Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0xEtEfih_04k0q8-G4_WhJiLRf0.roa
File: 0xEtEfih_04k0q8-G4_WhJiLRf0.roa (raw, json)
Hash identifier: lrvMgHaIU0zBjK3GLqHn1Nio8DPb+SfF3vR1L4BjQYg=
Subject key identifier: D3:11:2D:11:F8:A1:FF:4E:24:D2:AF:3E:1B:8F:D6:84:98:8B:45:FD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184F5F00DA5ABE9EA32EBDADC4C0616C8DD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0xEtEfih_04k0q8-G4_WhJiLRf0.roa
Signing time: Fri 09 Dec 2022 08:11:00 +0000
ROA not before: Fri 09 Dec 2022 08:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f5:f0:0d:a5:ab:e9:ea:32:eb:da:dc:4c:06:16:c8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 9 08:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3112d11f8a1ff4e24d2af3e1b8fd684988b45fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0c:13:81:02:ef:a8:13:e8:4a:b6:81:46:b8:
54:b3:90:fe:9a:a4:32:e6:fb:ac:16:25:b1:73:c8:
7a:ac:83:8d:e4:cb:ac:08:ab:94:72:ed:a7:aa:94:
58:ae:c4:4c:cf:79:3b:40:d2:ea:20:be:df:f5:f5:
25:d7:4e:d5:37:0e:17:d6:50:c5:db:fe:e9:15:0e:
58:24:03:32:2c:09:bc:82:da:01:9b:b5:47:f3:95:
4d:88:ae:b0:81:e4:d1:9f:47:80:03:91:ac:cb:74:
e5:a4:8b:d1:10:be:e5:5c:b6:2e:4e:b1:0f:4e:3d:
f7:1b:45:bf:ad:04:70:fd:4a:d3:fe:3b:93:d4:60:
6e:5d:55:73:17:6f:63:6d:f8:12:51:26:e1:88:64:
48:63:14:68:9a:c8:48:19:97:e0:c6:c2:8a:5f:62:
80:3f:7d:4c:0b:77:18:01:2d:82:d5:6b:7a:75:bb:
c4:f8:17:35:90:f7:6d:b4:a9:37:86:c5:ad:e6:35:
ca:92:5f:c8:a6:59:42:99:07:e9:44:56:28:1f:1c:
52:a7:9d:20:ef:a5:53:fc:e5:39:48:fd:d3:fd:60:
d3:4b:da:51:55:7c:e0:a9:e4:b0:62:80:e4:c7:cc:
63:9e:ff:2e:19:1e:04:0b:91:7e:10:8e:0e:ee:f0:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:11:2D:11:F8:A1:FF:4E:24:D2:AF:3E:1B:8F:D6:84:98:8B:45:FD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0xEtEfih_04k0q8-G4_WhJiLRf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:64:44:d4:26:95:b0:0b:35:94:44:6a:34:1e:a2:b8:c7:17:
49:1b:73:9a:11:cd:ae:a2:c0:98:64:33:d4:be:4b:a6:80:a1:
a4:d7:67:90:35:9e:14:d8:78:53:29:52:66:bd:8c:74:fd:ef:
f8:b4:34:94:ac:b7:aa:6a:b6:65:85:7c:c3:86:83:82:f3:9d:
7c:ec:bd:b0:51:23:df:25:a1:da:6a:13:07:f0:95:b8:96:99:
bd:3b:b2:cf:f7:66:69:de:e5:31:28:fc:c7:92:e3:67:3b:66:
ce:ec:b8:0f:ae:54:7e:90:94:48:1c:e6:e4:4d:57:38:1d:31:
ea:c0:c5:c5:fe:0e:66:2e:ce:4b:e2:b5:40:e9:bf:37:cd:4f:
09:69:6d:88:b2:23:fc:07:a3:fd:f8:b2:ac:1e:ef:44:21:b9:
b1:1e:0c:e5:2f:5d:d3:36:17:8b:16:59:67:f4:a1:4d:37:1f:
83:66:51:c0:40:9b:1f:4f:72:b9:30:3c:5b:fb:6b:7e:17:bc:
71:dc:f7:55:fd:20:ad:21:f3:7c:bf:61:f5:54:d8:10:e4:d1:
1b:9d:fb:66:ca:75:a0:dc:6a:f3:53:dc:a4:61:2f:68:dd:68:
e4:6e:aa:d4:27:d9:d1:03:7b:a0:ac:08:9f:7f:12:8f:2b:30:
2c:6a:79:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYT18A2lq+nqMuva3EwGFsjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA5MDgxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzExMmQxMWY4YTFmZjRlMjRkMmFmM2UxYjhmZDY4NDk4OGI0NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQwTgQLvqBPoSraBRrhUs5D+mqQy
5vusFiWxc8h6rION5MusCKuUcu2nqpRYrsRMz3k7QNLqIL7f9fUl107VNw4X1lDF
2/7pFQ5YJAMyLAm8gtoBm7VH85VNiK6wgeTRn0eAA5Gsy3TlpIvREL7lXLYuTrEP
Tj33G0W/rQRw/UrT/juT1GBuXVVzF29jbfgSUSbhiGRIYxRomshIGZfgxsKKX2KA
P31MC3cYAS2C1Wt6dbvE+Bc1kPdttKk3hsWt5jXKkl/IpllCmQfpRFYoHxxSp50g
76VT/OU5SP3T/WDTS9pRVXzgqeSwYoDkx8xjnv8uGR4EC5F+EI4O7vDI/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMRLRH4of9OJNKvPhuP1oSYi0X9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMHhFdEVmaWhfMDRrMHE4LUc0X1doSmlMUmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHRkRNQmlbALNZREajQe
orjHF0kbc5oRza6iwJhkM9S+S6aAoaTXZ5A1nhTYeFMpUma9jHT97/i0NJSst6pq
tmWFfMOGg4LznXzsvbBRI98lodpqEwfwlbiWmb07ss/3Zmne5TEo/MeS42c7Zs7s
uA+uVH6QlEgc5uRNVzgdMerAxcX+DmYuzkvitUDpvzfNTwlpbYiyI/wHo/34sqwe
70QhubEeDOUvXdM2F4sWWWf0oU03H4NmUcBAmx9PcrkwPFv7a34XvHHc91X9IK0h
83y/YfVU2BDk0Rud+2bKdaDcavNT3KRhL2jdaORuqtQn2dEDe6CsCJ9/Eo8rMCxq
eQA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:22 2025 by rpki-client