Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/E1MrwBUHQxulTZM-A7t51Ls45Lk.roa
File: E1MrwBUHQxulTZM-A7t51Ls45Lk.roa (raw, json)
Hash identifier: gjMa+PrafdaOvoIRts2Y5FfTtZ97NGd2l/4OzJ/IcHI=
Subject key identifier: 13:53:2B:C0:15:07:43:1B:A5:4D:93:3E:03:BB:79:D4:BB:38:E4:B9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854408227DB77C1EB020E3A889CCB01D04
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/E1MrwBUHQxulTZM-A7t51Ls45Lk.roa
Signing time: Sat 24 Dec 2022 12:07:41 +0000
ROA not before: Sat 24 Dec 2022 12:07:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:08:22:7d:b7:7c:1e:b0:20:e3:a8:89:cc:b0:1d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 12:07:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13532bc01507431ba54d933e03bb79d4bb38e4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:df:e1:ef:62:33:94:b7:a0:f0:57:1c:2c:c9:
17:da:30:0f:f7:c1:b0:89:7e:14:90:75:ec:f6:0b:
89:6a:7d:0d:4c:0b:45:a8:27:83:63:93:b9:de:51:
da:98:91:73:16:28:32:a0:37:db:bb:17:9e:9e:1b:
cf:4a:81:bc:6b:cb:e8:31:48:c2:7f:87:8d:c2:90:
66:c6:45:c1:02:fa:e2:56:d2:ea:19:7c:7f:3b:2a:
29:ab:0a:46:2b:fd:19:81:72:41:d7:cf:d6:b3:6f:
9c:45:a7:ce:9a:79:0c:36:4a:1d:fd:81:01:f0:98:
f4:7c:ed:24:48:c9:ac:ba:81:e8:b3:fe:28:ef:42:
41:23:dc:91:74:6f:f3:c6:f3:92:1b:72:cb:81:4f:
83:e8:6b:1b:ff:71:bb:5b:56:78:e6:4e:cf:60:83:
3e:d9:97:ed:24:45:7f:ad:ce:f2:df:10:0b:fc:c1:
22:ee:96:84:77:aa:4f:f5:53:4c:2b:6f:d8:d0:d5:
94:92:0a:61:0f:e1:21:11:ec:76:7a:88:4c:6c:f2:
2b:09:01:cf:1a:e1:80:b5:74:74:a9:a9:e2:ff:5c:
3d:57:50:cf:69:18:a0:16:06:2a:7d:14:41:c0:33:
b9:90:02:bb:d1:95:0e:0c:a5:2d:42:a8:97:98:b0:
36:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:53:2B:C0:15:07:43:1B:A5:4D:93:3E:03:BB:79:D4:BB:38:E4:B9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/E1MrwBUHQxulTZM-A7t51Ls45Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:b1:5c:02:c4:2f:dd:79:77:00:62:03:27:db:92:44:20:4b:
a3:28:f7:e1:2e:e6:bd:7e:60:ea:e5:9b:ab:3d:c3:f4:9e:1d:
9f:1b:cf:ff:0b:81:ee:50:23:ba:07:fa:27:57:80:a2:fc:e1:
59:18:28:e1:2c:7d:ce:7e:0d:04:d5:b1:10:c4:63:f7:9f:64:
02:94:5f:51:1f:f6:cc:2b:e2:f4:ea:73:38:32:93:6e:ae:65:
d5:6f:4d:79:94:ca:22:1a:0d:01:00:24:b1:ce:a9:56:f9:9a:
12:fa:93:0f:ef:76:f9:cb:e6:cc:ae:cd:81:14:5e:4d:65:91:
84:14:94:d8:88:65:f4:84:e1:6f:eb:96:de:8c:16:1a:60:7b:
89:eb:26:94:18:40:8f:db:4b:50:93:4f:c1:bf:19:f1:15:82:
18:46:1a:87:e4:08:81:22:8a:bb:f5:1e:e5:68:0e:6f:35:02:
77:4f:d9:20:3a:31:59:7f:bf:4c:06:a8:74:42:8a:1b:df:a9:
54:fa:95:9a:d2:5c:7b:01:7e:e2:6b:98:b5:6b:44:bc:f7:f2:
bc:79:1f:94:6e:34:a1:b9:df:47:d8:e5:14:75:61:a8:e5:80:
d2:b4:f1:dd:15:27:98:51:6a:a7:6f:98:c3:9a:c1:3f:c5:e3:
20:7b:1a:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVECCJ9t3wesCDjqInMsB0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MTIwNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzUzMmJjMDE1MDc0MzFiYTU0ZDkzM2UwM2JiNzlkNGJiMzhlNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt/h72IzlLeg8FccLMkX2jAP98Gw
iX4UkHXs9guJan0NTAtFqCeDY5O53lHamJFzFigyoDfbuxeenhvPSoG8a8voMUjC
f4eNwpBmxkXBAvriVtLqGXx/OyopqwpGK/0ZgXJB18/Ws2+cRafOmnkMNkod/YEB
8Jj0fO0kSMmsuoHos/4o70JBI9yRdG/zxvOSG3LLgU+D6Gsb/3G7W1Z45k7PYIM+
2ZftJEV/rc7y3xAL/MEi7paEd6pP9VNMK2/Y0NWUkgphD+EhEex2eohMbPIrCQHP
GuGAtXR0qani/1w9V1DPaRigFgYqfRRBwDO5kAK70ZUODKUtQqiXmLA27QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBNTK8AVB0MbpU2TPgO7edS7OOS5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRTFNcndCVUhReHVsVFpNLUE3dDUxTHM0NUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKKxXALEL915dwBiAyfb
kkQgS6Mo9+Eu5r1+YOrlm6s9w/SeHZ8bz/8Lge5QI7oH+idXgKL84VkYKOEsfc5+
DQTVsRDEY/efZAKUX1Ef9swr4vTqczgyk26uZdVvTXmUyiIaDQEAJLHOqVb5mhL6
kw/vdvnL5syuzYEUXk1lkYQUlNiIZfSE4W/rlt6MFhpge4nrJpQYQI/bS1CTT8G/
GfEVghhGGofkCIEiirv1HuVoDm81AndP2SA6MVl/v0wGqHRCihvfqVT6lZrSXHsB
fuJrmLVrRLz38rx5H5RuNKG530fY5RR1YajlgNK08d0VJ5hRaqdvmMOawT/F4yB7
Gh0=
-----END CERTIFICATE-----
Generated at Sat May 3 06:44:09 2025 by rpki-client