Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5J5jr6yXSA2LppDCSk0P77UT8RU.roa
File: 5J5jr6yXSA2LppDCSk0P77UT8RU.roa (raw, json)
Hash identifier: stT6U3vysjqinxf/fmQpHvUGR5QsSNf2Z0zWwWziQXM=
Subject key identifier: E4:9E:63:AF:AC:97:48:0D:8B:A6:90:C2:4A:4D:0F:EF:B5:13:F1:15
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E9E3A8B37A3401051E7565011F45EE34
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5J5jr6yXSA2LppDCSk0P77UT8RU.roa
Signing time: Sat 12 Aug 2023 13:15:58 +0000
ROA not before: Sat 12 Aug 2023 13:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e9:e3:a8:b3:7a:34:01:05:1e:75:65:01:1f:45:ee:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 12 13:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e49e63afac97480d8ba690c24a4d0fefb513f115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:55:bd:e4:1f:51:a0:ca:38:7f:5d:ef:f8:7b:
ff:d2:8d:dc:46:50:62:44:fc:e3:c2:67:4f:aa:c5:
c2:e6:e6:75:0c:15:3f:36:09:de:49:58:43:64:27:
42:4d:9f:fc:0e:de:2c:97:75:f6:2d:26:67:9a:e0:
f6:ee:01:85:b8:f9:d8:4c:3b:6c:b7:37:9a:72:79:
96:9f:a8:7c:d1:92:bb:45:75:be:67:6f:4c:7f:86:
7f:b7:3d:19:e8:c5:f2:91:b5:d1:88:92:5d:b9:6d:
ba:93:08:11:a1:9f:9b:7d:50:28:63:f9:e5:83:7c:
a4:5d:0d:ad:d7:59:f4:c3:1e:2d:65:4f:c3:a8:91:
6b:75:7c:14:f2:01:a9:5c:61:e5:00:33:a7:8f:bd:
1e:05:e6:65:3c:e1:be:8c:99:de:59:04:2c:c0:26:
c3:4d:d1:56:fd:d7:2e:75:8f:08:30:5f:74:28:f6:
b8:29:91:2d:83:f2:47:ba:c1:70:62:e3:db:13:b7:
c1:4a:28:f8:20:23:07:9c:34:ea:7e:3e:2a:0e:1e:
c8:cc:00:ba:22:b5:fe:3f:87:09:f7:4a:0b:10:22:
3e:6b:64:e8:d3:33:bc:52:69:c3:e7:31:22:60:bf:
db:59:61:95:fd:f4:64:98:de:62:5c:96:0c:44:40:
8c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9E:63:AF:AC:97:48:0D:8B:A6:90:C2:4A:4D:0F:EF:B5:13:F1:15
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5J5jr6yXSA2LppDCSk0P77UT8RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:d3:6b:36:57:5b:a6:e4:ce:5e:25:31:68:01:38:dd:36:2b:
b2:ac:0a:eb:d2:98:20:ad:3c:b6:67:43:72:14:13:59:96:f3:
8f:8b:c4:46:ad:f6:b5:86:c0:2e:48:78:25:e4:a1:1e:67:ad:
52:11:94:fe:57:91:2c:a2:a1:ea:dd:e0:ad:f9:00:7c:a4:79:
43:8d:93:66:a3:da:c5:db:94:10:b5:ba:3e:4c:84:1b:35:27:
eb:de:04:b3:7c:7b:90:ff:16:a2:7e:d0:52:f0:61:5e:e6:40:
71:f6:85:11:87:55:45:13:09:da:47:80:95:cb:3f:cc:17:87:
8e:f6:0b:85:02:28:60:59:b7:67:6a:95:4c:6c:70:28:bd:9b:
41:28:50:65:e9:40:3a:6e:34:43:2c:10:69:08:cc:29:84:ed:
a0:4d:22:4c:44:a1:ea:22:54:02:6e:25:f5:e0:96:f1:94:94:
e7:89:40:80:69:0c:d8:d8:a7:a5:01:b5:50:35:16:1b:02:bc:
70:3a:02:29:d7:a8:26:e2:4e:b2:2b:6b:26:60:ef:01:98:40:
52:e4:eb:0b:a5:f6:03:d8:7e:76:b3:0c:93:9e:c4:a2:28:10:
64:78:6c:a7:24:5e:f4:35:57:ef:71:aa:06:1e:1a:30:a6:0a:
9a:86:f8:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnp46izejQBBR51ZQEfRe40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEyMTMxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDllNjNhZmFjOTc0ODBkOGJhNjkwYzI0YTRkMGZlZmI1MTNmMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVW95B9RoMo4f13v+Hv/0o3cRlBi
RPzjwmdPqsXC5uZ1DBU/NgneSVhDZCdCTZ/8Dt4sl3X2LSZnmuD27gGFuPnYTDts
tzeacnmWn6h80ZK7RXW+Z29Mf4Z/tz0Z6MXykbXRiJJduW26kwgRoZ+bfVAoY/nl
g3ykXQ2t11n0wx4tZU/DqJFrdXwU8gGpXGHlADOnj70eBeZlPOG+jJneWQQswCbD
TdFW/dcudY8IMF90KPa4KZEtg/JHusFwYuPbE7fBSij4ICMHnDTqfj4qDh7IzAC6
IrX+P4cJ90oLECI+a2To0zO8UmnD5zEiYL/bWWGV/fRkmN5iXJYMRECMDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOSeY6+sl0gNi6aQwkpND++1E/EVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNUo1anI2eVhTQTJMcHBEQ1NrMFA3N1VUOFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEjTazZXW6bkzl4lMWgB
ON02K7KsCuvSmCCtPLZnQ3IUE1mW84+LxEat9rWGwC5IeCXkoR5nrVIRlP5XkSyi
oerd4K35AHykeUONk2aj2sXblBC1uj5MhBs1J+veBLN8e5D/FqJ+0FLwYV7mQHH2
hRGHVUUTCdpHgJXLP8wXh472C4UCKGBZt2dqlUxscCi9m0EoUGXpQDpuNEMsEGkI
zCmE7aBNIkxEoeoiVAJuJfXglvGUlOeJQIBpDNjYp6UBtVA1FhsCvHA6AinXqCbi
TrIrayZg7wGYQFLk6wul9gPYfnazDJOexKIoEGR4bKckXvQ1V+9xqgYeGjCmCpqG
+DA=
-----END CERTIFICATE-----
Generated at Fri May 2 23:01:26 2025 by rpki-client