Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5mnAzp4Jlay8ZglxCgPwWRSBM7A.roa
File: 5mnAzp4Jlay8ZglxCgPwWRSBM7A.roa (raw, json)
Hash identifier: VAl/IcPF8e3kZwYDbnVzfjx6wdq9leLh0JYa7EuU4N8=
Subject key identifier: E6:69:C0:CE:9E:09:95:AC:BC:66:09:71:0A:03:F0:59:14:81:33:B0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D854D5DC9A68F985F111263B6CA59327
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5mnAzp4Jlay8ZglxCgPwWRSBM7A.roa
Signing time: Sat 03 Dec 2022 14:12:29 +0000
ROA not before: Sat 03 Dec 2022 14:12:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d8:54:d5:dc:9a:68:f9:85:f1:11:26:3b:6c:a5:93:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 3 14:12:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e669c0ce9e0995acbc6609710a03f059148133b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b6:9e:d8:aa:2d:69:f6:35:01:04:be:a0:70:
b5:3c:4c:b1:b6:6b:a9:10:49:11:10:15:0c:84:d6:
ef:43:09:db:25:9b:ec:e3:71:73:f1:e7:e7:24:bb:
51:bb:fa:63:00:a8:d3:b7:b0:c4:ee:99:e3:04:32:
e7:37:cb:20:6b:79:47:e9:fc:c8:9b:fa:e3:ea:44:
10:b3:ab:09:60:26:19:e5:e6:c2:25:5e:5e:4e:e0:
7f:f0:e8:cf:e1:ef:20:94:31:4b:7d:74:f5:ff:33:
56:c8:a1:c7:15:22:84:82:70:38:37:4f:4a:ed:a4:
78:dc:71:e7:c9:0e:7c:93:9e:57:79:48:c5:5f:46:
42:bf:c0:f0:f9:ef:e0:ea:a3:f2:c8:c0:c8:31:7b:
14:e0:15:c0:c2:26:43:37:ec:74:09:46:2f:76:6b:
6b:d8:be:f0:53:98:2e:87:fa:a5:52:64:a1:41:32:
2a:bb:a0:0b:6c:a4:4e:50:fc:e0:5e:0e:6c:47:15:
f1:f8:e4:6d:54:21:cd:29:53:ff:3a:a7:90:24:e9:
2a:b8:ba:05:4a:ed:0b:4b:2f:d1:43:0f:d6:65:80:
aa:4d:d1:f9:9b:4a:6a:89:21:73:9c:4c:1c:fb:64:
0b:b4:f2:63:97:dc:7a:c1:f4:ee:07:ec:34:ca:3a:
d9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:69:C0:CE:9E:09:95:AC:BC:66:09:71:0A:03:F0:59:14:81:33:B0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5mnAzp4Jlay8ZglxCgPwWRSBM7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:42:c4:b4:f0:67:b8:7e:96:cb:e1:2b:cb:85:b1:94:b0:79:
48:1e:24:d0:10:81:6d:41:e3:d5:8d:fb:a5:0f:50:4c:0d:5c:
4a:24:14:98:89:7c:a7:1d:78:c3:33:22:d2:f1:f6:f9:4d:e0:
03:42:9b:dd:fb:7c:4b:d7:40:d7:44:2f:83:f4:b0:5c:83:ff:
a2:4a:7d:74:03:bc:f5:2c:58:06:34:25:f1:0d:ab:fe:48:c2:
fa:40:86:a5:48:22:de:da:c8:ba:71:bb:2f:46:87:4e:ab:16:
e5:1e:cb:0c:e7:7b:38:d0:67:75:d3:97:ea:f3:56:04:04:47:
24:15:b5:9c:3d:b3:57:26:ec:92:aa:22:4c:84:d5:b6:f4:6d:
b9:8c:e6:a4:06:e9:2e:61:7d:16:ca:0c:f7:6e:fa:01:d6:9c:
54:ac:6b:25:fb:ee:6b:bf:73:a1:29:e9:26:d2:70:dc:c5:a1:
e3:ec:1b:dc:2c:69:ed:fd:8e:13:fd:55:8b:54:0b:30:cd:63:
01:91:44:d8:1c:fd:60:55:2e:6a:8d:b5:ff:bd:7c:fb:39:7b:
17:c7:7b:00:de:f2:54:93:c7:da:09:93:94:7c:c3:77:54:d6:
a2:3e:a9:49:bc:09:e8:5b:68:e8:9b:03:9e:4b:6e:d2:bb:95:
cf:9f:53:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTYVNXcmmj5hfERJjtspZMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAzMTQxMjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY5YzBjZTllMDk5NWFjYmM2NjA5NzEwYTAzZjA1OTE0ODEzM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrae2KotafY1AQS+oHC1PEyxtmup
EEkREBUMhNbvQwnbJZvs43Fz8efnJLtRu/pjAKjTt7DE7pnjBDLnN8sga3lH6fzI
m/rj6kQQs6sJYCYZ5ebCJV5eTuB/8OjP4e8glDFLfXT1/zNWyKHHFSKEgnA4N09K
7aR43HHnyQ58k55XeUjFX0ZCv8Dw+e/g6qPyyMDIMXsU4BXAwiZDN+x0CUYvdmtr
2L7wU5guh/qlUmShQTIqu6ALbKROUPzgXg5sRxXx+ORtVCHNKVP/OqeQJOkquLoF
Su0LSy/RQw/WZYCqTdH5m0pqiSFznEwc+2QLtPJjl9x6wfTuB+w0yjrZNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOZpwM6eCZWsvGYJcQoD8FkUgTOwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNW1uQXpwNEpsYXk4WmdseENnUHdXUlNCTTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB1CxLTwZ7h+lsvhK8uF
sZSweUgeJNAQgW1B49WN+6UPUEwNXEokFJiJfKcdeMMzItLx9vlN4ANCm937fEvX
QNdEL4P0sFyD/6JKfXQDvPUsWAY0JfENq/5IwvpAhqVIIt7ayLpxuy9Gh06rFuUe
ywznezjQZ3XTl+rzVgQERyQVtZw9s1cm7JKqIkyE1bb0bbmM5qQG6S5hfRbKDPdu
+gHWnFSsayX77mu/c6Ep6SbScNzFoePsG9wsae39jhP9VYtUCzDNYwGRRNgc/WBV
LmqNtf+9fPs5exfHewDe8lSTx9oJk5R8w3dU1qI+qUm8CehbaOibA55LbtK7lc+f
U2k=
-----END CERTIFICATE-----
Generated at Fri May 2 10:18:29 2025 by rpki-client