Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ERI-QfWH1fskhG8OhsqZGG3bUdw.roa
File: ERI-QfWH1fskhG8OhsqZGG3bUdw.roa (raw, json)
Hash identifier: ElAq2qAqyIzTNTqfXMXbhRAOi71FR1RNhhDaJ910pOo=
Subject key identifier: 11:12:3E:41:F5:87:D5:FB:24:84:6F:0E:86:CA:99:18:6D:DB:51:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01859DF24B8D39A3DF3A00DED6071FC30546
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ERI-QfWH1fskhG8OhsqZGG3bUdw.roa
Signing time: Tue 10 Jan 2023 23:09:39 +0000
ROA not before: Tue 10 Jan 2023 23:09:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9d:f2:4b:8d:39:a3:df:3a:00:de:d6:07:1f:c3:05:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 10 23:09:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11123e41f587d5fb24846f0e86ca99186ddb51dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c4:aa:90:57:b8:6f:0c:96:f2:31:53:7b:76:
54:8e:fc:cd:04:3e:5d:34:9b:08:77:07:61:c3:04:
96:a0:c2:fa:14:26:2f:41:de:57:6b:49:e3:ae:23:
ba:f3:d6:89:9d:65:91:0f:62:a9:cf:75:b6:95:a7:
20:bf:d9:e0:eb:d3:ba:2f:09:cc:9d:08:72:5f:ed:
8a:d3:df:aa:a9:46:1d:13:aa:40:4d:ca:06:b2:c1:
f1:6d:8e:a4:8a:8a:a8:b6:55:ef:50:ee:29:ee:87:
3d:59:f0:bf:c4:f6:f7:0e:ef:29:61:9a:9e:8c:d0:
3c:ba:e3:1e:f2:59:a4:45:90:cd:03:e5:83:de:90:
29:8a:70:ad:88:50:39:da:2a:4d:8d:6b:fb:8a:a3:
22:89:0c:46:5b:57:03:e7:58:b2:6a:4f:72:ec:28:
02:6d:00:fc:31:45:90:51:b2:f9:88:03:5a:f1:48:
41:cb:94:71:fa:8c:1d:46:27:3f:e7:98:e6:f9:db:
5a:23:e7:49:c8:9a:b6:56:f0:f9:30:cf:ef:ca:ca:
9e:5f:24:b2:2c:49:92:2d:e9:c7:e4:22:13:84:ca:
7c:0e:88:55:68:98:26:67:35:68:25:e0:0c:27:9f:
c9:ed:01:bf:9a:8f:3f:54:f7:6a:b0:6d:d3:ee:bf:
09:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:12:3E:41:F5:87:D5:FB:24:84:6F:0E:86:CA:99:18:6D:DB:51:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ERI-QfWH1fskhG8OhsqZGG3bUdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:57:30:3c:9a:5d:46:80:94:c6:93:ab:9a:1b:77:28:19:4d:
9e:20:c7:b6:b7:da:56:42:7d:c2:bb:7f:1b:73:29:78:31:d5:
6e:62:8a:9b:71:f8:a3:5b:c6:1a:0c:79:18:f0:5a:9d:02:fa:
1f:2b:6c:eb:74:63:c3:b8:53:13:6d:85:29:cb:b4:de:fb:49:
d3:9e:b0:ad:b8:b6:25:83:7c:2c:bc:f1:fa:da:b8:92:ea:23:
cd:e0:54:91:09:8b:c7:62:c0:3f:ad:f6:fc:d3:87:62:25:7f:
ad:f2:1b:90:35:a3:2e:2f:92:bf:33:b0:f6:21:89:eb:04:3c:
62:aa:76:35:d4:42:a1:31:dc:61:ae:e0:43:47:8f:33:57:0d:
55:ad:08:32:fd:77:87:5e:ea:75:72:53:8c:d7:e8:92:53:d2:
57:a3:35:1f:98:4b:e3:2e:1a:cf:f2:59:31:c5:eb:1b:44:ca:
9a:fa:1a:12:ab:e9:bb:c8:db:70:6a:c6:96:dd:f9:c6:ac:58:
69:c4:79:5a:24:52:ba:20:60:0e:3f:d4:de:59:c7:77:ec:58:
4b:69:73:33:d2:09:67:53:bd:2a:d2:cc:59:65:dc:b6:87:57:
c1:6b:c2:34:d2:20:bf:4e:d3:7d:25:31:e5:e0:78:e6:e8:0a:
2a:fd:6e:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWd8kuNOaPfOgDe1gcfwwVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEwMjMwOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTEyM2U0MWY1ODdkNWZiMjQ4NDZmMGU4NmNhOTkxODZkZGI1MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8SqkFe4bwyW8jFTe3ZUjvzNBD5d
NJsIdwdhwwSWoML6FCYvQd5Xa0njriO689aJnWWRD2Kpz3W2lacgv9ng69O6LwnM
nQhyX+2K09+qqUYdE6pATcoGssHxbY6kioqotlXvUO4p7oc9WfC/xPb3Du8pYZqe
jNA8uuMe8lmkRZDNA+WD3pApinCtiFA52ipNjWv7iqMiiQxGW1cD51iyak9y7CgC
bQD8MUWQUbL5iANa8UhBy5Rx+owdRic/55jm+dtaI+dJyJq2VvD5MM/vysqeXySy
LEmSLenH5CIThMp8DohVaJgmZzVoJeAMJ5/J7QG/mo8/VPdqsG3T7r8JIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBESPkH1h9X7JIRvDobKmRht21HcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRVJJLVFmV0gxZnNraEc4T2hzcVpHRzNiVWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHJXMDyaXUaAlMaTq5ob
dygZTZ4gx7a32lZCfcK7fxtzKXgx1W5iiptx+KNbxhoMeRjwWp0C+h8rbOt0Y8O4
UxNthSnLtN77SdOesK24tiWDfCy88frauJLqI83gVJEJi8diwD+t9vzTh2Ilf63y
G5A1oy4vkr8zsPYhiesEPGKqdjXUQqEx3GGu4ENHjzNXDVWtCDL9d4de6nVyU4zX
6JJT0lejNR+YS+MuGs/yWTHF6xtEypr6GhKr6bvI23Bqxpbd+casWGnEeVokUrog
YA4/1N5Zx3fsWEtpczPSCWdTvSrSzFll3LaHV8FrwjTSIL9O030lMeXgeOboCir9
bk0=
-----END CERTIFICATE-----
Generated at Mon May 5 21:38:58 2025 by rpki-client