Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-ah-08mmjE7aFCoXVahDS2cpjaI.roa
File: 1-ah-08mmjE7aFCoXVahDS2cpjaI.roa (raw, json)
Hash identifier: tMZ284beH5o7UU77RVXLb6wo3riPDqPPFJtsLSbfBd8=
Subject key identifier: F9:A8:7E:D3:C9:A6:8C:4E:DA:14:2A:17:55:A8:43:4B:67:29:8D:A2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856D08A6F4C68CD0CFE92E9406445773C5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-ah-08mmjE7aFCoXVahDS2cpjaI.roa
Signing time: Sun 01 Jan 2023 11:12:41 +0000
ROA not before: Sun 01 Jan 2023 11:12:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:08:a6:f4:c6:8c:d0:cf:e9:2e:94:06:44:57:73:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 11:12:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9a87ed3c9a68c4eda142a1755a8434b67298da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c8:b5:01:19:0d:62:05:69:eb:79:89:f8:5e:
4c:01:85:13:3e:30:81:25:a0:d5:3d:16:f4:18:b0:
d1:18:2c:7f:4f:c7:30:eb:27:9a:32:29:e9:0a:1c:
12:00:42:9b:72:9c:72:1b:50:cb:ba:ea:7e:5d:96:
c1:b9:b6:8d:71:ad:4d:ca:e7:c7:5f:5b:2a:31:fa:
24:bc:85:85:79:f4:0f:9b:3c:b5:c0:87:14:94:10:
29:4e:e2:18:55:12:34:27:c9:c7:8d:16:33:53:5e:
da:56:23:67:e7:75:88:cd:6b:fb:41:b0:fc:a2:97:
2b:92:b5:36:a7:27:a9:7c:23:cd:8c:85:b7:c5:16:
19:31:70:08:54:7b:b8:03:d6:64:59:ea:ba:f4:cf:
bf:92:56:dc:53:6c:9e:a2:e0:2b:cf:d8:2a:68:aa:
06:38:c6:24:52:47:69:24:14:03:22:48:16:1f:3f:
4e:0b:cc:75:df:dc:e9:9c:3b:84:86:d3:7c:df:a3:
21:ac:66:49:b2:4f:45:35:b3:b1:3f:3c:16:66:1d:
83:f1:99:11:bc:49:e3:80:ab:02:44:fd:53:6a:f0:
60:2c:5a:7c:9e:fb:91:ab:c6:db:58:36:06:5f:6b:
6e:89:70:74:dc:60:02:df:be:44:60:f0:5b:90:b3:
86:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A8:7E:D3:C9:A6:8C:4E:DA:14:2A:17:55:A8:43:4B:67:29:8D:A2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-ah-08mmjE7aFCoXVahDS2cpjaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:4d:44:59:2d:fe:6a:2a:e6:68:4b:2a:63:a2:8d:62:b3:0f:
d3:62:dd:49:10:d5:7b:6f:33:28:35:02:3e:0d:98:96:27:9f:
9e:ab:c2:51:e6:4a:1d:d7:a2:b6:34:69:4c:d5:38:cb:4c:70:
00:86:71:01:0f:b0:fb:10:fb:31:78:5d:5d:17:b8:a7:3b:1f:
b7:12:92:41:ed:90:03:2a:e0:29:8b:9f:dc:85:67:af:a8:09:
55:70:18:59:80:b4:d8:02:b0:06:1e:79:45:9f:25:29:69:d4:
ce:20:61:ec:d9:d0:77:ec:45:d9:0d:71:5f:68:07:82:e6:fe:
d0:54:20:3d:5c:6e:79:fd:03:f0:ee:42:9c:6d:4c:e9:20:d2:
23:ec:bb:5b:22:9e:84:df:4d:da:ad:6c:54:cd:54:8a:bf:a8:
d6:fd:82:a0:dc:46:25:52:ea:16:a7:aa:ef:4d:9e:1f:92:e1:
a3:94:79:c8:90:b3:5b:e7:e5:08:95:95:fb:50:dd:6f:8c:a4:
34:6f:8f:92:bf:b9:f8:64:4b:b2:49:65:78:33:9a:ed:b4:ed:
47:2a:bd:3d:ec:c2:bb:e9:f0:69:4f:d0:49:6c:5f:89:d1:b3:
d6:00:04:72:ac:26:c3:67:5c:37:50:ea:0b:3f:b3:02:90:fb:
7b:2f:d3:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtCKb0xozQz+kulAZEV3PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMTExMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE4N2VkM2M5YTY4YzRlZGExNDJhMTc1NWE4NDM0YjY3Mjk4ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsi1ARkNYgVp63mJ+F5MAYUTPjCB
JaDVPRb0GLDRGCx/T8cw6yeaMinpChwSAEKbcpxyG1DLuup+XZbBubaNca1NyufH
X1sqMfokvIWFefQPmzy1wIcUlBApTuIYVRI0J8nHjRYzU17aViNn53WIzWv7QbD8
opcrkrU2pyepfCPNjIW3xRYZMXAIVHu4A9ZkWeq69M+/klbcU2yeouArz9gqaKoG
OMYkUkdpJBQDIkgWHz9OC8x139zpnDuEhtN836MhrGZJsk9FNbOxPzwWZh2D8ZkR
vEnjgKsCRP1TavBgLFp8nvuRq8bbWDYGX2tuiXB03GAC375EYPBbkLOGeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPmoftPJpoxO2hQqF1WoQ0tnKY2iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1haC0wOG1takU3YUZDb1hWYWhEUzJjcGphSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCaTURZLf5qKuZoSypj
oo1isw/TYt1JENV7bzMoNQI+DZiWJ5+eq8JR5kod16K2NGlM1TjLTHAAhnEBD7D7
EPsxeF1dF7inOx+3EpJB7ZADKuApi5/chWevqAlVcBhZgLTYArAGHnlFnyUpadTO
IGHs2dB37EXZDXFfaAeC5v7QVCA9XG55/QPw7kKcbUzpINIj7LtbIp6E303arWxU
zVSKv6jW/YKg3EYlUuoWp6rvTZ4fkuGjlHnIkLNb5+UIlZX7UN1vjKQ0b4+Sv7n4
ZEuySWV4M5rttO1HKr097MK76fBpT9BJbF+J0bPWAARyrCbDZ1w3UOoLP7MCkPt7
L9NI
-----END CERTIFICATE-----
Generated at Thu May 1 05:00:34 2025 by rpki-client