Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D5-oMqOr4wMO3zfBBmGEgPNBPoA.roa
File: D5-oMqOr4wMO3zfBBmGEgPNBPoA.roa (raw, json)
Hash identifier: awDhd2uWPeHQdLT+QwgAGCFuNlUNxFTuToHovvqhVWo=
Subject key identifier: 0F:9F:A8:32:A3:AB:E3:03:0E:DF:37:C1:06:61:84:80:F3:41:3E:80
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6C787A2B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D5-oMqOr4wMO3zfBBmGEgPNBPoA.roa
Signing time: Mon 21 Feb 2022 07:11:54 +0000
ROA not before: Mon 21 Feb 2022 07:11:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1819834923 (0x6c787a2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 07:11:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f9fa832a3abe3030edf37c106618480f3413e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d1:43:8e:22:81:b8:85:15:93:24:1c:81:c8:
a0:eb:70:85:99:4b:14:67:b9:f1:29:43:da:37:be:
bb:bd:9d:a6:c8:07:e9:62:17:e5:a8:a7:15:22:44:
90:81:77:4b:3c:66:73:47:2e:8b:b7:34:98:ea:98:
f1:7a:9b:9f:10:2c:33:0e:24:e0:90:3e:81:8a:ef:
ab:02:03:02:63:e7:a4:03:50:9b:28:40:30:ce:d9:
64:4a:d9:79:fe:f7:55:7e:9a:89:a9:1a:29:9e:1e:
01:4e:43:b2:cc:31:cd:3f:6a:6a:4c:a6:77:39:f0:
1d:77:36:af:77:67:34:24:cf:45:92:cf:74:4f:5f:
c3:91:7d:fd:37:92:a1:35:8e:f9:df:8c:4d:20:b0:
69:cc:c1:21:98:18:83:3d:0b:54:cb:61:2c:8f:e6:
f1:ee:03:06:9e:31:41:d7:23:ac:d0:42:b8:04:3d:
ce:fb:5b:ba:13:0d:07:3a:2f:fd:2b:2d:31:ec:77:
ff:dd:3c:6a:6a:48:73:fe:9f:5a:fe:4f:7f:10:01:
44:10:1d:87:71:b5:79:5f:41:bf:37:41:f7:4c:68:
4c:d8:f0:9b:bb:df:92:04:56:13:6c:3c:fa:a7:ac:
69:29:4c:5b:3f:4c:04:ee:6a:6c:64:bf:44:ff:bc:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9F:A8:32:A3:AB:E3:03:0E:DF:37:C1:06:61:84:80:F3:41:3E:80
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D5-oMqOr4wMO3zfBBmGEgPNBPoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:b7:79:df:b1:6b:d0:51:4c:51:da:d8:68:46:31:86:a4:13:
37:9d:cc:42:24:b5:d6:d6:e0:06:78:20:e8:99:58:b6:29:69:
b8:48:54:42:9f:64:26:9e:de:2d:3d:3f:74:4b:29:14:64:28:
40:9a:a7:27:f5:be:c5:37:02:d8:05:64:30:99:1e:b6:3a:eb:
40:6b:b6:0d:db:6d:2e:c3:6f:cf:66:ab:33:a3:32:8b:b0:73:
8f:28:c2:51:31:4d:1a:e0:b2:82:25:75:b7:df:f4:f7:fb:b9:
d5:cb:15:03:10:ac:ce:7b:f4:0b:8c:06:25:c8:0c:99:08:cb:
a2:e1:2f:b3:37:47:1f:52:75:e4:43:98:ae:96:2f:f4:aa:cf:
5e:32:b3:25:21:a4:9a:5e:91:09:ea:76:06:d2:17:51:14:f6:
d2:c2:68:b9:79:47:e7:8f:2e:b0:80:4c:12:8f:ed:9f:6f:68:
7b:49:a0:6e:eb:b2:6b:73:2d:b5:08:e5:2b:f3:1c:85:79:df:
59:f8:35:2b:16:87:45:50:2b:d5:e4:a9:cb:e3:78:93:d2:5a:
77:ed:49:b5:55:25:e5:67:ae:3e:f8:dd:8f:0b:7c:68:a5:1e:
45:00:6f:17:8a:25:35:e9:58:b9:14:52:de:24:2e:43:2a:f0:
92:68:f3:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbHh6KzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIy
MTA3MTE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY5ZmE4MzJhM2Fi
ZTMwMzBlZGYzN2MxMDY2MTg0ODBmMzQxM2U4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTRQ44igbiFFZMkHIHIoOtwhZlLFGe58SlD2je+u72dpsgH
6WIX5ainFSJEkIF3Szxmc0cui7c0mOqY8XqbnxAsMw4k4JA+gYrvqwIDAmPnpANQ
myhAMM7ZZErZef73VX6aiakaKZ4eAU5DsswxzT9qakymdznwHXc2r3dnNCTPRZLP
dE9fw5F9/TeSoTWO+d+MTSCwaczBIZgYgz0LVMthLI/m8e4DBp4xQdcjrNBCuAQ9
zvtbuhMNBzov/SstMex3/908ampIc/6fWv5PfxABRBAdh3G1eV9BvzdB90xoTNjw
m7vfkgRWE2w8+qesaSlMWz9MBO5qbGS/RP+8WK0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQPn6gyo6vjAw7fN8EGYYSA80E+gDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0Q1LW9NcU9yNHdNTzN6ZkJCbUdFZ1BOQlBvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBEt3nfsWvQUUxR2thoRjGGpBM3ncxCJLXW1uAG
eCDomVi2KWm4SFRCn2Qmnt4tPT90SykUZChAmqcn9b7FNwLYBWQwmR62OutAa7YN
220uw2/PZqszozKLsHOPKMJRMU0a4LKCJXW33/T3+7nVyxUDEKzOe/QLjAYlyAyZ
CMui4S+zN0cfUnXkQ5iuli/0qs9eMrMlIaSaXpEJ6nYG0hdRFPbSwmi5eUfnjy6w
gEwSj+2fb2h7SaBu67Jrcy21COUr8xyFed9Z+DUrFodFUCvV5KnL43iT0lp37Um1
VSXlZ64++N2PC3xopR5FAG8XiiU16Vi5FFLeJC5DKvCSaPMZ
-----END CERTIFICATE-----
Generated at Thu May 1 14:27:08 2025 by rpki-client