Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0aO8op7irvcbdbJnvjffyGi1jA8.roa
File: 0aO8op7irvcbdbJnvjffyGi1jA8.roa (raw, json)
Hash identifier: g2KjYfE/VM47xut4ZNIeTv8C0N5kuQ1Ms11cDU+IxFA=
Subject key identifier: D1:A3:BC:A2:9E:E2:AE:F7:1B:75:B2:67:BE:37:DF:C8:68:B5:8C:0F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186308362E160DADEB3ADB7D368C8FE98FD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0aO8op7irvcbdbJnvjffyGi1jA8.roa
Signing time: Wed 08 Feb 2023 10:12:42 +0000
ROA not before: Wed 08 Feb 2023 10:12:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:83:62:e1:60:da:de:b3:ad:b7:d3:68:c8:fe:98:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 8 10:12:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1a3bca29ee2aef71b75b267be37dfc868b58c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:94:d9:fa:35:a6:9f:af:bf:1c:85:dd:35:3c:
38:08:67:1a:b7:f4:16:d7:75:30:98:66:42:de:aa:
b6:d7:6d:1e:c3:9b:ab:84:e9:41:f8:00:55:be:8a:
ff:60:20:5e:7f:8a:c2:14:d9:7e:4b:42:29:bd:f8:
d6:13:46:b1:08:fa:47:91:59:5e:5c:4c:5d:f2:d7:
31:0a:24:41:24:6f:e0:ac:9a:23:f1:ee:e8:a8:e5:
75:ad:66:de:dc:b6:09:c9:d4:92:37:c9:ac:3a:b9:
78:01:fc:df:b6:30:ad:24:9e:6b:02:ad:9e:ef:34:
79:42:5d:5b:08:34:28:0d:d5:4f:eb:34:58:ea:4e:
37:5a:82:74:f4:d2:48:2a:a7:e2:32:db:75:3b:73:
78:af:8b:e6:4d:7f:f3:59:9f:9e:2a:ac:25:5c:7d:
15:2d:d5:9a:e2:d3:fd:f5:35:79:b8:5f:0d:a4:29:
2c:a7:08:bd:41:7f:c8:ca:64:e8:1f:d0:42:24:a7:
04:b9:7a:37:4f:05:7e:54:cb:a3:43:92:82:de:97:
f3:df:04:ea:0a:9c:15:fe:33:3a:7f:8f:b4:9c:33:
97:ae:ac:bd:88:74:be:f7:7c:2f:05:23:12:d3:51:
8c:00:4d:e3:a5:b0:d2:82:7e:cb:12:54:e8:61:5f:
df:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A3:BC:A2:9E:E2:AE:F7:1B:75:B2:67:BE:37:DF:C8:68:B5:8C:0F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0aO8op7irvcbdbJnvjffyGi1jA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:88:87:20:7b:f4:af:69:10:bc:b2:33:e2:e7:2d:bc:d5:16:
7e:06:39:a9:9e:99:f3:29:a3:e6:2a:4a:7f:e1:6b:43:87:2a:
e0:1c:f9:2c:d9:6d:de:89:e2:e1:4b:fd:40:f1:90:33:1c:8a:
c7:80:16:c1:4a:8c:77:44:d7:4a:c2:2d:f2:ee:fd:5e:d9:2e:
18:3a:d2:ac:c4:53:4f:e5:89:5e:16:be:25:98:43:6c:f8:5c:
6b:05:61:51:d5:7e:45:94:fb:4e:c7:fa:15:9b:f2:3b:a5:10:
6e:c0:e0:20:6f:ce:21:77:ad:fc:87:17:80:38:56:71:e4:9f:
33:40:9e:2a:ff:06:e7:a9:1b:91:7e:9b:a6:ff:ae:23:48:b7:
a9:c2:6a:39:e4:79:47:7f:f6:06:6b:44:db:fc:5c:58:f1:b6:
1c:04:a8:77:8a:56:3b:c9:03:ea:5d:59:21:7e:c6:b8:08:10:
bd:2a:e1:09:dc:75:24:54:b5:40:44:61:ec:0d:3e:f3:72:c5:
03:de:48:de:c5:4c:1d:00:90:00:25:97:59:1a:ba:b1:75:31:
97:bd:ec:0f:76:84:df:9b:0a:6f:55:ba:98:bd:5a:ce:4f:42:
04:7e:40:72:2e:1c:fb:b5:80:55:d1:1e:fe:51:9a:50:21:04:
6a:64:7d:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYwg2LhYNres62302jI/pj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA4MTAxMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWEzYmNhMjllZTJhZWY3MWI3NWIyNjdiZTM3ZGZjODY4YjU4YzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5TZ+jWmn6+/HIXdNTw4CGcat/QW
13UwmGZC3qq2120ew5urhOlB+ABVvor/YCBef4rCFNl+S0IpvfjWE0axCPpHkVle
XExd8tcxCiRBJG/grJoj8e7oqOV1rWbe3LYJydSSN8msOrl4AfzftjCtJJ5rAq2e
7zR5Ql1bCDQoDdVP6zRY6k43WoJ09NJIKqfiMtt1O3N4r4vmTX/zWZ+eKqwlXH0V
LdWa4tP99TV5uF8NpCkspwi9QX/IymToH9BCJKcEuXo3TwV+VMujQ5KC3pfz3wTq
CpwV/jM6f4+0nDOXrqy9iHS+93wvBSMS01GMAE3jpbDSgn7LElToYV/fJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNGjvKKe4q73G3WyZ74338hotYwPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMGFPOG9wN2lydmNiZGJKbnZqZmZ5R2kxakE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALOIhyB79K9pELyyM+Ln
LbzVFn4GOamemfMpo+YqSn/ha0OHKuAc+SzZbd6J4uFL/UDxkDMciseAFsFKjHdE
10rCLfLu/V7ZLhg60qzEU0/liV4WviWYQ2z4XGsFYVHVfkWU+07H+hWb8julEG7A
4CBvziF3rfyHF4A4VnHknzNAnir/BuepG5F+m6b/riNIt6nCajnkeUd/9gZrRNv8
XFjxthwEqHeKVjvJA+pdWSF+xrgIEL0q4QncdSRUtUBEYewNPvNyxQPeSN7FTB0A
kAAll1kaurF1MZe97A92hN+bCm9Vupi9Ws5PQgR+QHIuHPu1gFXRHv5RmlAhBGpk
fcA=
-----END CERTIFICATE-----
Generated at Thu May 1 12:53:44 2025 by rpki-client