Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0QcPA5f5XgeQ2fLd-buGEz8a4mM.roa
File: 0QcPA5f5XgeQ2fLd-buGEz8a4mM.roa (raw, json)
Hash identifier: BIdVzagnsbb4bzGxsYINpm5tjp7fKmTj4+gtgYqp02s=
Subject key identifier: D1:07:0F:03:97:F9:5E:07:90:D9:F2:DD:F9:BB:86:13:3F:1A:E2:63
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185BEC814D503B62A1AE6376E0D7F13DC3D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0QcPA5f5XgeQ2fLd-buGEz8a4mM.roa
Signing time: Tue 17 Jan 2023 08:11:01 +0000
ROA not before: Tue 17 Jan 2023 08:11:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:ba40:6692/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:c8:14:d5:03:b6:2a:1a:e6:37:6e:0d:7f:13:dc:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 17 08:11:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1070f0397f95e0790d9f2ddf9bb86133f1ae263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:65:75:7a:43:be:00:9a:c9:26:6a:07:11:5a:
ad:05:f3:27:e5:4b:8d:ff:c5:80:b8:55:4a:2a:e3:
22:dd:89:76:60:77:a2:f5:ee:69:00:b0:3f:2b:f1:
f0:d0:2f:c8:86:ca:e1:09:8c:cd:d0:d8:ba:79:a4:
28:ba:a3:18:b2:3c:e9:b7:c7:99:03:92:4e:60:fc:
dd:dd:eb:44:9c:d2:00:21:a7:72:fc:6a:6a:36:2f:
b5:60:6a:c9:4d:9c:d6:db:25:9f:35:27:c8:3f:40:
e5:0a:c6:f1:d6:68:29:5b:b3:c5:94:d1:5f:8a:6c:
f9:42:76:20:10:8e:5d:9b:72:9b:ae:5b:dc:3c:26:
23:53:b9:11:0e:38:66:54:dc:24:3a:e5:23:32:76:
f1:1c:7d:95:ed:a8:9f:74:4a:97:ca:ad:77:5d:16:
e8:d9:6c:be:b9:9d:80:80:dd:c3:c6:ef:c0:14:5b:
68:4f:9f:a3:31:99:48:e3:1e:de:4b:9a:f8:9e:17:
2e:e0:fe:50:fb:d6:2e:e7:70:6b:b6:6b:41:fc:f3:
ac:87:84:f7:a1:be:b0:48:67:d3:d3:56:14:eb:a7:
ba:01:15:38:f6:21:44:b3:e5:9a:3c:7e:14:f1:3a:
29:be:12:38:b1:c3:89:e6:e9:1d:77:3a:a6:7e:fa:
90:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:07:0F:03:97:F9:5E:07:90:D9:F2:DD:F9:BB:86:13:3F:1A:E2:63
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0QcPA5f5XgeQ2fLd-buGEz8a4mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:9a:bd:d2:52:74:59:47:d4:ee:fb:0d:8c:e3:28:8d:94:12:
de:a7:5e:dd:66:73:b0:59:97:75:ee:99:39:02:14:81:c7:fc:
fa:73:99:b3:27:07:9a:9b:62:b0:70:be:07:c2:ab:7a:a1:63:
9d:e0:93:f0:52:7e:c9:97:1c:17:64:6c:9a:74:19:b8:c9:45:
de:eb:e0:2e:0e:85:bc:5d:a2:b4:92:17:25:c1:7b:ea:10:0e:
71:80:84:00:87:a7:23:23:ff:82:d9:3b:17:44:9a:01:3c:63:
73:60:de:17:36:f7:43:2d:1a:86:45:22:e9:13:ba:69:de:49:
0b:a0:c5:5e:09:9e:7d:7b:78:d3:b6:6a:50:55:92:9c:a9:23:
06:6b:86:f4:8f:e0:c2:4c:48:57:a8:b6:33:c3:53:e0:ed:87:
34:ca:5e:a2:db:21:11:dc:cd:9c:a7:ae:53:02:57:0d:5e:80:
3c:65:8f:76:66:8d:9d:cd:02:69:ca:c5:db:1c:c8:99:ad:76:
ef:9e:a0:ae:6f:99:41:9c:39:e4:b5:35:45:00:4e:5c:e8:70:
7c:b9:09:3b:40:5a:93:16:4a:58:79:27:47:d6:d3:aa:78:35:
3d:87:73:a4:61:a2:ae:b2:06:d6:2f:d3:ae:23:19:54:fd:90:
06:f0:1b:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYW+yBTVA7YqGuY3bg1/E9w9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE3MDgxMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA3MGYwMzk3Zjk1ZTA3OTBkOWYyZGRmOWJiODYxMzNmMWFlMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2V1ekO+AJrJJmoHEVqtBfMn5UuN
/8WAuFVKKuMi3Yl2YHei9e5pALA/K/Hw0C/IhsrhCYzN0Ni6eaQouqMYsjzpt8eZ
A5JOYPzd3etEnNIAIady/GpqNi+1YGrJTZzW2yWfNSfIP0DlCsbx1mgpW7PFlNFf
imz5QnYgEI5dm3KbrlvcPCYjU7kRDjhmVNwkOuUjMnbxHH2V7aifdEqXyq13XRbo
2Wy+uZ2AgN3Dxu/AFFtoT5+jMZlI4x7eS5r4nhcu4P5Q+9Yu53BrtmtB/POsh4T3
ob6wSGfT01YU66e6ARU49iFEs+WaPH4U8TopvhI4scOJ5ukddzqmfvqQ5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNEHDwOX+V4HkNny3fm7hhM/GuJjMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMFFjUEE1ZjVYZ2VRMmZMZC1idUdFejhhNG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHCavdJSdFlH1O77DYzj
KI2UEt6nXt1mc7BZl3XumTkCFIHH/PpzmbMnB5qbYrBwvgfCq3qhY53gk/BSfsmX
HBdkbJp0GbjJRd7r4C4OhbxdorSSFyXBe+oQDnGAhACHpyMj/4LZOxdEmgE8Y3Ng
3hc290MtGoZFIukTumneSQugxV4Jnn17eNO2alBVkpypIwZrhvSP4MJMSFeotjPD
U+DthzTKXqLbIRHczZynrlMCVw1egDxlj3ZmjZ3NAmnKxdscyJmtdu+eoK5vmUGc
OeS1NUUATlzocHy5CTtAWpMWSlh5J0fW06p4NT2Hc6Rhoq6yBtYv064jGVT9kAbw
G0E=
-----END CERTIFICATE-----
Generated at Fri May 2 12:39:05 2025 by rpki-client