Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zPR4g32aZExMfAv4SZyeJ4OveLw.roa
File: zPR4g32aZExMfAv4SZyeJ4OveLw.roa (raw, json)
Hash identifier: gRJ9Jyvz9mEAnoGmFsk5MK0OGdaF8Y4uJU9M+8DxSDg=
Subject key identifier: CC:F4:78:83:7D:9A:64:4C:4C:7C:0B:F8:49:9C:9E:27:83:AF:78:BC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018541E4A4B38A66CD8602A96A4473AEB5D2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zPR4g32aZExMfAv4SZyeJ4OveLw.roa
Signing time: Sat 24 Dec 2022 02:09:41 +0000
ROA not before: Sat 24 Dec 2022 02:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:41:e4:a4:b3:8a:66:cd:86:02:a9:6a:44:73:ae:b5:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 02:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ccf478837d9a644c4c7c0bf8499c9e2783af78bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:25:95:ef:8a:b4:14:d0:04:68:81:80:d8:3e:
64:fb:02:c3:78:ff:45:3a:6f:33:67:71:77:2f:f0:
d1:d1:a0:ea:a0:56:7c:db:1b:f2:7b:e2:3c:16:fe:
77:9b:a8:cf:f3:77:14:b8:ba:3a:ca:0e:09:ea:92:
9d:a5:55:62:65:d5:b3:2e:da:48:75:03:41:e2:c2:
42:34:62:25:a0:f5:a4:66:69:4c:93:fa:1c:f9:13:
d1:ed:4c:d9:d6:23:ed:5e:5b:4e:85:9f:35:df:d3:
87:ef:4d:ba:69:78:88:9b:19:19:f0:04:e2:24:b5:
4a:3a:9a:d6:19:a0:08:74:e6:e2:aa:33:f4:7a:3c:
b1:a4:41:12:e1:1f:da:50:59:53:55:a1:b0:f0:02:
54:86:0d:78:67:ff:19:88:6c:75:19:3b:05:14:60:
82:67:53:5f:90:33:61:c2:88:a3:34:55:9c:ac:50:
30:f8:6c:0c:f6:93:90:27:8d:01:3f:f5:04:39:52:
d1:9e:ce:66:c1:a1:cc:02:87:16:53:2e:3b:31:13:
f7:56:34:0e:fd:69:20:94:2d:8a:1d:aa:b5:04:1b:
20:4e:8c:0f:b1:83:56:bd:29:16:a1:f4:25:16:9d:
81:87:46:3b:25:7a:97:52:0b:e7:25:80:57:67:2e:
d5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F4:78:83:7D:9A:64:4C:4C:7C:0B:F8:49:9C:9E:27:83:AF:78:BC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zPR4g32aZExMfAv4SZyeJ4OveLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:92:a1:c7:93:01:43:4c:0c:dc:7e:05:ee:e9:62:c2:ff:94:
20:9e:21:e8:59:a3:62:3e:76:38:9c:3c:24:f8:f9:61:fc:5c:
c1:ab:c1:c5:07:7b:1f:f7:3d:72:35:53:c9:59:31:a5:59:74:
a6:df:bf:c3:a4:fe:80:e6:9c:f3:c3:61:4b:37:e4:b1:4c:e2:
f8:5f:33:8b:a0:91:fc:9f:54:fe:6a:ac:0b:80:b9:a7:f1:08:
4b:9b:36:a8:72:8b:29:57:e5:5c:a8:57:4f:a5:05:80:f2:b9:
a1:f2:9e:49:d1:32:b1:ac:c2:c0:11:b0:58:24:57:b6:2a:b3:
93:7d:ef:21:2b:d2:13:6b:4c:00:c1:be:74:cd:d3:02:ef:cb:
3e:3b:35:be:92:00:1a:12:b7:ee:98:bf:82:df:76:da:b7:f6:
27:73:a7:16:07:10:9b:fe:a5:2b:5c:c7:6d:5e:2c:2f:c5:4d:
d5:81:9b:8b:1e:d9:90:68:ac:b4:00:71:6f:b6:36:5b:8d:75:
8b:62:ff:43:85:62:e9:9b:c1:4d:89:4e:a7:a8:e9:b5:29:17:
7a:9b:ec:35:f2:8b:c3:cc:26:8c:38:61:af:67:6b:c3:03:af:
6f:95:1e:ca:b9:3c:f6:4d:bc:6a:6d:63:55:cf:36:87:b4:e0:
0f:89:1e:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVB5KSzimbNhgKpakRzrrXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MDIwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2Y0Nzg4MzdkOWE2NDRjNGM3YzBiZjg0OTljOWUyNzgzYWY3OGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SWV74q0FNAEaIGA2D5k+wLDeP9F
Om8zZ3F3L/DR0aDqoFZ82xvye+I8Fv53m6jP83cUuLo6yg4J6pKdpVViZdWzLtpI
dQNB4sJCNGIloPWkZmlMk/oc+RPR7UzZ1iPtXltOhZ8139OH7026aXiImxkZ8ATi
JLVKOprWGaAIdObiqjP0ejyxpEES4R/aUFlTVaGw8AJUhg14Z/8ZiGx1GTsFFGCC
Z1NfkDNhwoijNFWcrFAw+GwM9pOQJ40BP/UEOVLRns5mwaHMAocWUy47MRP3VjQO
/WkglC2KHaq1BBsgTowPsYNWvSkWofQlFp2Bh0Y7JXqXUgvnJYBXZy7VbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMz0eIN9mmRMTHwL+EmcnieDr3i8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvelBSNGczMmFaRXhNZkF2NFNaeWVKNE92ZUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACWSoceTAUNMDNx+Be7p
YsL/lCCeIehZo2I+djicPCT4+WH8XMGrwcUHex/3PXI1U8lZMaVZdKbfv8Ok/oDm
nPPDYUs35LFM4vhfM4ugkfyfVP5qrAuAuafxCEubNqhyiylX5VyoV0+lBYDyuaHy
nknRMrGswsARsFgkV7Yqs5N97yEr0hNrTADBvnTN0wLvyz47Nb6SABoSt+6Yv4Lf
dtq39idzpxYHEJv+pStcx21eLC/FTdWBm4se2ZBorLQAcW+2NluNdYti/0OFYumb
wU2JTqeo6bUpF3qb7DXyi8PMJow4Ya9na8MDr2+VHsq5PPZNvGptY1XPNoe04A+J
Hrg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:48:28 2025 by rpki-client