Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5QtEZ2_U-Vqi5_Yuwkx-gHpNj6M.roa
File: 5QtEZ2_U-Vqi5_Yuwkx-gHpNj6M.roa (raw, json)
Hash identifier: kICCwRxhBLRrO5f6BVqoRL96fldJwFboWcMb6oM2DyE=
Subject key identifier: E5:0B:44:67:6F:D4:F9:5A:A2:E7:F6:2E:C2:4C:7E:80:7A:4D:8F:A3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D98AC9C1021F2F9322947A7EEBA8CBA1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5QtEZ2_U-Vqi5_Yuwkx-gHpNj6M.roa
Signing time: Wed 09 Aug 2023 09:04:58 +0000
ROA not before: Wed 09 Aug 2023 09:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:d98a:357e/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d9:8a:c9:c1:02:1f:2f:93:22:94:7a:7e:eb:a8:cb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 9 09:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e50b44676fd4f95aa2e7f62ec24c7e807a4d8fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ff:46:0a:ed:29:b1:38:ce:b5:34:05:73:ee:
14:e1:95:95:a5:bf:be:32:7d:a6:e8:01:27:77:d6:
19:68:d8:76:d2:6b:45:3a:ae:88:a9:c2:23:b3:db:
b2:1e:88:39:3e:9e:a3:73:0f:36:24:e8:0b:ae:de:
2d:7e:fa:04:12:9d:eb:19:31:76:a2:67:c3:e0:41:
ef:fc:ad:4f:6b:72:b3:91:a1:c9:0f:a1:6c:f1:06:
d9:b5:ac:43:cf:16:67:3c:79:5a:dd:19:20:3d:41:
3f:95:fe:99:46:0f:5c:80:fe:0c:ae:ed:8a:73:93:
98:1c:d2:1a:f1:dc:d2:42:c1:1f:0a:e3:8e:2a:88:
6c:d9:12:fe:e2:c6:34:05:c4:f2:af:f9:45:b8:58:
27:47:9a:ef:0d:d3:38:5b:0f:ba:b2:de:9b:3e:3d:
83:6f:b2:41:4a:4f:7c:65:09:2b:90:fc:21:3c:60:
69:0c:4b:4c:d0:7d:46:e4:26:d8:fa:1f:a7:e3:97:
11:69:6c:5f:d6:43:97:74:33:68:24:c6:31:0a:b5:
78:cc:d1:57:6b:31:f4:fd:3f:2d:2c:ba:ff:b5:5c:
0b:53:f4:75:27:fd:71:51:63:a4:78:6c:2e:b6:8b:
73:13:71:ee:7a:6a:a4:65:e4:6d:e7:be:02:9f:ee:
d4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0B:44:67:6F:D4:F9:5A:A2:E7:F6:2E:C2:4C:7E:80:7A:4D:8F:A3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5QtEZ2_U-Vqi5_Yuwkx-gHpNj6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:9b:01:b4:4b:60:9e:33:f7:30:c3:65:f2:c6:cb:d3:61:e7:
16:15:48:4d:0e:04:07:1a:e3:e5:33:df:b5:3a:da:70:dc:69:
c2:43:f4:20:55:1e:5d:b8:5a:26:ba:51:5c:4a:90:ce:d5:e7:
df:3a:54:da:60:ce:90:3c:ca:35:43:77:af:34:1f:65:9a:68:
a0:60:41:b7:99:cc:46:78:a7:7a:3b:b2:41:8f:d0:ff:3a:02:
96:5a:42:c5:e9:5c:77:9e:fe:95:61:f4:71:ad:b7:c7:23:40:
72:db:dc:3c:54:99:e8:be:88:5c:5c:8e:35:58:d4:c5:c7:ed:
9c:36:90:67:c9:81:7d:d2:79:5e:11:6e:c9:1c:e4:64:d8:60:
5c:bf:00:56:72:52:31:9c:2f:5c:cf:7d:ad:61:3e:30:b3:b9:
ff:d2:b1:5f:d1:75:3b:e1:f7:b4:72:1c:2f:0e:ff:41:d7:a5:
b4:4b:a6:04:2f:b6:be:47:dd:78:ac:db:8f:4c:4b:35:de:62:
c8:45:c6:f1:47:84:95:54:74:2e:d5:fb:3c:a8:32:5a:75:c4:
ad:71:d8:ac:6c:3c:59:5d:2f:62:e2:44:9e:47:8d:9b:a4:e9:
d6:e0:75:e3:c0:ae:c1:6e:9d:3f:19:fa:15:12:98:d5:64:7a:
fb:f5:d1:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnZisnBAh8vkyKUen7rqMuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA5MDkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTBiNDQ2NzZmZDRmOTVhYTJlN2Y2MmVjMjRjN2U4MDdhNGQ4ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP9GCu0psTjOtTQFc+4U4ZWVpb++
Mn2m6AEnd9YZaNh20mtFOq6IqcIjs9uyHog5Pp6jcw82JOgLrt4tfvoEEp3rGTF2
omfD4EHv/K1Pa3KzkaHJD6Fs8QbZtaxDzxZnPHla3RkgPUE/lf6ZRg9cgP4Mru2K
c5OYHNIa8dzSQsEfCuOOKohs2RL+4sY0BcTyr/lFuFgnR5rvDdM4Ww+6st6bPj2D
b7JBSk98ZQkrkPwhPGBpDEtM0H1G5CbY+h+n45cRaWxf1kOXdDNoJMYxCrV4zNFX
azH0/T8tLLr/tVwLU/R1J/1xUWOkeGwutotzE3HuemqkZeRt574Cn+7U4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOULRGdv1Plaouf2LsJMfoB6TY+jMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNVF0RVoyX1UtVnFpNV9ZdXdreC1nSHBOajZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACSbAbRLYJ4z9zDDZfLG
y9Nh5xYVSE0OBAca4+Uz37U62nDcacJD9CBVHl24Wia6UVxKkM7V5986VNpgzpA8
yjVDd680H2WaaKBgQbeZzEZ4p3o7skGP0P86ApZaQsXpXHee/pVh9HGtt8cjQHLb
3DxUmei+iFxcjjVY1MXH7Zw2kGfJgX3SeV4Rbskc5GTYYFy/AFZyUjGcL1zPfa1h
PjCzuf/SsV/RdTvh97RyHC8O/0HXpbRLpgQvtr5H3Xis249MSzXeYshFxvFHhJVU
dC7V+zyoMlp1xK1x2KxsPFldL2LiRJ5HjZuk6dbgdePArsFunT8Z+hUSmNVkevv1
0Uc=
-----END CERTIFICATE-----
Generated at Thu May 1 02:51:52 2025 by rpki-client