Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5PD8U07JuQ_of9KMzWxCI2u2kB8.roa
File: 5PD8U07JuQ_of9KMzWxCI2u2kB8.roa (raw, json)
Hash identifier: kU767oCxgSQ40oRal52EgnLIYREzusKGTOyBY462d5Q=
Subject key identifier: E4:F0:FC:53:4E:C9:B9:0F:E8:7F:D2:8C:CD:6C:42:23:6B:B6:90:1F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184244C9D62C985D2A376623220659B709D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5PD8U07JuQ_of9KMzWxCI2u2kB8.roa
Signing time: Sat 29 Oct 2022 15:11:51 +0000
ROA not before: Sat 29 Oct 2022 15:11:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:24:4c:9d:62:c9:85:d2:a3:76:62:32:20:65:9b:70:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 29 15:11:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4f0fc534ec9b90fe87fd28ccd6c42236bb6901f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:48:2c:f1:7b:34:2a:6b:08:cb:12:81:33:ef:
ba:00:84:74:74:b1:0b:01:4c:ce:2d:0e:03:69:63:
6b:9d:bc:6a:f9:23:0d:24:ce:e9:05:17:ba:63:b8:
6c:1d:e2:a8:d8:ad:bd:99:45:6c:90:1d:65:a6:35:
c8:f6:43:1e:1e:09:2e:e0:ae:28:6c:2d:33:1e:94:
a1:7e:5b:1f:a9:ee:51:64:23:f0:77:3d:a8:b8:2d:
f5:97:c9:9c:8b:0c:d7:0f:1f:66:7f:a7:36:98:ab:
c3:b9:6e:95:a7:99:40:3e:2f:37:9d:0e:5f:cd:bb:
93:8a:c7:fb:94:72:80:1e:d5:4f:dc:71:b8:ef:39:
fb:01:11:44:c6:98:c3:f5:09:70:20:cd:0b:b7:d0:
9b:94:4b:b8:ba:5a:55:d2:9a:51:e4:b1:cb:22:5c:
05:d2:96:63:63:0c:da:26:67:c7:11:e1:7d:55:ac:
4c:ec:dd:0c:f2:14:41:4d:3d:b7:6c:36:e4:d5:39:
ee:b7:29:76:bd:c2:c7:23:1e:f1:23:fe:6b:a2:32:
10:6f:01:61:1d:22:ba:73:1c:ae:ea:71:58:4b:c7:
9b:fa:de:39:bd:23:75:5e:f3:e1:8b:d1:4a:43:6a:
21:7a:43:2d:e1:92:cd:b9:77:e6:f8:4e:95:84:0a:
ac:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F0:FC:53:4E:C9:B9:0F:E8:7F:D2:8C:CD:6C:42:23:6B:B6:90:1F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5PD8U07JuQ_of9KMzWxCI2u2kB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:30:0c:60:3d:b5:43:7e:d8:e4:13:4d:75:52:30:1c:4b:aa:
fa:45:ea:b3:07:c1:ca:e6:9c:13:ca:c3:16:91:58:92:3a:b0:
42:8f:c0:dc:cb:21:02:60:3f:05:0c:65:8a:df:25:4b:73:20:
44:04:4c:a7:43:3d:76:f1:f8:2f:d1:2a:0f:c3:be:de:13:b3:
c7:c5:ef:ed:f6:28:d7:aa:8e:7d:9c:ad:60:9a:b9:92:f7:b1:
1d:61:2d:9d:83:e3:7e:6e:eb:b5:be:12:6d:ac:15:d8:8c:ca:
5a:f9:37:3d:0a:86:ec:ac:6d:e5:4b:ee:88:03:06:7b:22:31:
16:68:d3:73:06:7f:5e:db:41:fd:9a:61:57:d1:3c:3f:a9:f8:
1c:8b:3d:c9:8e:ce:b2:1f:11:8f:ad:72:48:5d:fd:d9:ec:dd:
bf:48:72:99:13:dc:1d:39:b9:c5:65:de:95:b2:d6:31:13:c0:
b8:08:e2:ba:6f:d5:b9:2b:56:be:6e:de:e5:32:db:8a:f5:07:
8e:16:5c:e1:85:98:6c:45:04:d6:37:7c:8f:54:45:8b:de:49:
ab:db:31:e1:25:a9:87:2d:9b:2a:48:5e:38:67:f4:fc:1c:b4:
03:9a:f4:f9:ce:82:3a:72:1d:f1:0e:85:2e:70:5f:4a:73:2f:
73:79:b0:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQkTJ1iyYXSo3ZiMiBlm3CdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDI5MTUxMTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGYwZmM1MzRlYzliOTBmZTg3ZmQyOGNjZDZjNDIyMzZiYjY5MDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEgs8Xs0KmsIyxKBM++6AIR0dLEL
AUzOLQ4DaWNrnbxq+SMNJM7pBRe6Y7hsHeKo2K29mUVskB1lpjXI9kMeHgku4K4o
bC0zHpShflsfqe5RZCPwdz2ouC31l8mciwzXDx9mf6c2mKvDuW6Vp5lAPi83nQ5f
zbuTisf7lHKAHtVP3HG47zn7ARFExpjD9QlwIM0Lt9CblEu4ulpV0ppR5LHLIlwF
0pZjYwzaJmfHEeF9VaxM7N0M8hRBTT23bDbk1Tnutyl2vcLHIx7xI/5rojIQbwFh
HSK6cxyu6nFYS8eb+t45vSN1XvPhi9FKQ2ohekMt4ZLNuXfm+E6VhAqssQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOTw/FNOybkP6H/SjM1sQiNrtpAfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNVBEOFUwN0p1UV9vZjlLTXpXeENJMnUya0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACQwDGA9tUN+2OQTTXVS
MBxLqvpF6rMHwcrmnBPKwxaRWJI6sEKPwNzLIQJgPwUMZYrfJUtzIEQETKdDPXbx
+C/RKg/Dvt4Ts8fF7+32KNeqjn2crWCauZL3sR1hLZ2D435u67W+Em2sFdiMylr5
Nz0KhuysbeVL7ogDBnsiMRZo03MGf17bQf2aYVfRPD+p+ByLPcmOzrIfEY+tckhd
/dns3b9IcpkT3B05ucVl3pWy1jETwLgI4rpv1bkrVr5u3uUy24r1B44WXOGFmGxF
BNY3fI9URYveSavbMeElqYctmypIXjhn9PwctAOa9PnOgjpyHfEOhS5wX0pzL3N5
sHo=
-----END CERTIFICATE-----
Generated at Thu May 1 12:46:08 2025 by rpki-client