Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5qexEeJkCLV6f2pcOEl8HdSHhqw.roa
File: 5qexEeJkCLV6f2pcOEl8HdSHhqw.roa (raw, json)
Hash identifier: pLiHbWwPI5BzuBiT80smu6MKPomeWkkMqSOApqeAx/E=
Subject key identifier: E6:A7:B1:11:E2:64:08:B5:7A:7F:6A:5C:38:49:7C:1D:D4:87:86:AC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854D44F15B57E8361604F8E1473B610711
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5qexEeJkCLV6f2pcOEl8HdSHhqw.roa
Signing time: Mon 26 Dec 2022 07:10:41 +0000
ROA not before: Mon 26 Dec 2022 07:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4d:44:f1:5b:57:e8:36:16:04:f8:e1:47:3b:61:07:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 26 07:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6a7b111e26408b57a7f6a5c38497c1dd48786ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c7:64:34:d2:c8:26:e2:a0:79:40:92:36:f9:
e1:77:27:31:f7:5a:c8:b3:9a:39:14:6a:b4:76:e4:
ad:06:80:b5:3d:a0:59:14:25:bd:24:c4:25:23:8a:
39:3f:eb:29:c8:a5:63:8d:ed:71:b6:e5:18:88:56:
9d:c8:6d:10:bd:e2:be:a2:c5:a5:15:30:b7:84:15:
20:59:af:7d:36:7e:66:98:8b:9f:25:5a:e8:ea:d3:
5e:8f:82:9c:a6:1a:b4:e3:24:36:c0:94:f0:31:11:
f7:36:06:f8:47:e7:2d:8f:6d:b9:36:ac:14:57:b4:
fd:47:13:84:fd:9c:33:b8:38:0f:f1:f4:81:df:c3:
29:17:1e:9e:6f:6d:b7:96:65:59:fe:c0:f5:10:1d:
51:41:ec:28:73:4d:7f:8f:b0:bd:db:65:20:10:08:
7f:c2:cb:4e:4b:a5:08:66:03:ba:c9:00:2f:fc:3e:
47:48:37:43:6d:81:89:6f:cb:d4:8c:30:f1:44:ef:
3c:77:53:93:f3:ea:ca:38:6e:f7:78:44:2a:a1:c7:
f0:25:aa:58:09:ff:00:33:6f:57:a6:40:f7:95:66:
0f:b8:41:28:96:e1:a6:b5:56:1b:20:15:aa:2c:41:
3a:9f:05:15:09:42:20:f5:f7:a8:a0:02:cb:20:5e:
bc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A7:B1:11:E2:64:08:B5:7A:7F:6A:5C:38:49:7C:1D:D4:87:86:AC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5qexEeJkCLV6f2pcOEl8HdSHhqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:c0:9c:c6:31:1d:f1:57:96:49:c1:81:cc:91:fd:b9:6e:51:
69:52:83:6e:aa:96:de:ba:15:ff:1f:cc:32:a1:49:05:ca:4a:
99:60:00:53:84:4a:d8:5c:aa:fa:ab:cd:a3:0f:92:f6:cf:a3:
43:cf:6f:7a:c8:46:2e:37:18:62:2d:19:cf:3a:d4:1c:dd:7c:
2e:c2:24:55:f1:da:da:3d:e9:3b:18:c7:f4:76:8e:aa:0e:f1:
61:49:af:2e:9c:8e:96:71:7b:12:10:d0:bc:c3:18:93:d6:2d:
a8:aa:bf:4a:39:d5:75:0a:b2:91:37:39:85:d1:5d:0a:8e:f9:
54:97:67:7b:29:24:70:3d:bb:62:11:db:78:78:f9:c4:31:f1:
1d:49:4e:dc:3e:7a:78:90:a5:f1:0b:40:72:ce:3d:f6:31:52:
a1:20:5b:24:38:3f:cd:ff:6b:8d:c6:67:a6:12:80:c2:5d:d0:
4e:0a:11:a3:53:6c:14:93:66:18:f9:c7:b3:a2:24:e7:c4:85:
13:87:ac:f9:73:18:ed:c7:21:c1:c0:ec:f0:55:c4:26:ac:ba:
ff:88:89:54:9f:12:2b:87:a2:ce:9c:e1:00:f7:80:13:8c:0a:
cf:1b:23:dd:aa:fc:c5:05:47:ad:a8:ca:fc:75:61:02:f9:de:
71:8e:89:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVNRPFbV+g2FgT44Uc7YQcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI2MDcxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmE3YjExMWUyNjQwOGI1N2E3ZjZhNWMzODQ5N2MxZGQ0ODc4NmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcdkNNLIJuKgeUCSNvnhdycx91rI
s5o5FGq0duStBoC1PaBZFCW9JMQlI4o5P+spyKVjje1xtuUYiFadyG0QveK+osWl
FTC3hBUgWa99Nn5mmIufJVro6tNej4Kcphq04yQ2wJTwMRH3Ngb4R+ctj225NqwU
V7T9RxOE/ZwzuDgP8fSB38MpFx6eb223lmVZ/sD1EB1RQewoc01/j7C922UgEAh/
wstOS6UIZgO6yQAv/D5HSDdDbYGJb8vUjDDxRO88d1OT8+rKOG73eEQqocfwJapY
Cf8AM29XpkD3lWYPuEEoluGmtVYbIBWqLEE6nwUVCUIg9feooALLIF68vwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOansRHiZAi1en9qXDhJfB3Uh4asMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNXFleEVlSmtDTFY2ZjJwY09FbDhIZFNIaHF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG3AnMYxHfFXlknBgcyR
/bluUWlSg26qlt66Ff8fzDKhSQXKSplgAFOESthcqvqrzaMPkvbPo0PPb3rIRi43
GGItGc861BzdfC7CJFXx2to96TsYx/R2jqoO8WFJry6cjpZxexIQ0LzDGJPWLaiq
v0o51XUKspE3OYXRXQqO+VSXZ3spJHA9u2IR23h4+cQx8R1JTtw+eniQpfELQHLO
PfYxUqEgWyQ4P83/a43GZ6YSgMJd0E4KEaNTbBSTZhj5x7OiJOfEhROHrPlzGO3H
IcHA7PBVxCasuv+IiVSfEiuHos6c4QD3gBOMCs8bI92q/MUFR62oyvx1YQL53nGO
iQA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:20:49 2025 by rpki-client