Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EK865lSBHs-OqGP_8A1TFD8qxsU.roa
File: EK865lSBHs-OqGP_8A1TFD8qxsU.roa (raw, json)
Hash identifier: mt1nM3GnSo08jZp0nAqOt7xMOouPIHdmNqzDqF2cgus=
Subject key identifier: 10:AF:3A:E6:54:81:1E:CF:8E:A8:63:FF:F0:0D:53:14:3F:2A:C6:C5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188044374030A68630E76B7E843FCCCD89D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EK865lSBHs-OqGP_8A1TFD8qxsU.roa
Signing time: Wed 10 May 2023 06:05:09 +0000
ROA not before: Wed 10 May 2023 06:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:188:442:d082/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:43:74:03:0a:68:63:0e:76:b7:e8:43:fc:cc:d8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 10 06:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10af3ae654811ecf8ea863fff00d53143f2ac6c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0d:cb:01:1f:05:64:ae:84:e7:21:b8:75:86:
57:7b:65:44:7a:ee:c1:08:b2:6e:12:6e:2e:50:7a:
e6:8f:98:95:4b:02:28:30:74:e7:98:be:06:e3:d2:
4d:87:40:d9:5a:b6:e7:cb:d1:e8:b8:d6:42:6d:0c:
fc:4d:6c:79:83:25:90:7e:1e:f0:05:2f:bc:da:1a:
ae:98:8d:73:3e:2e:b0:f9:23:66:2a:34:27:91:71:
c8:28:64:23:02:c1:2f:e6:25:43:36:87:e0:71:6a:
93:5c:e2:9f:96:a2:8d:af:68:1c:eb:f0:32:c5:4b:
4c:06:5a:20:04:b9:83:cb:13:f3:e7:f4:ac:7a:c5:
c7:38:1d:2b:98:c7:fb:04:6b:59:db:59:eb:f1:a7:
16:06:4d:91:15:7e:af:2e:4c:f5:b0:9a:53:20:c3:
64:61:ec:8f:4d:ff:22:45:c7:79:ea:5b:95:80:47:
52:5c:9f:92:9f:bf:17:1c:e7:9b:05:31:e8:4d:d3:
25:20:65:10:9c:ef:33:e1:ee:63:8e:a2:e0:90:46:
74:9c:e3:13:d5:4f:dd:b5:8c:4b:60:f0:5e:79:6c:
cc:ac:e3:05:54:79:44:8f:70:af:44:9d:32:70:dd:
01:dd:ff:0f:59:f7:77:1f:d8:17:37:8e:7d:df:ee:
97:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AF:3A:E6:54:81:1E:CF:8E:A8:63:FF:F0:0D:53:14:3F:2A:C6:C5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EK865lSBHs-OqGP_8A1TFD8qxsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:56:2f:c7:0b:cf:84:b9:f5:d6:0e:67:1e:f5:c0:8f:12:64:
d7:10:ce:00:fa:de:da:55:11:4e:15:8f:0e:29:83:0a:20:de:
86:a6:c0:b7:d4:44:81:d0:e2:15:52:be:50:b4:d0:a5:11:d0:
ff:ec:c5:df:81:4a:6f:45:05:d8:dc:ba:42:3a:e5:3f:73:d6:
0b:9f:a0:04:95:29:41:0f:e3:93:ca:f4:f3:10:fc:0b:8a:9b:
ce:4a:fe:90:02:e3:b4:07:6f:89:c8:fa:c5:96:e2:dc:d9:ed:
dd:b3:91:a2:b2:c9:12:44:be:37:59:bf:c3:fa:54:6e:a1:b7:
4c:37:c4:80:c8:40:0d:82:15:52:c4:85:14:62:96:34:05:2c:
f4:cf:2a:b8:ba:de:30:55:98:1e:21:7a:e1:27:2d:17:50:45:
c6:6d:4b:5e:60:54:fa:1a:3c:80:17:2c:3e:0a:38:9f:9d:29:
e3:35:bb:a5:33:a2:92:4d:75:5e:b9:9a:b7:79:b6:ca:09:92:
39:0c:50:ed:83:ca:8c:7d:a5:22:7d:13:65:b8:ab:39:27:29:
33:8b:fe:f8:a6:6e:47:7a:f1:2c:5c:68:0e:14:a5:e8:98:d8:
e4:16:fe:37:84:ef:74:c7:3c:3b:fb:fb:de:e4:45:0e:ba:fb:
3b:8e:e0:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgEQ3QDCmhjDna36EP8zNidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTEwMDYwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGFmM2FlNjU0ODExZWNmOGVhODYzZmZmMDBkNTMxNDNmMmFjNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw3LAR8FZK6E5yG4dYZXe2VEeu7B
CLJuEm4uUHrmj5iVSwIoMHTnmL4G49JNh0DZWrbny9HouNZCbQz8TWx5gyWQfh7w
BS+82hqumI1zPi6w+SNmKjQnkXHIKGQjAsEv5iVDNofgcWqTXOKflqKNr2gc6/Ay
xUtMBlogBLmDyxPz5/SsesXHOB0rmMf7BGtZ21nr8acWBk2RFX6vLkz1sJpTIMNk
YeyPTf8iRcd56luVgEdSXJ+Sn78XHOebBTHoTdMlIGUQnO8z4e5jjqLgkEZ0nOMT
1U/dtYxLYPBeeWzMrOMFVHlEj3CvRJ0ycN0B3f8PWfd3H9gXN4593+6XmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBCvOuZUgR7Pjqhj//ANUxQ/KsbFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRUs4NjVsU0JIcy1PcUdQXzhBMVRGRDhxeHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHFWL8cLz4S59dYOZx71
wI8SZNcQzgD63tpVEU4Vjw4pgwog3oamwLfURIHQ4hVSvlC00KUR0P/sxd+BSm9F
BdjcukI65T9z1gufoASVKUEP45PK9PMQ/AuKm85K/pAC47QHb4nI+sWW4tzZ7d2z
kaKyyRJEvjdZv8P6VG6ht0w3xIDIQA2CFVLEhRRiljQFLPTPKri63jBVmB4heuEn
LRdQRcZtS15gVPoaPIAXLD4KOJ+dKeM1u6UzopJNdV65mrd5tsoJkjkMUO2Dyox9
pSJ9E2W4qzknKTOL/vimbkd68SxcaA4UpeiY2OQW/jeE73THPDv7+97kRQ66+zuO
4Ig=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:20:44 2025 by rpki-client