Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/60SeOkl-jLFHS2x-ffzxWtMUzJQ.roa
File: 60SeOkl-jLFHS2x-ffzxWtMUzJQ.roa (raw, json)
Hash identifier: xH0RNzeP9ihUPRVJCQO4IbSGsiY+aY7V0neTlg5jwYA=
Subject key identifier: EB:44:9E:3A:49:7E:8C:B1:47:4B:6C:7E:7D:FC:F1:5A:D3:14:CC:94
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01828C2C7C5C76A461F9BF63A6D33E00DBD1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/60SeOkl-jLFHS2x-ffzxWtMUzJQ.roa
Signing time: Thu 11 Aug 2022 09:11:41 +0000
ROA not before: Thu 11 Aug 2022 09:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:2c:7c:5c:76:a4:61:f9:bf:63:a6:d3:3e:00:db:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 09:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb449e3a497e8cb1474b6c7e7dfcf15ad314cc94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f4:19:13:82:14:78:76:94:b5:59:53:59:09:
ca:32:2a:57:4e:4a:78:87:c4:fb:60:42:5a:d3:25:
e0:11:d1:7c:8c:2b:66:e2:36:14:82:af:02:80:10:
13:93:c0:2e:af:19:1e:8c:ef:e4:ab:d8:75:1d:48:
d3:ad:94:bc:61:9d:99:51:60:c6:d9:63:a5:2f:b2:
31:3b:1d:4a:2c:ee:8c:ce:ef:fd:1a:9a:c7:f6:2e:
47:b7:4d:7b:48:2b:bd:cb:7c:15:f3:ad:51:06:c0:
ad:c2:1d:cc:05:da:8d:fd:e5:98:ab:a0:8a:f2:26:
c9:52:66:5a:ea:ad:cc:ec:06:7b:41:2e:cc:97:26:
0e:7a:25:04:80:d1:97:91:4e:a3:82:68:3e:a7:9d:
9e:ea:84:8b:b2:06:86:dc:b9:43:15:7d:a3:bd:2c:
a9:0e:1b:cb:79:e9:a6:d7:b4:44:9c:46:64:a2:f5:
d6:8c:a6:e6:64:d9:4e:f4:54:8a:ee:dd:8e:6c:b5:
d9:ce:d7:ce:b9:b8:1e:ac:cd:8b:36:b8:ff:30:01:
5e:21:c8:a4:7c:7d:af:b4:4e:e5:5f:4c:1f:4a:8e:
93:71:46:ef:50:f7:11:06:f8:57:73:50:44:7d:38:
f2:70:31:8e:97:aa:31:28:81:ac:3e:3b:ad:e9:d4:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:44:9E:3A:49:7E:8C:B1:47:4B:6C:7E:7D:FC:F1:5A:D3:14:CC:94
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/60SeOkl-jLFHS2x-ffzxWtMUzJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:f1:20:19:9a:61:1d:59:e5:5a:38:24:7d:3e:a8:87:17:26:
30:1d:76:0d:f1:a1:6f:45:7b:46:ea:bf:c5:1f:b2:07:fa:56:
b3:4f:bc:9d:56:b6:66:0e:00:a7:98:76:ce:8a:c3:93:0d:fa:
4d:b8:39:e4:8c:af:86:b3:52:81:b3:9b:54:8c:9c:8d:60:46:
9b:e4:68:75:a0:90:68:c8:84:78:b1:77:5d:3f:9d:81:ad:73:
b8:f8:e8:6f:7f:31:2c:59:2f:32:34:80:89:d2:96:83:ea:91:
d1:44:52:b9:01:98:ce:6d:54:16:24:8c:ba:68:47:2d:78:70:
03:c7:99:fe:a0:1e:56:38:22:de:25:5b:da:49:c5:f8:5d:f8:
78:68:bb:5f:a4:31:a1:75:b6:f1:b6:c8:cf:79:e1:0f:90:1f:
04:b3:69:1b:6d:a5:58:bd:f5:79:19:53:fd:96:65:ba:7b:24:
5e:f1:1c:e2:7d:c7:b1:32:f5:71:ee:3e:8c:0a:ab:8e:64:50:
d6:64:c4:09:a3:01:17:3c:7e:f5:42:cc:6a:ce:67:38:4b:1f:
ca:b9:c4:74:e2:1c:52:29:ae:47:7c:02:36:95:b9:f0:c1:a9:
ed:e4:e5:54:02:0d:cd:bb:e5:75:27:84:57:07:3d:14:d4:96:
8f:a1:44:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKMLHxcdqRh+b9jptM+ANvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODExMDkxMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ0OWUzYTQ5N2U4Y2IxNDc0YjZjN2U3ZGZjZjE1YWQzMTRjYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPQZE4IUeHaUtVlTWQnKMipXTkp4
h8T7YEJa0yXgEdF8jCtm4jYUgq8CgBATk8AurxkejO/kq9h1HUjTrZS8YZ2ZUWDG
2WOlL7IxOx1KLO6Mzu/9GprH9i5Ht017SCu9y3wV861RBsCtwh3MBdqN/eWYq6CK
8ibJUmZa6q3M7AZ7QS7MlyYOeiUEgNGXkU6jgmg+p52e6oSLsgaG3LlDFX2jvSyp
DhvLeemm17REnEZkovXWjKbmZNlO9FSK7t2ObLXZztfOubgerM2LNrj/MAFeIcik
fH2vtE7lX0wfSo6TcUbvUPcRBvhXc1BEfTjycDGOl6oxKIGsPjut6dRdvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOtEnjpJfoyxR0tsfn388VrTFMyUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNjBTZU9rbC1qTEZIUzJ4LWZmenhXdE1VekpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFXxIBmaYR1Z5Vo4JH0+
qIcXJjAddg3xoW9Fe0bqv8Ufsgf6VrNPvJ1WtmYOAKeYds6Kw5MN+k24OeSMr4az
UoGzm1SMnI1gRpvkaHWgkGjIhHixd10/nYGtc7j46G9/MSxZLzI0gInSloPqkdFE
UrkBmM5tVBYkjLpoRy14cAPHmf6gHlY4It4lW9pJxfhd+Hhou1+kMaF1tvG2yM95
4Q+QHwSzaRttpVi99XkZU/2WZbp7JF7xHOJ9x7Ey9XHuPowKq45kUNZkxAmjARc8
fvVCzGrOZzhLH8q5xHTiHFIprkd8AjaVufDBqe3k5VQCDc275XUnhFcHPRTUlo+h
RF8=
-----END CERTIFICATE-----
Generated at Thu May 1 02:14:28 2025 by rpki-client