Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6l9xgW39NaMI-QRj20TyIh2C3xo.roa
File: 6l9xgW39NaMI-QRj20TyIh2C3xo.roa (raw, json)
Hash identifier: j/AAvD1obi+vNetU6+9ZhIEItnHZsJVFEoUv5gsJeQQ=
Subject key identifier: EA:5F:71:81:6D:FD:35:A3:08:F9:04:63:DB:44:F2:22:1D:82:DF:1A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018638E04802608EF7A93987E122FD10809F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6l9xgW39NaMI-QRj20TyIh2C3xo.roa
Signing time: Fri 10 Feb 2023 01:11:07 +0000
ROA not before: Fri 10 Feb 2023 01:11:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:38:e0:48:02:60:8e:f7:a9:39:87:e1:22:fd:10:80:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 10 01:11:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea5f71816dfd35a308f90463db44f2221d82df1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ab:b7:7c:c6:09:c2:03:c5:a0:00:20:be:9a:
0a:3f:d1:ab:71:cf:52:2c:82:e1:a8:86:12:7b:62:
c9:10:01:02:9d:63:f1:39:c0:2e:34:4d:3f:4c:50:
10:64:ad:94:09:cb:78:ea:cd:af:7d:5d:03:02:23:
e7:1c:06:86:ec:1f:e5:ba:f4:5f:f3:26:fa:75:68:
fa:d3:cd:cb:bc:24:6f:03:1f:81:d0:11:36:5f:46:
40:1c:b5:56:ea:c0:10:66:46:32:c6:ae:89:a7:81:
87:3e:f9:c3:d1:da:07:26:bf:96:7c:e9:3a:cd:ff:
26:c4:7f:72:53:77:06:b5:9b:5a:8c:1b:96:55:70:
90:87:4b:8a:81:dc:91:41:6d:4b:d4:11:ce:c2:bb:
a4:96:7e:45:1e:f4:21:11:73:de:0b:c7:80:4c:c4:
8e:f7:4d:d9:94:6b:9a:01:8b:77:85:3a:e0:1c:1f:
c7:b8:1d:da:e9:ef:66:50:20:c6:5c:0c:68:b6:1c:
f3:29:28:97:55:b3:81:75:17:28:89:88:5e:27:1a:
2e:69:b3:77:1f:88:87:3d:67:00:3a:60:9c:7a:c8:
56:1f:2a:ca:2d:81:86:bb:02:23:96:0a:1c:34:fb:
4b:95:5b:88:5d:7d:c4:2c:83:52:27:cc:da:90:17:
94:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:5F:71:81:6D:FD:35:A3:08:F9:04:63:DB:44:F2:22:1D:82:DF:1A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6l9xgW39NaMI-QRj20TyIh2C3xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:be:9c:bf:00:d5:46:9e:30:79:a1:ed:98:8f:f9:f6:2c:9a:
70:45:80:34:14:04:45:37:5b:be:42:34:c1:66:4c:1a:61:3e:
b8:ba:53:bc:61:dc:5c:d7:16:39:74:ed:e6:5c:f4:fa:23:22:
bb:a2:c5:5e:3c:8d:fa:28:b4:d8:00:9f:0d:d6:2b:4e:8f:47:
5e:09:dc:20:c2:7a:28:c7:3f:65:b4:f7:e7:1e:2d:2e:04:93:
ac:af:20:4e:c1:6a:79:72:76:76:db:e4:26:aa:1b:18:d7:e6:
52:88:13:e8:3b:05:a3:09:5e:c2:e2:a8:da:ed:93:de:64:b8:
80:47:b4:46:80:61:5d:db:f9:43:f5:3a:56:9a:50:60:62:5a:
cb:fe:37:a7:b9:65:4a:a3:22:31:a9:8f:b2:08:83:bf:a6:f5:
09:12:28:cf:1b:58:55:f8:0c:6b:65:22:eb:d6:f7:cd:8f:e3:
27:6c:c1:49:d9:7d:31:f7:41:cf:df:a0:ac:15:df:55:22:5a:
c4:d3:b6:df:a6:18:78:d2:28:21:c4:f5:8e:bb:40:24:ff:37:
bd:ca:db:3f:69:5a:1c:46:16:ba:53:90:ed:0b:10:fe:b7:8f:
4c:0b:6f:3f:7c:37:15:7f:ee:7a:e5:07:dd:b3:93:88:df:f1:
77:77:58:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYY44EgCYI73qTmH4SL9EICfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEwMDExMTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTVmNzE4MTZkZmQzNWEzMDhmOTA0NjNkYjQ0ZjIyMjFkODJkZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKu3fMYJwgPFoAAgvpoKP9Grcc9S
LILhqIYSe2LJEAECnWPxOcAuNE0/TFAQZK2UCct46s2vfV0DAiPnHAaG7B/luvRf
8yb6dWj6083LvCRvAx+B0BE2X0ZAHLVW6sAQZkYyxq6Jp4GHPvnD0doHJr+WfOk6
zf8mxH9yU3cGtZtajBuWVXCQh0uKgdyRQW1L1BHOwrukln5FHvQhEXPeC8eATMSO
903ZlGuaAYt3hTrgHB/HuB3a6e9mUCDGXAxothzzKSiXVbOBdRcoiYheJxouabN3
H4iHPWcAOmCceshWHyrKLYGGuwIjlgocNPtLlVuIXX3ELINSJ8zakBeUOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOpfcYFt/TWjCPkEY9tE8iIdgt8aMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNmw5eGdXMzlOYU1JLVFSajIwVHlJaDJDM3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHS+nL8A1UaeMHmh7ZiP
+fYsmnBFgDQUBEU3W75CNMFmTBphPri6U7xh3FzXFjl07eZc9PojIruixV48jfoo
tNgAnw3WK06PR14J3CDCeijHP2W09+ceLS4Ek6yvIE7Banlydnbb5CaqGxjX5lKI
E+g7BaMJXsLiqNrtk95kuIBHtEaAYV3b+UP1OlaaUGBiWsv+N6e5ZUqjIjGpj7II
g7+m9QkSKM8bWFX4DGtlIuvW982P4ydswUnZfTH3Qc/foKwV31UiWsTTtt+mGHjS
KCHE9Y67QCT/N73K2z9pWhxGFrpTkO0LEP63j0wLbz98NxV/7nrlB92zk4jf8Xd3
WBM=
-----END CERTIFICATE-----
Generated at Sun May 4 06:39:34 2025 by rpki-client