0
Z2/ww3UsXGbIdbuCrN5GaaRsLXQOi4/3GipFB9MXAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUudInTKMNLPYEzX1zZtv8b+D2e88wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS91ZEluVEtNTkxQWUV6WDF6WnR2OGItRDJlODgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAQRkr2Z79XZP1kOqOFmukmDlfE7lD/aSEIAad
rUsoLxIkpBWCSeSES7GNo/31o4MtskTILGjjUjNQzd9kHLhpMnUdmVHf9eRey8W7
IDNkDyxKdIhP9yGuVccCJZDU4uy4limeadBproxaJdQSq7Cyw1NuLyKnPoCnIU8+
XxdWuA4V8GYMkW8jQjXAMtn26fOzOGw3tN+fWhhqnGJ+RP+0yxF0fqOPz12rtN6y
iv6uADqL/SOnCORzw+LPnoU+Mz4Et5E663sy8ql11iRAHmt8Wfj39O6Ho7OIXQ/N
Ze6qrZj7eLZjoSAHHEHCH0Cv/qBl+QncOIsdfsd6UyopKyfT1A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:18:02 2025 by rpki-client