Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5aZVNJKFi5yoxRx6vYBuMoxNQOA.roa
File: 5aZVNJKFi5yoxRx6vYBuMoxNQOA.roa (raw, json)
Hash identifier: lBZQXPPXf3thiJajptSPfAznXEiro/4t1J4kd2NzU6U=
Subject key identifier: E5:A6:55:34:92:85:8B:9C:A8:C5:1C:7A:BD:80:6E:32:8C:4D:40:E0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868E09DC347A0E7C09092349EDC2FF1207
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5aZVNJKFi5yoxRx6vYBuMoxNQOA.roa
Signing time: Sun 26 Feb 2023 14:04:16 +0000
ROA not before: Sun 26 Feb 2023 14:04:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:186:8e09:bf42/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8e:09:dc:34:7a:0e:7c:09:09:23:49:ed:c2:ff:12:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 14:04:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5a6553492858b9ca8c51c7abd806e328c4d40e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b8:1f:af:90:79:4c:be:96:67:53:ea:e0:65:
5f:29:0c:41:0f:e8:c9:b6:87:39:24:bc:cd:da:f2:
bf:f3:81:0b:7e:d7:76:cf:b4:fb:a1:5e:67:22:43:
fc:7e:d8:17:3a:ef:74:69:2a:81:2a:0e:ba:b6:f8:
ac:58:e3:e7:e2:e8:61:d6:1a:08:1e:68:43:29:38:
2d:60:e9:84:0c:89:d5:39:21:46:0d:da:ce:9e:26:
2c:c9:92:5d:1b:e2:d1:c9:b5:78:d8:4e:dc:47:8e:
fd:67:ba:f5:6f:33:56:bf:d5:6f:92:ff:6f:80:6b:
b4:1e:13:ef:f1:d9:60:15:2d:4e:3b:fc:27:09:4b:
f5:7e:12:d5:1b:9f:c3:24:22:a7:5d:da:b1:f1:51:
9f:d7:50:7e:25:39:6f:9c:b4:6a:08:82:c0:df:70:
67:82:78:bd:0c:15:fd:9c:46:d2:1a:98:a6:3a:f4:
0f:3f:d3:5f:74:2f:b1:41:69:39:d6:e7:87:73:10:
fa:d7:2e:37:66:92:74:b8:a5:ba:60:72:ed:b9:77:
88:ca:ae:7f:0b:db:f6:11:9a:0f:71:37:64:af:8c:
ed:91:49:d4:8e:cc:af:3a:a0:cf:69:c9:64:95:63:
51:00:40:99:89:cf:8d:2c:2f:fb:c8:c9:68:cf:42:
e4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A6:55:34:92:85:8B:9C:A8:C5:1C:7A:BD:80:6E:32:8C:4D:40:E0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5aZVNJKFi5yoxRx6vYBuMoxNQOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:04:2d:a1:fb:d2:8a:1b:d9:ae:62:f2:7d:b5:38:0e:a7:43:
4b:74:44:9d:6c:ea:c2:fd:98:04:4f:da:ac:88:a5:a2:20:78:
d8:f7:89:f1:28:c0:dc:2b:00:f8:b9:ad:e6:75:c4:0a:d2:dc:
6a:a6:63:41:9d:0c:6b:8b:6f:a0:bb:f8:62:6e:4b:9d:ef:d7:
ae:42:e2:58:de:3f:21:6a:fc:aa:47:80:eb:73:8f:92:61:f0:
44:c2:e5:fc:b5:f2:35:41:7a:97:bb:dc:42:e6:42:b7:55:de:
aa:0a:e7:38:40:ad:57:5a:81:cb:d0:fe:4a:87:dd:4c:ef:da:
2b:87:bb:8d:b0:bd:aa:5a:15:1b:0c:a4:ac:77:ee:57:1a:f3:
c4:86:f9:63:7a:41:bd:60:b2:8a:4c:f3:c0:da:b4:3d:46:63:
0f:61:82:8f:87:54:7a:6a:c6:33:74:94:49:d3:d7:78:95:9d:
1d:f8:62:8a:e6:9a:af:f2:01:d5:35:f3:6f:62:be:ba:e7:20:
bb:38:b2:49:39:4f:71:83:0a:d3:71:b8:d3:e5:0b:f7:4a:2d:
80:a9:22:00:2e:47:83:82:e3:5b:ae:7d:02:0a:d1:41:f3:e5:
bd:23:a3:e0:22:bd:e7:fb:d7:ae:00:90:72:8d:a0:e9:12:1a:
66:44:a8:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaOCdw0eg58CQkjSe3C/xIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI2MTQwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE2NTUzNDkyODU4YjljYThjNTFjN2FiZDgwNmUzMjhjNGQ0MGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bgfr5B5TL6WZ1Pq4GVfKQxBD+jJ
toc5JLzN2vK/84ELftd2z7T7oV5nIkP8ftgXOu90aSqBKg66tvisWOPn4uhh1hoI
HmhDKTgtYOmEDInVOSFGDdrOniYsyZJdG+LRybV42E7cR479Z7r1bzNWv9Vvkv9v
gGu0HhPv8dlgFS1OO/wnCUv1fhLVG5/DJCKnXdqx8VGf11B+JTlvnLRqCILA33Bn
gni9DBX9nEbSGpimOvQPP9NfdC+xQWk51ueHcxD61y43ZpJ0uKW6YHLtuXeIyq5/
C9v2EZoPcTdkr4ztkUnUjsyvOqDPaclklWNRAECZic+NLC/7yMloz0Lk7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOWmVTSShYucqMUcer2AbjKMTUDgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNWFaVk5KS0ZpNXlveFJ4NnZZQnVNb3hOUU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADYELaH70oob2a5i8n21
OA6nQ0t0RJ1s6sL9mARP2qyIpaIgeNj3ifEowNwrAPi5reZ1xArS3GqmY0GdDGuL
b6C7+GJuS53v165C4ljePyFq/KpHgOtzj5Jh8ETC5fy18jVBepe73ELmQrdV3qoK
5zhArVdagcvQ/kqH3Uzv2iuHu42wvapaFRsMpKx37lca88SG+WN6Qb1gsopM88Da
tD1GYw9hgo+HVHpqxjN0lEnT13iVnR34Yormmq/yAdU1829ivrrnILs4skk5T3GD
CtNxuNPlC/dKLYCpIgAuR4OC41uufQIK0UHz5b0jo+Aivef7164AkHKNoOkSGmZE
qGQ=
-----END CERTIFICATE-----
Generated at Fri May 2 22:04:05 2025 by rpki-client