Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5Dlju7IqOWtNZbubQZ_rIhunh2E.roa
File: 5Dlju7IqOWtNZbubQZ_rIhunh2E.roa (raw, json)
Hash identifier: adGeu+GLAueDw0qT/Wmtp329FpAk+Yz3rTW/qF3C5iM=
Subject key identifier: E4:39:63:BB:B2:2A:39:6B:4D:65:BB:9B:41:9F:EB:22:1B:A7:87:61
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867D850F05DE05E8CD8E8E16A6D769B371
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5Dlju7IqOWtNZbubQZ_rIhunh2E.roa
Signing time: Thu 23 Feb 2023 09:05:17 +0000
ROA not before: Thu 23 Feb 2023 09:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:7d84:6d2a/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:85:0f:05:de:05:e8:cd:8e:8e:16:a6:d7:69:b3:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 09:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e43963bbb22a396b4d65bb9b419feb221ba78761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:61:a7:12:13:10:2e:4f:be:4b:4c:db:3f:1f:
af:86:11:60:ce:68:95:71:41:a3:e3:09:ab:56:27:
d5:40:e9:d3:5e:69:2e:d5:5b:30:b0:ff:04:b5:32:
48:3d:01:5a:77:df:d4:9b:80:ca:8f:09:76:5e:bf:
31:d1:76:a8:76:18:1a:d4:3b:cf:40:e7:e9:f7:62:
4d:b5:9c:83:c8:b9:89:86:e3:76:7e:49:03:a7:dc:
04:b9:7c:d7:3c:ad:83:04:24:69:bc:e6:50:94:2e:
aa:92:f0:93:2d:88:b2:88:fa:13:1d:a8:18:3f:72:
71:0c:8c:3c:40:7c:b4:51:d5:69:cc:98:8d:22:7f:
b5:a8:49:f4:f7:a5:75:07:5e:c2:63:99:e9:49:b8:
60:59:55:7d:f7:af:bd:70:d5:13:17:e4:45:a4:6a:
59:fe:a8:8b:65:04:20:e5:17:76:14:93:a8:b5:01:
2b:13:64:f5:4c:4b:10:36:a4:8b:08:5a:15:9b:84:
08:5c:df:4e:c1:a9:26:84:b8:3e:75:35:05:3f:98:
ab:7a:13:d0:f4:3a:61:bf:c0:c3:bc:64:1c:34:d1:
87:2d:37:17:d6:4d:ee:5b:55:9e:cf:b6:ad:de:ac:
04:1f:ab:1c:2c:10:c1:97:07:20:83:2a:09:54:be:
27:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:39:63:BB:B2:2A:39:6B:4D:65:BB:9B:41:9F:EB:22:1B:A7:87:61
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5Dlju7IqOWtNZbubQZ_rIhunh2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:61:96:1d:a2:75:2a:5d:4b:f5:d3:44:49:d7:5d:cb:13:25:
be:51:06:2e:da:3c:9c:0d:a6:5b:47:8b:f3:9a:56:ea:7a:89:
68:83:ef:20:af:69:87:1e:b4:ee:dc:30:bd:9a:4d:98:2c:04:
22:ca:3f:93:72:3c:5c:69:0b:c4:5b:c0:5d:fe:0f:ad:77:f7:
5e:88:06:0a:dc:13:39:4f:3c:d6:a7:8d:dc:7c:90:1c:86:3d:
4b:56:df:b0:a6:47:b9:bf:bd:57:09:5f:81:e1:ab:09:70:68:
44:23:43:d8:82:b8:0b:9c:58:ab:71:23:83:db:76:18:ae:dc:
c7:00:de:3f:e9:c6:1e:aa:01:c1:66:aa:83:c4:6f:a4:57:1c:
ba:67:47:b6:b5:9b:e2:58:a8:7b:27:26:c7:2d:be:cb:cb:82:
3f:22:2d:33:b6:2b:25:6a:5a:97:db:65:f4:95:8f:ff:28:ad:
0a:f3:5d:ea:51:d0:b8:e8:03:5a:9e:38:9b:e1:3e:d9:13:fa:
fc:8d:aa:d3:cd:34:b1:c0:29:5d:64:57:df:86:17:09:4a:2f:
71:b9:0f:0f:e6:fa:88:62:49:58:82:63:f9:9b:2f:e6:9d:eb:
c6:16:26:54:7b:63:16:c8:41:fe:90:67:3c:f4:4c:24:00:ec:
2c:43:db:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ9hQ8F3gXozY6OFqbXabNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMDkwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM5NjNiYmIyMmEzOTZiNGQ2NWJiOWI0MTlmZWIyMjFiYTc4NzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2GnEhMQLk++S0zbPx+vhhFgzmiV
cUGj4wmrVifVQOnTXmku1VswsP8EtTJIPQFad9/Um4DKjwl2Xr8x0Xaodhga1DvP
QOfp92JNtZyDyLmJhuN2fkkDp9wEuXzXPK2DBCRpvOZQlC6qkvCTLYiyiPoTHagY
P3JxDIw8QHy0UdVpzJiNIn+1qEn096V1B17CY5npSbhgWVV996+9cNUTF+RFpGpZ
/qiLZQQg5Rd2FJOotQErE2T1TEsQNqSLCFoVm4QIXN9OwakmhLg+dTUFP5irehPQ
9Dphv8DDvGQcNNGHLTcX1k3uW1Wez7at3qwEH6scLBDBlwcggyoJVL4nUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOQ5Y7uyKjlrTWW7m0Gf6yIbp4dhMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNURsanU3SXFPV3ROWmJ1YlFaX3JJaHVuaDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIphlh2idSpdS/XTREnX
XcsTJb5RBi7aPJwNpltHi/OaVup6iWiD7yCvaYcetO7cML2aTZgsBCLKP5NyPFxp
C8RbwF3+D613916IBgrcEzlPPNanjdx8kByGPUtW37CmR7m/vVcJX4HhqwlwaEQj
Q9iCuAucWKtxI4Pbdhiu3McA3j/pxh6qAcFmqoPEb6RXHLpnR7a1m+JYqHsnJsct
vsvLgj8iLTO2KyVqWpfbZfSVj/8orQrzXepR0LjoA1qeOJvhPtkT+vyNqtPNNLHA
KV1kV9+GFwlKL3G5Dw/m+ohiSViCY/mbL+ad68YWJlR7YxbIQf6QZzz0TCQA7CxD
2zc=
-----END CERTIFICATE-----
Generated at Fri May 2 15:39:54 2025 by rpki-client