Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4roh_Bdukg5XqTjxL5KK18kRf9A.roa
File: 4roh_Bdukg5XqTjxL5KK18kRf9A.roa (raw, json)
Hash identifier: 0QO5sfdRNRqBldqLpWdBQp25008nxdxi55bAgrwC2EY=
Subject key identifier: E2:BA:21:FC:17:6E:92:0E:57:A9:38:F1:2F:92:8A:D7:C9:11:7F:D0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185959312248BB13A74ABFB673B7FD42D0C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4roh_Bdukg5XqTjxL5KK18kRf9A.roa
Signing time: Mon 09 Jan 2023 08:08:41 +0000
ROA not before: Mon 09 Jan 2023 08:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:93:12:24:8b:b1:3a:74:ab:fb:67:3b:7f:d4:2d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 9 08:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2ba21fc176e920e57a938f12f928ad7c9117fd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:52:af:4a:6a:ab:fe:e9:0f:41:d0:db:42:a4:
03:e2:4a:e1:09:79:4c:2e:45:10:e1:4b:57:dd:fc:
64:a5:4f:46:67:0d:ce:75:87:07:ed:2f:f5:ee:67:
7e:12:86:18:2d:b0:4f:b6:15:9d:70:1d:d1:06:ac:
8a:77:de:2d:a4:c0:f2:e9:df:dd:7b:d0:68:f3:79:
29:f4:cd:64:bd:1d:a1:76:7a:91:9e:b7:db:47:84:
cd:ff:ab:2f:ac:4a:18:85:27:2f:67:e7:9e:c0:1c:
25:47:e6:13:70:32:67:1d:18:cd:de:c8:09:66:a0:
33:06:16:f6:64:be:17:19:2c:51:dc:2b:97:b0:a6:
cc:a1:51:c3:a7:cc:75:c5:06:4b:02:df:a3:27:db:
70:a6:76:6b:01:fd:41:c9:2d:f9:25:f4:b9:d7:56:
0b:90:9b:84:18:4a:09:50:3d:92:20:40:1d:f8:43:
21:d3:9a:92:a8:60:87:e5:63:07:22:28:a2:94:26:
e0:27:4a:ac:b3:e9:34:2e:c9:46:f4:2d:63:3a:4a:
7d:ac:83:d4:7a:05:1e:e3:62:4c:4f:32:cd:93:ee:
35:cf:34:bd:d6:e7:ce:13:5f:38:11:b3:94:61:37:
88:52:83:5d:73:16:47:a8:8e:b7:8d:36:ac:a8:70:
7a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BA:21:FC:17:6E:92:0E:57:A9:38:F1:2F:92:8A:D7:C9:11:7F:D0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4roh_Bdukg5XqTjxL5KK18kRf9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:f9:47:31:9c:42:c3:8d:6e:98:f8:d6:e2:8b:45:67:58:87:
d6:5b:6d:dd:fc:ce:06:da:7f:9b:7a:7a:39:76:32:db:b9:fc:
fc:83:b2:fa:83:2d:4a:d9:80:f2:60:5b:ad:ff:46:fc:7f:12:
dc:c3:97:33:b7:c1:c2:a3:03:27:3d:fe:d9:4c:ff:8a:60:fd:
ff:1c:15:cd:4e:da:d9:3f:93:01:4c:2c:c7:9e:d5:a4:54:57:
9f:1f:0c:3c:bc:e2:96:a0:54:02:85:c5:4b:14:c4:10:bf:3f:
81:9f:4c:e2:db:53:00:7f:53:02:19:d0:51:bf:41:d4:e8:62:
6b:d1:33:3b:2b:25:ca:a2:ff:8d:06:83:c7:a8:61:f5:1d:bc:
b6:89:c5:b2:a2:3c:3c:0f:a6:a9:11:c9:86:be:52:56:5d:0f:
47:db:53:e9:ae:60:b9:81:81:88:b7:96:c6:ce:39:52:57:95:
4f:67:2d:50:97:fd:bb:62:b0:68:e2:ce:3e:c3:40:fd:00:e3:
03:a7:70:da:af:1e:ea:89:99:53:81:db:d2:fb:78:f8:78:86:
55:fd:d6:4e:c5:41:39:36:9f:37:1b:0e:0f:fb:4f:ca:6a:a0:
c7:ec:9e:50:65:ea:31:4a:16:39:e1:e3:d4:ec:dd:28:46:cf:
74:eb:e8:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWVkxIki7E6dKv7Zzt/1C0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA5MDgwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmJhMjFmYzE3NmU5MjBlNTdhOTM4ZjEyZjkyOGFkN2M5MTE3ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1KvSmqr/ukPQdDbQqQD4krhCXlM
LkUQ4UtX3fxkpU9GZw3OdYcH7S/17md+EoYYLbBPthWdcB3RBqyKd94tpMDy6d/d
e9Bo83kp9M1kvR2hdnqRnrfbR4TN/6svrEoYhScvZ+eewBwlR+YTcDJnHRjN3sgJ
ZqAzBhb2ZL4XGSxR3CuXsKbMoVHDp8x1xQZLAt+jJ9twpnZrAf1ByS35JfS511YL
kJuEGEoJUD2SIEAd+EMh05qSqGCH5WMHIiiilCbgJ0qss+k0LslG9C1jOkp9rIPU
egUe42JMTzLNk+41zzS91ufOE184EbOUYTeIUoNdcxZHqI63jTasqHB6uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOK6IfwXbpIOV6k48S+SitfJEX/QMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNHJvaF9CZHVrZzVYcVRqeEw1S0sxOGtSZjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHr5RzGcQsONbpj41uKL
RWdYh9Zbbd38zgbaf5t6ejl2Mtu5/PyDsvqDLUrZgPJgW63/Rvx/EtzDlzO3wcKj
Ayc9/tlM/4pg/f8cFc1O2tk/kwFMLMee1aRUV58fDDy84pagVAKFxUsUxBC/P4Gf
TOLbUwB/UwIZ0FG/QdToYmvRMzsrJcqi/40Gg8eoYfUdvLaJxbKiPDwPpqkRyYa+
UlZdD0fbU+muYLmBgYi3lsbOOVJXlU9nLVCX/btisGjizj7DQP0A4wOncNqvHuqJ
mVOB29L7ePh4hlX91k7FQTk2nzcbDg/7T8pqoMfsnlBl6jFKFjnh49Ts3ShGz3Tr
6N4=
-----END CERTIFICATE-----
Generated at Sat May 3 06:44:16 2025 by rpki-client