Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5Q4X9NhVH_doFTEPijyLxos2XKY.roa
File: 5Q4X9NhVH_doFTEPijyLxos2XKY.roa (raw, json)
Hash identifier: aK3LanVDJK3LMMQGn2Tq4KpsKXLY6NxmbBcmEgRkZGk=
Subject key identifier: E5:0E:17:F4:D8:55:1F:F7:68:15:31:0F:8A:3C:8B:C6:8B:36:5C:A6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186534408074693001BE5922A4F46AD1B02
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5Q4X9NhVH_doFTEPijyLxos2XKY.roa
Signing time: Wed 15 Feb 2023 04:10:12 +0000
ROA not before: Wed 15 Feb 2023 04:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:53:44:08:07:46:93:00:1b:e5:92:2a:4f:46:ad:1b:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 04:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e50e17f4d8551ff76815310f8a3c8bc68b365ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:92:2e:8c:00:70:d1:30:87:06:69:dc:29:a4:
5c:2d:0c:8b:84:35:6c:78:b9:bb:81:bd:b5:0e:bf:
d8:f4:ed:8d:a6:d3:fd:57:0b:a6:b9:51:04:c6:45:
c3:ee:99:1f:d8:a6:2c:b5:77:04:3d:f4:57:ec:56:
15:43:92:87:47:c0:8d:be:72:e1:f3:8c:03:9d:08:
60:16:e3:02:e4:83:34:4b:81:d5:20:b8:fa:03:cc:
09:79:56:0f:66:4e:33:58:b4:fa:6e:84:62:d9:fb:
de:6c:29:2a:a4:b8:a2:95:31:6c:57:39:be:40:07:
0f:94:f6:98:2b:04:99:7f:af:6c:e9:9e:17:0c:b5:
97:f8:83:21:52:5e:b8:0a:70:1a:24:82:98:e7:7b:
33:06:c0:f8:f6:1e:d4:24:58:42:dd:a7:26:ca:01:
15:19:92:4c:0b:fa:a8:a3:38:1a:40:8d:8b:59:ad:
cf:83:7b:e2:70:58:28:b8:ab:ce:af:7b:30:53:23:
60:bd:11:ad:44:8d:80:c6:bc:f3:b7:33:94:d6:62:
42:bf:f7:ee:e5:8b:61:d2:35:17:2e:c9:3c:e6:04:
0d:3b:96:ff:ee:cc:e4:93:e9:9a:88:cb:c3:be:24:
0d:0e:41:af:a0:be:d2:be:6c:ad:98:e2:be:4e:64:
80:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0E:17:F4:D8:55:1F:F7:68:15:31:0F:8A:3C:8B:C6:8B:36:5C:A6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5Q4X9NhVH_doFTEPijyLxos2XKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:14:5c:12:29:35:49:df:9c:c6:7f:ab:c8:af:c1:7d:3b:1b:
18:09:c2:9d:ca:87:e4:65:a9:23:fd:18:c0:52:ca:d2:3a:ac:
10:ba:5f:c1:c9:95:c6:e2:ad:e2:1f:30:49:00:42:91:3a:62:
94:dd:69:d4:6b:17:42:69:8f:a5:8a:97:e2:b2:35:28:1a:4b:
42:4c:ec:af:29:57:35:1d:cd:0c:23:2d:d8:7a:03:2a:f3:ba:
cc:1a:b4:64:fc:5b:2b:ec:87:04:8a:b7:33:71:11:31:d7:88:
02:26:e4:64:b0:6e:8a:d0:e8:1d:d8:0b:13:47:e2:ff:c9:48:
6c:79:e3:c0:02:a0:05:fa:38:e1:cf:0c:48:e0:2b:1c:b4:d9:
0e:69:a1:ea:16:cc:03:74:d9:c3:ab:37:85:48:df:5f:bb:0a:
82:a2:ee:07:d4:64:7a:0e:6a:5d:82:12:6a:86:ef:c9:bf:08:
4c:c1:9b:f4:24:85:c9:b7:d4:7c:98:42:7f:24:67:e2:8b:2c:
7d:00:4b:1c:20:c1:67:af:b1:49:3c:fc:c3:35:20:02:8a:2a:
04:0e:71:9f:d0:bc:43:b4:25:80:ad:fc:b8:35:3c:29:9b:72:
6c:0c:41:3f:1e:ea:af:34:f5:a5:fd:30:1c:82:d7:48:e9:62:
a8:36:7d:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZTRAgHRpMAG+WSKk9GrRsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE1MDQxMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTBlMTdmNGQ4NTUxZmY3NjgxNTMxMGY4YTNjOGJjNjhiMzY1Y2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJIujABw0TCHBmncKaRcLQyLhDVs
eLm7gb21Dr/Y9O2NptP9VwumuVEExkXD7pkf2KYstXcEPfRX7FYVQ5KHR8CNvnLh
84wDnQhgFuMC5IM0S4HVILj6A8wJeVYPZk4zWLT6boRi2fvebCkqpLiilTFsVzm+
QAcPlPaYKwSZf69s6Z4XDLWX+IMhUl64CnAaJIKY53szBsD49h7UJFhC3acmygEV
GZJMC/qoozgaQI2LWa3Pg3vicFgouKvOr3swUyNgvRGtRI2AxrzztzOU1mJCv/fu
5Yth0jUXLsk85gQNO5b/7szkk+maiMvDviQNDkGvoL7SvmytmOK+TmSAnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOUOF/TYVR/3aBUxD4o8i8aLNlymMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNVE0WDlOaFZIX2RvRlRFUGlqeUx4b3MyWEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACIUXBIpNUnfnMZ/q8iv
wX07GxgJwp3Kh+RlqSP9GMBSytI6rBC6X8HJlcbireIfMEkAQpE6YpTdadRrF0Jp
j6WKl+KyNSgaS0JM7K8pVzUdzQwjLdh6AyrzuswatGT8WyvshwSKtzNxETHXiAIm
5GSwborQ6B3YCxNH4v/JSGx548ACoAX6OOHPDEjgKxy02Q5poeoWzAN02cOrN4VI
31+7CoKi7gfUZHoOal2CEmqG78m/CEzBm/Qkhcm31HyYQn8kZ+KLLH0ASxwgwWev
sUk8/MM1IAKKKgQOcZ/QvEO0JYCt/Lg1PCmbcmwMQT8e6q809aX9MByC10jpYqg2
fRY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:51:50 2025 by rpki-client