Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5vaokr_jUwoqfAeXSzG0yz_nLpY.roa
File: 5vaokr_jUwoqfAeXSzG0yz_nLpY.roa (raw, json)
Hash identifier: 9htvI2GcR7vBdaCOn4yvAsIXfd48GymXfjv6+BXeiCQ=
Subject key identifier: E6:F6:A8:92:BF:E3:53:0A:2A:7C:07:97:4B:31:B4:CB:3F:E7:2E:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018787304C2DFCE3BF2E9582D20598F4A425
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5vaokr_jUwoqfAeXSzG0yz_nLpY.roa
Signing time: Sat 15 Apr 2023 23:11:41 +0000
ROA not before: Sat 15 Apr 2023 23:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:87:30:4c:2d:fc:e3:bf:2e:95:82:d2:05:98:f4:a4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 15 23:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6f6a892bfe3530a2a7c07974b31b4cb3fe72e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a5:cf:3d:f9:c1:0f:81:2f:8a:f1:02:27:c2:
82:a2:52:a2:c1:bc:c1:89:3e:04:12:4b:00:31:5f:
3f:ff:2f:c0:4a:0d:74:cd:99:52:fb:05:53:72:b2:
db:fc:5b:0f:87:72:57:a7:16:83:fa:dc:60:56:fa:
89:61:de:4c:a4:f2:14:99:38:15:ed:07:9f:d1:7c:
28:58:84:f5:ae:8f:03:48:50:a8:53:21:04:df:c8:
b2:05:3b:1c:f6:3b:e5:2c:9e:68:10:2c:1e:90:91:
3e:1e:c5:e4:e6:5f:6e:17:d9:ca:e0:55:f7:9b:4a:
fa:05:6b:84:f0:7c:f9:8b:f8:da:47:b1:1c:fb:66:
78:e2:16:07:39:f8:26:f1:a4:f9:c3:e1:db:ab:1a:
cb:fe:06:45:bf:88:d3:50:93:57:c8:30:70:c2:cf:
45:89:fe:b5:60:01:c6:c9:4d:c1:c3:7e:fe:a7:47:
bb:95:b2:91:52:00:c5:37:57:73:94:52:44:61:4b:
38:01:b9:91:cd:f0:2b:a3:39:52:4f:ca:2f:e1:f4:
b8:c5:87:d9:2b:9b:b2:5c:20:3d:09:5a:42:c5:89:
12:59:95:ce:44:b9:32:5a:f2:8a:1d:58:ee:18:ba:
c0:de:80:30:82:65:35:97:2e:6f:c0:54:c2:2e:bd:
5b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F6:A8:92:BF:E3:53:0A:2A:7C:07:97:4B:31:B4:CB:3F:E7:2E:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5vaokr_jUwoqfAeXSzG0yz_nLpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:55:91:8d:d0:c3:d3:4f:3b:0e:35:a1:97:c9:40:b1:36:b9:
b0:fe:c2:58:28:a3:9c:53:17:1c:92:17:45:51:35:8f:d3:87:
f9:c6:d6:8f:68:87:8e:12:73:7f:a5:3b:10:aa:47:81:a7:05:
f1:73:b5:75:64:98:f3:6b:9f:b4:3c:7a:a5:78:c8:a6:08:9d:
c2:29:dd:98:cf:04:b4:5a:2d:a9:7e:63:79:e6:53:e1:9f:b5:
ff:38:e8:fa:23:6d:ab:57:2b:7e:17:8a:2d:7e:1c:58:40:c4:
de:26:e7:63:04:ba:12:66:a6:1c:8c:17:df:f6:69:1c:aa:03:
f7:c5:e5:38:4e:fc:9a:96:bd:5a:c1:ad:03:73:9b:60:3f:c1:
04:d4:ef:b8:2c:3f:65:f9:d1:1a:e5:14:e7:ae:88:bd:61:f3:
e0:69:5c:72:06:cc:f4:51:69:54:6e:09:fb:be:5a:bc:0a:06:
15:55:e4:32:e9:84:a3:84:4b:a8:13:22:ec:2a:4e:ee:3c:c7:
20:09:1a:06:7e:ca:2d:ca:ff:33:79:fb:50:71:2c:83:53:ab:
bf:68:cc:2a:13:80:d7:2d:1b:ca:0f:23:51:f5:0d:69:7a:8e:
41:c7:f3:7b:15:58:ae:7a:a1:1c:94:b6:77:8e:db:28:17:45:
5c:f1:9a:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeHMEwt/OO/LpWC0gWY9KQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE1MjMxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmY2YTg5MmJmZTM1MzBhMmE3YzA3OTc0YjMxYjRjYjNmZTcyZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaXPPfnBD4EvivECJ8KColKiwbzB
iT4EEksAMV8//y/ASg10zZlS+wVTcrLb/FsPh3JXpxaD+txgVvqJYd5MpPIUmTgV
7Qef0XwoWIT1ro8DSFCoUyEE38iyBTsc9jvlLJ5oECwekJE+HsXk5l9uF9nK4FX3
m0r6BWuE8Hz5i/jaR7Ec+2Z44hYHOfgm8aT5w+HbqxrL/gZFv4jTUJNXyDBwws9F
if61YAHGyU3Bw37+p0e7lbKRUgDFN1dzlFJEYUs4AbmRzfArozlST8ov4fS4xYfZ
K5uyXCA9CVpCxYkSWZXORLkyWvKKHVjuGLrA3oAwgmU1ly5vwFTCLr1bjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOb2qJK/41MKKnwHl0sxtMs/5y6WMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNXZhb2tyX2pVd29xZkFlWFN6RzB5el9uTHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACNVkY3Qw9NPOw41oZfJ
QLE2ubD+wlgoo5xTFxySF0VRNY/Th/nG1o9oh44Sc3+lOxCqR4GnBfFztXVkmPNr
n7Q8eqV4yKYIncIp3ZjPBLRaLal+Y3nmU+Gftf846PojbatXK34Xii1+HFhAxN4m
52MEuhJmphyMF9/2aRyqA/fF5ThO/JqWvVrBrQNzm2A/wQTU77gsP2X50RrlFOeu
iL1h8+BpXHIGzPRRaVRuCfu+WrwKBhVV5DLphKOES6gTIuwqTu48xyAJGgZ+yi3K
/zN5+1BxLINTq79ozCoTgNctG8oPI1H1DWl6jkHH83sVWK56oRyUtneO2ygXRVzx
mog=
-----END CERTIFICATE-----
Generated at Mon May 5 23:11:23 2025 by rpki-client