Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zGe7QufvLnuPgtykjwJ2pGdeCSk.roa
File: zGe7QufvLnuPgtykjwJ2pGdeCSk.roa (raw, json)
Hash identifier: uueGeZ04aUXwErd8NF68q4wp0x+7UV7El4eqKBXUiEQ=
Subject key identifier: CC:67:BB:42:E7:EF:2E:7B:8F:82:DC:A4:8F:02:76:A4:67:5E:09:29
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01847D58848011E5C4E558A52D751D27DD19
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zGe7QufvLnuPgtykjwJ2pGdeCSk.roa
Signing time: Tue 15 Nov 2022 22:11:03 +0000
ROA not before: Tue 15 Nov 2022 22:11:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
2001:67c:64:ffff:0:184:75cf:c8d9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7d:58:84:80:11:e5:c4:e5:58:a5:2d:75:1d:27:dd:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 15 22:11:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc67bb42e7ef2e7b8f82dca48f0276a4675e0929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f2:3d:1f:99:75:14:08:06:8c:fb:3a:2e:3e:
45:45:d6:91:12:8e:d4:52:50:bf:a8:d2:67:7b:02:
c8:21:24:73:6c:d5:af:ca:9e:0c:20:01:ae:e1:05:
39:4b:14:e8:f6:7f:fa:f5:ce:03:b4:18:bb:8c:5b:
43:b3:02:e2:7e:a6:13:d9:09:e7:f3:56:26:9c:f7:
a7:7c:28:fa:05:b8:e2:69:2d:25:43:9c:bf:d7:dd:
7c:a1:22:74:56:56:56:33:08:31:09:4a:aa:75:51:
b2:2e:77:b1:4c:de:42:1d:f4:49:18:00:d8:61:f2:
58:57:99:79:b5:d5:ca:c7:76:ff:f8:99:83:af:82:
16:2f:f5:94:e3:c0:c2:c7:20:b7:66:6f:dd:cc:8c:
cf:d0:bf:0e:14:f7:fd:f1:e6:fa:61:4c:a5:80:10:
e6:fb:72:07:e4:87:22:84:83:19:41:4d:1b:49:6b:
5c:35:de:39:26:f9:f6:4c:3c:cf:60:52:7d:80:55:
51:ae:c6:74:8f:ca:9a:59:df:59:71:63:64:01:7f:
c5:f4:70:19:8f:da:95:72:18:0b:b7:e3:56:43:fa:
fa:c1:03:10:97:d0:14:29:50:99:be:ff:8b:42:49:
e0:19:3c:5a:30:88:2d:c4:8d:e3:87:0b:da:ca:d2:
bf:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:67:BB:42:E7:EF:2E:7B:8F:82:DC:A4:8F:02:76:A4:67:5E:09:29
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zGe7QufvLnuPgtykjwJ2pGdeCSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:04:e6:1d:63:25:1a:30:6c:1c:bc:42:99:4c:a5:ef:54:fb:
a6:e4:15:78:99:60:89:c6:1d:30:3f:40:78:29:a0:9b:4b:57:
3a:a0:5e:91:51:66:11:a1:bd:93:cc:30:93:93:01:e9:36:4e:
fe:2b:89:d3:a4:ed:76:ee:25:38:24:79:f4:ca:84:11:98:34:
88:3d:14:4d:c0:d7:90:41:d7:f4:e5:41:09:cd:35:2f:6d:ed:
79:ba:62:d3:e4:da:5c:c1:64:1e:9d:83:75:85:d4:64:a7:92:
68:a2:3f:4d:be:02:9c:61:70:9d:90:1e:ec:e5:72:cd:1e:5f:
66:77:a1:a5:6b:65:50:15:ef:7c:8c:79:c5:e8:34:de:0d:45:
69:b0:ad:1d:9d:94:06:d8:bf:d6:6a:8c:6f:14:62:e4:bb:97:
02:4b:e3:37:bb:ee:2b:2f:82:29:bd:35:23:94:e6:e6:b3:ab:
30:b1:f6:e1:43:a5:66:13:42:4b:ec:4f:4e:9a:97:47:16:61:
20:46:87:6d:cb:c4:ed:e4:61:cd:5d:4d:2c:b1:fd:7a:6a:a9:
cb:cb:2e:34:f8:5b:fe:38:58:2d:f2:ba:64:87:34:4a:25:c2:
df:15:15:26:93:83:30:d7:d4:3c:fb:9d:e6:81:36:56:c2:d0:
cf:8b:fd:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYR9WISAEeXE5VilLXUdJ90ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTE1MjIxMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzY3YmI0MmU3ZWYyZTdiOGY4MmRjYTQ4ZjAyNzZhNDY3NWUwOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfI9H5l1FAgGjPs6Lj5FRdaREo7U
UlC/qNJnewLIISRzbNWvyp4MIAGu4QU5SxTo9n/69c4DtBi7jFtDswLifqYT2Qnn
81YmnPenfCj6BbjiaS0lQ5y/1918oSJ0VlZWMwgxCUqqdVGyLnexTN5CHfRJGADY
YfJYV5l5tdXKx3b/+JmDr4IWL/WU48DCxyC3Zm/dzIzP0L8OFPf98eb6YUylgBDm
+3IH5IcihIMZQU0bSWtcNd45Jvn2TDzPYFJ9gFVRrsZ0j8qaWd9ZcWNkAX/F9HAZ
j9qVchgLt+NWQ/r6wQMQl9AUKVCZvv+LQkngGTxaMIgtxI3jhwvaytK/iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMxnu0Ln7y57j4LcpI8CdqRnXgkpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvekdlN1F1ZnZMbnVQZ3R5a2p3SjJwR2RlQ1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHIE5h1jJRowbBy8QplM
pe9U+6bkFXiZYInGHTA/QHgpoJtLVzqgXpFRZhGhvZPMMJOTAek2Tv4ridOk7Xbu
JTgkefTKhBGYNIg9FE3A15BB1/TlQQnNNS9t7Xm6YtPk2lzBZB6dg3WF1GSnkmii
P02+ApxhcJ2QHuzlcs0eX2Z3oaVrZVAV73yMecXoNN4NRWmwrR2dlAbYv9ZqjG8U
YuS7lwJL4ze77isvgim9NSOU5uazqzCx9uFDpWYTQkvsT06al0cWYSBGh23LxO3k
Yc1dTSyx/XpqqcvLLjT4W/44WC3yumSHNEolwt8VFSaTgzDX1Dz7neaBNlbC0M+L
/b0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:21:57 2025 by rpki-client