Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9eYLBTHy6NTGATRktp4gFrSsW9g.roa
File: 9eYLBTHy6NTGATRktp4gFrSsW9g.roa (raw, json)
Hash identifier: k8nYeQkfyIH6KRwHgmTTGoEADUbj6n21r8tR32asLyg=
Subject key identifier: F5:E6:0B:05:31:F2:E8:D4:C6:01:34:64:B6:9E:20:16:B4:AC:5B:D8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185A273064D5EE047932064F77A1E0B2B20
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9eYLBTHy6NTGATRktp4gFrSsW9g.roa
Signing time: Wed 11 Jan 2023 20:08:45 +0000
ROA not before: Wed 11 Jan 2023 20:08:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a2:73:06:4d:5e:e0:47:93:20:64:f7:7a:1e:0b:2b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 11 20:08:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5e60b0531f2e8d4c6013464b69e2016b4ac5bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:57:0b:9f:b7:2d:9f:31:5a:15:bc:de:5e:86:
04:78:22:e0:9d:bc:58:bc:7d:6c:ce:c9:17:18:85:
98:fd:df:2c:59:f6:ec:0d:b1:de:20:49:aa:09:ed:
20:00:fc:be:48:2e:c3:b4:56:72:6d:d5:a3:63:0f:
17:0f:7b:4b:40:2e:ee:f0:d9:bd:96:c3:54:1e:6c:
a6:94:17:4d:f8:d2:64:3e:60:e2:c8:8d:a7:a1:35:
ab:44:ac:42:bc:a3:8e:cc:65:65:11:6b:9f:cf:aa:
5e:08:f5:4a:91:1d:2b:48:e6:cc:99:7a:ec:ae:ca:
a3:ee:05:44:e2:be:72:5d:d8:be:d0:68:2b:d1:f8:
5b:74:78:8a:ff:f2:82:e6:35:c1:81:f3:94:9b:81:
c7:92:63:be:2f:d3:6e:ee:60:89:8c:a9:6e:e5:cb:
0a:8d:f9:92:e4:41:5f:f0:80:14:82:99:a7:01:a8:
20:49:33:26:1b:59:ed:87:ef:3d:82:22:64:46:84:
04:71:e3:3f:43:34:77:c9:c8:e2:37:7c:54:6b:42:
9b:5e:1c:35:d9:1f:ba:d6:aa:50:41:f5:7b:3e:2f:
6d:b4:a1:6c:3a:50:0e:f2:f7:1d:3b:d2:a9:4f:3e:
18:fb:f5:a5:f6:b7:ce:b9:ad:13:d7:69:0e:a7:85:
75:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E6:0B:05:31:F2:E8:D4:C6:01:34:64:B6:9E:20:16:B4:AC:5B:D8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9eYLBTHy6NTGATRktp4gFrSsW9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:a9:a6:97:51:4c:a7:f7:05:d6:7b:80:f2:ca:39:36:4a:7e:
6f:4e:b8:cb:98:c3:5b:40:89:90:86:2f:4a:9a:6c:0b:aa:ba:
2c:c1:2b:0d:e8:67:3a:86:a7:91:33:33:59:76:29:03:93:bb:
64:ae:be:bd:d2:95:7f:5a:9c:64:6b:8f:d4:e1:3d:4f:7a:82:
10:b5:7a:64:8a:6d:a8:6f:c2:d9:f8:7b:12:2a:f6:a7:82:f4:
0e:09:2f:2c:02:83:9c:39:eb:a8:5f:a5:02:da:59:dd:a4:03:
17:45:82:19:1a:5c:cf:4b:52:29:e6:27:a1:78:8e:60:89:45:
eb:be:9f:21:31:4d:5c:d5:4f:31:07:13:df:17:b5:de:9b:bb:
2e:58:09:82:a7:ee:fa:23:93:46:97:fe:81:6d:08:ac:36:ff:
97:c2:81:d6:c2:5b:a0:00:8f:a9:a0:17:8d:1d:cc:cc:21:58:
b2:bc:ac:2a:1f:fd:09:3a:cd:37:0c:7e:3c:0f:8d:4a:1c:98:
a3:d1:90:f5:11:3c:6a:d0:4d:5e:07:d3:40:59:96:28:77:c2:
5d:b4:42:0e:bf:c6:6f:b2:9d:bd:0c:a9:96:e2:6d:82:ab:1a:
a9:b7:bb:a8:f8:bf:31:3d:e7:65:ff:4f:f4:58:b0:aa:67:2b:
a3:0a:e5:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWicwZNXuBHkyBk93oeCysgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTExMjAwODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWU2MGIwNTMxZjJlOGQ0YzYwMTM0NjRiNjllMjAxNmI0YWM1YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFcLn7ctnzFaFbzeXoYEeCLgnbxY
vH1szskXGIWY/d8sWfbsDbHeIEmqCe0gAPy+SC7DtFZybdWjYw8XD3tLQC7u8Nm9
lsNUHmymlBdN+NJkPmDiyI2noTWrRKxCvKOOzGVlEWufz6peCPVKkR0rSObMmXrs
rsqj7gVE4r5yXdi+0Ggr0fhbdHiK//KC5jXBgfOUm4HHkmO+L9Nu7mCJjKlu5csK
jfmS5EFf8IAUgpmnAaggSTMmG1nth+89giJkRoQEceM/QzR3ycjiN3xUa0KbXhw1
2R+61qpQQfV7Pi9ttKFsOlAO8vcdO9KpTz4Y+/Wl9rfOua0T12kOp4V1QwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPXmCwUx8ujUxgE0ZLaeIBa0rFvYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOWVZTEJUSHk2TlRHQVRSa3RwNGdGclNzVzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHKpppdRTKf3BdZ7gPLK
OTZKfm9OuMuYw1tAiZCGL0qabAuquizBKw3oZzqGp5EzM1l2KQOTu2Suvr3SlX9a
nGRrj9ThPU96ghC1emSKbahvwtn4exIq9qeC9A4JLywCg5w566hfpQLaWd2kAxdF
ghkaXM9LUinmJ6F4jmCJReu+nyExTVzVTzEHE98Xtd6buy5YCYKn7vojk0aX/oFt
CKw2/5fCgdbCW6AAj6mgF40dzMwhWLK8rCof/Qk6zTcMfjwPjUocmKPRkPURPGrQ
TV4H00BZlih3wl20Qg6/xm+ynb0MqZbibYKrGqm3u6j4vzE952X/T/RYsKpnK6MK
5UQ=
-----END CERTIFICATE-----
Generated at Sat May 3 14:19:42 2025 by rpki-client