Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4O70PDYVMhoPDf6IcHjXY8F53Io.roa
File: 4O70PDYVMhoPDf6IcHjXY8F53Io.roa (raw, json)
Hash identifier: SlkQB7WZgEcCcubHcKtPxkTNAoUm3DVBFWZ13wBU6/w=
Subject key identifier: E0:EE:F4:3C:36:15:32:1A:0F:0D:FE:88:70:78:D7:63:C1:79:DC:8A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01871E4316EC7CA7991BCB72DB7A8383552F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4O70PDYVMhoPDf6IcHjXY8F53Io.roa
Signing time: Sun 26 Mar 2023 14:12:05 +0000
ROA not before: Sun 26 Mar 2023 14:12:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1e:43:16:ec:7c:a7:99:1b:cb:72:db:7a:83:83:55:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 26 14:12:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0eef43c3615321a0f0dfe887078d763c179dc8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:96:74:51:1d:64:79:dd:72:bb:d4:b1:bb:22:
ea:65:c3:a6:e2:5b:25:de:58:70:e3:f0:1c:2a:7d:
49:4a:a0:2d:1e:27:5a:6f:d8:90:06:82:4b:56:cf:
a7:71:04:4e:de:e5:b5:bc:49:31:6c:a1:f9:d1:54:
28:66:a7:68:aa:93:c0:38:bc:e8:c4:72:5e:0e:90:
78:05:1f:80:f6:f8:f0:21:9a:29:4e:19:ac:b0:5b:
cb:c4:d9:ef:57:26:b4:79:a4:1f:62:ad:89:a1:e7:
1d:6b:f2:76:cf:74:1e:6f:5e:e5:54:5d:5a:9e:ea:
cd:c0:8d:e3:22:b4:7e:5c:f9:c9:43:b1:ed:c0:66:
43:03:45:5e:90:92:dd:08:48:05:5b:86:30:d7:3d:
59:32:64:69:53:3e:d2:81:39:3d:7b:ed:69:d4:bb:
ba:31:21:78:cb:2a:a8:53:29:52:9a:6f:16:a9:6f:
c4:e2:b0:66:9b:50:ce:e8:1c:6a:4a:60:cd:1f:be:
ce:52:dd:c7:f5:21:65:e7:0a:6a:97:dd:0a:d7:c4:
65:a2:de:63:9f:83:6e:38:57:0d:7d:be:f2:8e:24:
d1:83:f8:a8:d6:44:70:52:55:f8:82:3f:df:2d:54:
48:d1:c6:88:18:67:30:a5:a3:48:af:cb:96:ab:12:
df:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:EE:F4:3C:36:15:32:1A:0F:0D:FE:88:70:78:D7:63:C1:79:DC:8A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4O70PDYVMhoPDf6IcHjXY8F53Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:96:b2:a5:8d:0b:eb:df:99:5e:96:43:a3:09:a0:fe:c3:a8:
ad:5e:8e:b3:91:d7:38:85:ac:60:3c:49:93:43:10:f8:60:3c:
25:42:c9:e6:6c:03:aa:6d:b0:46:a0:c6:67:f0:16:d5:ff:67:
b3:46:0a:db:34:67:68:eb:38:e3:fa:4b:ae:e7:27:1f:4c:77:
8e:a1:01:ed:3f:b1:9c:5b:51:15:14:91:12:e2:f4:61:78:89:
e2:d0:05:12:64:ce:32:00:f0:8c:70:69:17:7e:d3:36:ec:c4:
9a:f7:f5:b9:0a:b6:66:17:76:cd:68:c8:2f:77:64:66:0c:33:
c2:fa:4f:e9:d7:9d:1d:1b:4a:b0:5e:52:1d:60:d4:c4:c0:97:
3e:37:52:93:57:a4:f2:28:74:3e:e4:53:b7:f7:df:40:86:10:
37:c3:f1:1f:a5:e4:15:5d:b5:57:e8:f5:78:bc:f2:6b:41:73:
81:04:de:33:92:81:09:f9:66:f2:49:4a:4d:26:c9:39:5c:7d:
9c:13:77:f4:ac:b9:95:e3:3f:d3:ad:68:e7:2a:d8:99:48:1c:
bf:b6:5a:c9:26:2c:35:ca:b8:5f:ef:bd:5b:a6:7c:52:da:2e:
e1:87:fd:17:7c:7a:f2:b9:ce:6a:fd:df:28:ac:6a:f7:e6:cc:
a9:d5:8b:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYceQxbsfKeZG8ty23qDg1UvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI2MTQxMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGVlZjQzYzM2MTUzMjFhMGYwZGZlODg3MDc4ZDc2M2MxNzlkYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpZ0UR1ked1yu9SxuyLqZcOm4lsl
3lhw4/AcKn1JSqAtHidab9iQBoJLVs+ncQRO3uW1vEkxbKH50VQoZqdoqpPAOLzo
xHJeDpB4BR+A9vjwIZopThmssFvLxNnvVya0eaQfYq2Joecda/J2z3Qeb17lVF1a
nurNwI3jIrR+XPnJQ7HtwGZDA0VekJLdCEgFW4Yw1z1ZMmRpUz7SgTk9e+1p1Lu6
MSF4yyqoUylSmm8WqW/E4rBmm1DO6BxqSmDNH77OUt3H9SFl5wpql90K18Rlot5j
n4NuOFcNfb7yjiTRg/io1kRwUlX4gj/fLVRI0caIGGcwpaNIr8uWqxLf/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFODu9Dw2FTIaDw3+iHB412PBedyKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNE83MFBEWVZNaG9QRGY2SWNIalhZOEY1M0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF6WsqWNC+vfmV6WQ6MJ
oP7DqK1ejrOR1ziFrGA8SZNDEPhgPCVCyeZsA6ptsEagxmfwFtX/Z7NGCts0Z2jr
OOP6S67nJx9Md46hAe0/sZxbURUUkRLi9GF4ieLQBRJkzjIA8IxwaRd+0zbsxJr3
9bkKtmYXds1oyC93ZGYMM8L6T+nXnR0bSrBeUh1g1MTAlz43UpNXpPIodD7kU7f3
30CGEDfD8R+l5BVdtVfo9Xi88mtBc4EE3jOSgQn5ZvJJSk0myTlcfZwTd/SsuZXj
P9OtaOcq2JlIHL+2WskmLDXKuF/vvVumfFLaLuGH/Rd8evK5zmr93yisavfmzKnV
i4o=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:06:26 2025 by rpki-client