Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DgOZB0c46yK9aWppBqKoft2e4KA.roa
File: DgOZB0c46yK9aWppBqKoft2e4KA.roa (raw, json)
Hash identifier: OeniLo80KRfKDZEg5TyPLB4oK9EbpNGceDPFbWs2NTQ=
Subject key identifier: 0E:03:99:07:47:38:EB:22:BD:69:6A:69:06:A2:A8:7E:DD:9E:E0:A0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183603488C16C40F84E57ACE6F92D8DCA3E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DgOZB0c46yK9aWppBqKoft2e4KA.roa
Signing time: Wed 21 Sep 2022 13:19:59 +0000
ROA not before: Wed 21 Sep 2022 13:19:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:34:88:c1:6c:40:f8:4e:57:ac:e6:f9:2d:8d:ca:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 21 13:19:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e0399074738eb22bd696a6906a2a87edd9ee0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:38:66:70:d7:24:5e:58:8e:15:4f:e9:f1:
0a:9e:7d:f2:15:13:01:56:68:52:c7:ba:d9:4d:6e:
40:53:33:e4:15:3a:cb:c7:f9:f8:bb:1a:a3:13:c8:
8f:58:ec:71:f0:1b:5e:bf:8c:e6:8d:c1:09:7d:b7:
a2:b7:45:30:e2:87:19:a1:1c:2f:ef:bc:5a:25:87:
63:eb:1c:2d:22:6f:42:ea:e8:31:87:2b:3a:5b:92:
2d:b7:dc:f4:de:5c:5b:f2:ef:fe:fa:ec:a5:be:23:
e3:31:e9:e1:fd:c4:cf:02:54:be:e7:25:ec:5b:1e:
9b:b2:8a:4e:c0:a3:55:2c:98:01:60:38:58:75:8f:
41:8f:2f:46:5d:1a:ef:7c:dc:1a:04:6f:35:bf:70:
68:94:8e:fb:87:b1:1a:1b:49:58:33:84:0b:de:9b:
ca:1f:a5:fd:c3:d6:fb:a1:b5:92:e9:68:c5:31:9d:
c1:fb:c9:43:0c:5d:3d:a1:0d:d0:75:ca:7e:82:a4:
af:07:d7:72:85:1b:54:76:0a:06:d0:c9:37:ac:c8:
13:20:3f:55:d9:ec:61:d4:b2:52:cc:aa:ab:fb:eb:
dd:ba:08:43:2e:6b:a1:19:4b:1e:bb:79:58:0f:82:
1f:03:e5:cf:28:64:d4:0a:64:5c:01:cf:44:c7:ed:
b7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:03:99:07:47:38:EB:22:BD:69:6A:69:06:A2:A8:7E:DD:9E:E0:A0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DgOZB0c46yK9aWppBqKoft2e4KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:13:18:75:d4:67:24:01:11:4e:d1:e9:ac:a3:f0:27:9e:52:
d6:c0:8b:7b:d3:50:a0:60:13:5c:19:09:6a:29:e1:ee:09:85:
06:6d:ba:18:f9:52:0f:ed:7d:7e:eb:c5:d9:29:d3:97:6d:10:
60:cc:31:70:c7:95:c2:35:61:56:92:f2:04:8f:2c:48:9f:39:
b5:ad:3c:50:e2:5a:8f:23:00:9f:67:65:a9:8e:dc:f5:21:78:
7e:c1:f4:f1:c1:52:22:9c:7b:11:3a:ea:5f:6e:47:3a:ae:e0:
8b:e4:49:d8:8c:33:13:3d:98:ce:fe:0e:3b:ac:ad:c4:5e:25:
29:d4:3a:37:ce:71:34:f5:d8:6b:a9:05:76:49:95:a4:3a:7c:
42:39:bf:bf:c8:7e:59:85:87:48:17:33:b4:92:ac:b0:3c:63:
31:34:aa:eb:12:c7:d0:ef:1e:6f:f5:c9:37:f4:3d:8c:14:65:
3b:46:26:55:e5:e2:94:fa:99:36:11:be:75:18:d8:04:95:7f:
07:0c:e1:b5:81:23:76:16:07:50:36:17:6d:a8:09:d8:63:2e:
09:70:fe:44:6d:88:45:40:b8:e7:0f:40:41:0e:d5:48:cc:fe:
b5:f1:40:1d:1d:65:30:e9:68:07:17:55:0e:65:94:0e:fc:d2:
8c:62:9a:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNgNIjBbED4Tles5vktjco+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTIxMTMxOTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTAzOTkwNzQ3MzhlYjIyYmQ2OTZhNjkwNmEyYTg3ZWRkOWVlMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkw4ZnDXJF5YjhVP6fEKnn3yFRMB
VmhSx7rZTW5AUzPkFTrLx/n4uxqjE8iPWOxx8Btev4zmjcEJfbeit0Uw4ocZoRwv
77xaJYdj6xwtIm9C6ugxhys6W5Itt9z03lxb8u/++uylviPjMenh/cTPAlS+5yXs
Wx6bsopOwKNVLJgBYDhYdY9Bjy9GXRrvfNwaBG81v3BolI77h7EaG0lYM4QL3pvK
H6X9w9b7obWS6WjFMZ3B+8lDDF09oQ3Qdcp+gqSvB9dyhRtUdgoG0Mk3rMgTID9V
2exh1LJSzKqr++vdughDLmuhGUseu3lYD4IfA+XPKGTUCmRcAc9Ex+23WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA4DmQdHOOsivWlqaQaiqH7dnuCgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRGdPWkIwYzQ2eUs5YVdwcEJxS29mdDJlNEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAMTGHXUZyQBEU7R6ayj
8CeeUtbAi3vTUKBgE1wZCWop4e4JhQZtuhj5Ug/tfX7rxdkp05dtEGDMMXDHlcI1
YVaS8gSPLEifObWtPFDiWo8jAJ9nZamO3PUheH7B9PHBUiKcexE66l9uRzqu4Ivk
SdiMMxM9mM7+DjusrcReJSnUOjfOcTT12GupBXZJlaQ6fEI5v7/IflmFh0gXM7SS
rLA8YzE0qusSx9DvHm/1yTf0PYwUZTtGJlXl4pT6mTYRvnUY2ASVfwcM4bWBI3YW
B1A2F22oCdhjLglw/kRtiEVAuOcPQEEO1UjM/rXxQB0dZTDpaAcXVQ5llA780oxi
mtQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:18:07 2025 by rpki-client