Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5_mh2tmJ3twPzZc7m30tbECgSTY.roa
File: 5_mh2tmJ3twPzZc7m30tbECgSTY.roa (raw, json)
Hash identifier: OQ9D5msdI2Wb8V/Ln5nvGqWTfsls295NTPOM5YHFlKM=
Subject key identifier: E7:F9:A1:DA:D9:89:DE:DC:0F:CD:97:3B:9B:7D:2D:6C:40:A0:49:36
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C78E9B2872DA277B73FBF86A07E7C4D3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5_mh2tmJ3twPzZc7m30tbECgSTY.roa
Signing time: Sat 05 Aug 2023 21:15:59 +0000
ROA not before: Sat 05 Aug 2023 21:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c7:8e:9b:28:72:da:27:7b:73:fb:f8:6a:07:e7:c4:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 5 21:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7f9a1dad989dedc0fcd973b9b7d2d6c40a04936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4a:c5:9f:89:ee:49:ec:f9:ac:52:ac:3a:4c:
84:62:3f:76:3e:ba:f4:91:99:23:17:15:74:ee:0c:
d8:5d:c1:ef:4f:58:9b:51:d9:01:87:eb:f5:32:bd:
9f:8d:c6:6b:4f:05:f9:6d:8a:c5:2d:24:56:5c:01:
c6:03:2d:33:64:3e:e4:36:cb:47:c0:eb:83:c3:06:
67:aa:10:f8:83:b5:e8:c1:4e:3d:ba:0d:5f:41:80:
78:67:fc:db:96:51:4a:35:94:4b:e0:aa:f0:8f:f1:
54:92:27:be:48:8d:c0:d9:91:c2:3f:d3:de:88:96:
73:e9:d2:40:12:d0:63:40:b0:d2:5e:76:2d:a4:75:
53:09:77:a7:de:17:10:0f:e3:aa:66:a8:b6:a6:98:
50:9a:73:18:97:23:c9:95:7c:8e:f7:c5:de:6b:c0:
07:a4:86:e5:46:32:d2:bd:45:b2:17:73:9a:73:8c:
49:a1:1c:66:1f:b4:0d:8b:6d:94:7d:98:4e:57:0a:
e6:31:9a:70:70:8c:61:26:8b:1d:5b:97:6d:81:18:
4c:75:8f:1a:65:70:ac:d8:31:86:05:3b:eb:fc:87:
31:1c:4d:e6:c1:a6:ad:ae:a5:18:65:81:6b:f7:4b:
86:68:13:ad:d7:d3:62:15:f0:ef:ae:63:bb:88:e7:
e2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F9:A1:DA:D9:89:DE:DC:0F:CD:97:3B:9B:7D:2D:6C:40:A0:49:36
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5_mh2tmJ3twPzZc7m30tbECgSTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:d8:8c:13:95:12:5a:95:ce:39:a2:36:18:d5:c0:5c:b7:8d:
1b:ad:98:6a:65:c9:ee:84:fd:90:70:2f:c1:db:d1:5d:94:19:
01:3f:cf:fc:ae:41:62:6c:ea:42:a0:dc:dc:bc:48:a3:57:68:
2e:01:2f:88:b8:8a:5c:0a:ac:bc:91:7e:e0:70:31:c4:ad:7e:
63:07:1c:e9:bb:3e:16:ff:1b:a1:aa:f5:2c:c4:f7:d3:04:1b:
23:55:22:c5:ed:4f:dc:bc:30:b1:4b:0d:71:8e:5f:d1:b3:48:
dc:0f:ec:f2:4a:1d:4e:d3:37:08:b4:27:0e:af:8e:30:66:f5:
56:6c:15:c6:cb:04:f4:65:c8:b1:71:e0:45:f3:11:35:a0:d5:
9f:82:c4:b8:c2:43:86:18:5a:6b:08:f7:46:e6:25:a3:77:2f:
40:91:0c:6b:03:34:d4:ba:3c:bb:81:db:65:a0:a9:55:b3:b6:
e5:6e:f2:85:5b:d7:f5:c4:1b:e0:5e:20:23:16:3c:65:a6:f4:
a8:a1:a3:8e:cb:ad:6b:a4:ea:c7:90:e0:05:ab:ee:63:26:3e:
0f:34:18:ab:1b:81:1e:38:7d:04:6f:83:d5:84:9b:bb:88:28:
c9:12:8e:29:22:f3:3b:eb:67:ff:70:8c:2b:e8:e5:3c:32:d6:
1c:35:9c:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnHjpsoctone3P7+GoH58TTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA1MjExNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y5YTFkYWQ5ODlkZWRjMGZjZDk3M2I5YjdkMmQ2YzQwYTA0OTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUrFn4nuSez5rFKsOkyEYj92Prr0
kZkjFxV07gzYXcHvT1ibUdkBh+v1Mr2fjcZrTwX5bYrFLSRWXAHGAy0zZD7kNstH
wOuDwwZnqhD4g7XowU49ug1fQYB4Z/zbllFKNZRL4Krwj/FUkie+SI3A2ZHCP9Pe
iJZz6dJAEtBjQLDSXnYtpHVTCXen3hcQD+OqZqi2pphQmnMYlyPJlXyO98Xea8AH
pIblRjLSvUWyF3Oac4xJoRxmH7QNi22UfZhOVwrmMZpwcIxhJosdW5dtgRhMdY8a
ZXCs2DGGBTvr/IcxHE3mwaatrqUYZYFr90uGaBOt19NiFfDvrmO7iOfiMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOf5odrZid7cD82XO5t9LWxAoEk2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNV9taDJ0bUozdHdQelpjN20zMHRiRUNnU1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIHYjBOVElqVzjmiNhjV
wFy3jRutmGplye6E/ZBwL8Hb0V2UGQE/z/yuQWJs6kKg3Ny8SKNXaC4BL4i4ilwK
rLyRfuBwMcStfmMHHOm7Phb/G6Gq9SzE99MEGyNVIsXtT9y8MLFLDXGOX9GzSNwP
7PJKHU7TNwi0Jw6vjjBm9VZsFcbLBPRlyLFx4EXzETWg1Z+CxLjCQ4YYWmsI90bm
JaN3L0CRDGsDNNS6PLuB22WgqVWztuVu8oVb1/XEG+BeICMWPGWm9Kiho47LrWuk
6seQ4AWr7mMmPg80GKsbgR44fQRvg9WEm7uIKMkSjiki8zvrZ/9wjCvo5Twy1hw1
nKY=
-----END CERTIFICATE-----
Generated at Thu May 1 00:43:50 2025 by rpki-client