Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2OSAE6tfhG-v6ErlZsh1ov9cm0w.roa
File: 2OSAE6tfhG-v6ErlZsh1ov9cm0w.roa (raw, json)
Hash identifier: 1fmPNpHf1KRZK2BKtv13HwGI1Qr1rbifDOoBL+LwFVA=
Subject key identifier: D8:E4:80:13:AB:5F:84:6F:AF:E8:4A:E5:66:C8:75:A2:FF:5C:9B:4C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A07E38194A5BCE638E879A6D63047BEBD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2OSAE6tfhG-v6ErlZsh1ov9cm0w.roa
Signing time: Fri 18 Aug 2023 09:04:24 +0000
ROA not before: Fri 18 Aug 2023 09:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:18a:7e3:6776/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:e3:81:94:a5:bc:e6:38:e8:79:a6:d6:30:47:be:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 18 09:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8e48013ab5f846fafe84ae566c875a2ff5c9b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3c:0e:13:8c:ba:7b:a4:54:84:db:62:47:d5:
b9:c0:a4:23:6c:30:14:0b:20:9f:8a:60:df:0b:2c:
81:9a:ad:33:dd:ad:43:ef:be:00:2a:f0:ad:30:fd:
66:07:e1:43:29:b7:5e:92:81:bc:f2:73:a3:20:71:
6d:76:1d:60:10:f8:a3:3f:13:a5:7b:b6:d6:e2:4e:
08:1e:75:32:b2:2f:ed:ce:80:1f:e3:93:67:c5:1d:
42:4d:c6:1c:68:19:73:01:7a:45:ab:a1:8f:83:c5:
92:52:a5:05:2c:64:15:e2:48:dd:d4:d7:35:f3:8e:
71:39:c8:23:9f:66:fb:6a:d7:59:59:88:7a:fc:7f:
58:b9:d2:f5:35:7b:d4:32:a1:ff:dd:91:87:dd:cf:
52:a0:d0:de:e7:7b:8f:e5:af:7f:cc:32:a4:25:98:
1a:c5:4f:24:2d:c1:51:1f:c2:e4:d3:4e:f9:57:d0:
8d:78:f5:0b:b3:59:3c:16:42:2f:24:5c:a6:86:a1:
6d:bd:94:29:de:87:7d:94:ab:53:f9:cd:a2:79:8e:
27:e3:36:7f:42:de:43:fc:3f:f7:1f:13:fd:37:bf:
f8:c4:33:4b:f9:03:d4:51:90:ee:4b:b6:c5:7e:ce:
41:d8:0f:43:1d:73:e4:4d:1c:09:bf:71:3d:37:fa:
46:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E4:80:13:AB:5F:84:6F:AF:E8:4A:E5:66:C8:75:A2:FF:5C:9B:4C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2OSAE6tfhG-v6ErlZsh1ov9cm0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:f9:f2:0e:d5:cb:52:3a:bf:3c:3b:45:29:c9:57:3a:4b:b2:
27:96:03:10:89:d0:87:b8:5c:8e:a8:e0:cd:1e:30:be:e7:65:
4d:23:e5:f8:37:f5:31:f8:c7:c7:59:b8:8d:b2:5d:10:74:6b:
16:79:ac:dc:f2:72:8e:ed:ac:09:ff:b1:e6:eb:9d:1a:d3:11:
24:92:4d:ed:46:34:58:ab:14:5d:ee:fc:6d:ba:30:e5:28:17:
ef:05:14:8b:65:4d:b4:d1:a5:37:d0:81:b5:6a:d9:6d:20:bf:
7b:25:72:bf:40:6c:46:ee:f7:a8:ea:1d:eb:14:26:34:f1:b6:
5b:4d:43:27:7a:db:6d:09:28:c9:bc:df:df:f7:19:f8:e7:27:
8e:76:dc:19:d5:20:51:fc:f2:4e:96:1e:64:4d:d5:a8:01:db:
fa:d2:cd:45:53:77:44:1d:84:e9:62:b1:9a:c7:37:54:63:50:
67:da:92:9e:5c:2d:c9:33:cf:41:a1:8f:c8:68:e6:61:9a:61:
49:68:ad:63:48:59:fc:4d:1b:59:44:54:8d:c3:7c:20:0f:cf:
8d:d8:06:e7:35:69:68:bc:e0:27:ef:54:24:44:ea:3a:fe:67:
0c:dd:ae:e9:27:19:0d:99:af:64:17:70:a7:7e:77:da:a8:5b:
64:45:54:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoH44GUpbzmOOh5ptYwR769MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE4MDkwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU0ODAxM2FiNWY4NDZmYWZlODRhZTU2NmM4NzVhMmZmNWM5YjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzwOE4y6e6RUhNtiR9W5wKQjbDAU
CyCfimDfCyyBmq0z3a1D774AKvCtMP1mB+FDKbdekoG88nOjIHFtdh1gEPijPxOl
e7bW4k4IHnUysi/tzoAf45NnxR1CTcYcaBlzAXpFq6GPg8WSUqUFLGQV4kjd1Nc1
845xOcgjn2b7atdZWYh6/H9YudL1NXvUMqH/3ZGH3c9SoNDe53uP5a9/zDKkJZga
xU8kLcFRH8Lk0075V9CNePULs1k8FkIvJFymhqFtvZQp3od9lKtT+c2ieY4n4zZ/
Qt5D/D/3HxP9N7/4xDNL+QPUUZDuS7bFfs5B2A9DHXPkTRwJv3E9N/pG1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNjkgBOrX4Rvr+hK5WbIdaL/XJtMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMk9TQUU2dGZoRy12NkVybFpzaDFvdjljbTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADf58g7Vy1I6vzw7RSnJ
VzpLsieWAxCJ0Ie4XI6o4M0eML7nZU0j5fg39TH4x8dZuI2yXRB0axZ5rNzyco7t
rAn/sebrnRrTESSSTe1GNFirFF3u/G26MOUoF+8FFItlTbTRpTfQgbVq2W0gv3sl
cr9AbEbu96jqHesUJjTxtltNQyd6220JKMm839/3GfjnJ4523BnVIFH88k6WHmRN
1agB2/rSzUVTd0QdhOlisZrHN1RjUGfakp5cLckzz0Ghj8ho5mGaYUlorWNIWfxN
G1lEVI3DfCAPz43YBuc1aWi84CfvVCRE6jr+ZwzdruknGQ2Zr2QXcKd+d9qoW2RF
VHw=
-----END CERTIFICATE-----
Generated at Thu May 1 16:03:41 2025 by rpki-client