Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ESUxVBYzMk7uquaxXPNjsHLAZTk.roa
File: ESUxVBYzMk7uquaxXPNjsHLAZTk.roa (raw, json)
Hash identifier: H61zdQBe8fGjaC8IMvH8e6IyODen3Cqp/DMBJGOwRc0=
Subject key identifier: 11:25:31:54:16:33:32:4E:EE:AA:E6:B1:5C:F3:63:B0:72:C0:65:39
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01858BEC10483E791FC57778CD3A8222E9B8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ESUxVBYzMk7uquaxXPNjsHLAZTk.roa
Signing time: Sat 07 Jan 2023 11:09:41 +0000
ROA not before: Sat 07 Jan 2023 11:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8b:ec:10:48:3e:79:1f:c5:77:78:cd:3a:82:22:e9:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 7 11:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=112531541633324eeeaae6b15cf363b072c06539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ec:b0:eb:d6:d2:d9:23:44:1b:ff:a1:25:d3:
20:2e:4f:3e:09:fd:26:80:fd:ee:46:25:98:84:f6:
25:45:4c:18:d5:67:be:3d:a3:92:d4:cc:a8:31:ab:
69:06:eb:9e:5e:76:cd:91:be:03:03:fe:ad:74:1d:
37:bd:c4:68:a7:c2:04:ad:5f:8b:17:2f:bf:9c:3e:
16:d8:92:bf:11:4a:7d:ba:18:aa:ff:c5:07:49:af:
7e:b6:3a:6b:e4:6d:e8:a4:e0:fe:6e:aa:d8:eb:dd:
0a:b4:50:64:a6:9f:9a:00:12:20:7f:ce:22:e0:83:
30:9e:2f:b1:14:d2:39:d4:48:87:95:15:42:78:f5:
fe:a1:1e:98:0a:a8:8d:da:8a:84:dc:1c:3a:68:e7:
b6:5c:34:e4:58:4f:4a:f5:40:57:89:43:7d:38:d8:
27:86:a9:aa:5f:9d:41:b0:8d:55:2b:51:60:3a:4b:
bf:14:5b:45:c9:11:6f:2c:d0:2e:a1:c4:c9:6f:83:
20:90:cf:68:e3:c6:5a:9b:b9:2e:d4:59:96:bb:f7:
bb:37:ac:50:90:30:e8:10:0b:92:7f:8e:f4:0e:c4:
8e:f9:cd:44:2a:13:9b:bf:36:49:46:80:5e:8d:8f:
a7:35:52:55:99:11:d0:78:c2:d0:79:39:b9:87:b2:
06:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:25:31:54:16:33:32:4E:EE:AA:E6:B1:5C:F3:63:B0:72:C0:65:39
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ESUxVBYzMk7uquaxXPNjsHLAZTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:43:75:e9:d9:93:a1:86:6d:12:dd:07:be:95:dd:8f:fb:5c:
8c:bf:75:e6:12:c2:aa:3d:a2:70:14:c2:42:da:90:02:9e:47:
7d:87:8f:5a:6f:8f:97:ea:f2:64:ae:9d:b3:24:0d:ba:e1:d1:
2c:a2:38:0f:96:50:9c:fe:59:12:99:22:1a:14:e2:2b:8f:a8:
cf:e0:d2:e2:13:9b:89:b3:1d:72:de:36:95:6c:90:24:9d:7b:
1d:84:ce:5f:d3:12:f5:50:b0:64:07:47:83:11:6a:db:81:c4:
ef:19:30:df:dc:e2:56:72:37:1f:ac:e0:0c:0b:64:48:14:91:
68:4d:b8:a5:3c:01:dd:39:c2:fd:d6:98:c8:e2:d9:3a:e0:a8:
47:35:db:8a:69:7d:d8:65:13:c2:41:f6:4d:7d:e2:ca:d1:41:
11:78:6f:85:80:1e:ea:f3:63:90:ec:67:77:4e:b8:a7:d8:6c:
e2:d0:ef:6c:d5:17:49:4a:aa:16:3c:aa:e5:61:6b:ee:6a:8e:
82:4f:f9:3c:c4:b0:56:48:53:ea:ac:45:df:1b:6c:6d:da:77:
dc:9a:d2:cd:3a:6d:4d:c9:43:6c:55:a5:14:7d:e0:b8:f8:fb:
a3:b9:54:c6:a4:28:9c:81:f1:22:f2:19:66:0c:a5:73:8c:fb:
ec:5b:cf:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWL7BBIPnkfxXd4zTqCIum4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA3MTEwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI1MzE1NDE2MzMzMjRlZWVhYWU2YjE1Y2YzNjNiMDcyYzA2NTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOyw69bS2SNEG/+hJdMgLk8+Cf0m
gP3uRiWYhPYlRUwY1We+PaOS1MyoMatpBuueXnbNkb4DA/6tdB03vcRop8IErV+L
Fy+/nD4W2JK/EUp9uhiq/8UHSa9+tjpr5G3opOD+bqrY690KtFBkpp+aABIgf84i
4IMwni+xFNI51EiHlRVCePX+oR6YCqiN2oqE3Bw6aOe2XDTkWE9K9UBXiUN9ONgn
hqmqX51BsI1VK1FgOku/FFtFyRFvLNAuocTJb4MgkM9o48Zam7ku1FmWu/e7N6xQ
kDDoEAuSf470DsSO+c1EKhObvzZJRoBejY+nNVJVmRHQeMLQeTm5h7IGAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBElMVQWMzJO7qrmsVzzY7BywGU5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRVNVeFZCWXpNazd1cXVheFhQTmpzSExBWlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKZDdenZk6GGbRLdB76V
3Y/7XIy/deYSwqo9onAUwkLakAKeR32Hj1pvj5fq8mSunbMkDbrh0SyiOA+WUJz+
WRKZIhoU4iuPqM/g0uITm4mzHXLeNpVskCSdex2Ezl/TEvVQsGQHR4MRatuBxO8Z
MN/c4lZyNx+s4AwLZEgUkWhNuKU8Ad05wv3WmMji2TrgqEc124ppfdhlE8JB9k19
4srRQRF4b4WAHurzY5DsZ3dOuKfYbOLQ72zVF0lKqhY8quVha+5qjoJP+TzEsFZI
U+qsRd8bbG3ad9ya0s06bU3JQ2xVpRR94Lj4+6O5VMakKJyB8SLyGWYMpXOM++xb
z28=
-----END CERTIFICATE-----
Generated at Fri May 2 15:42:49 2025 by rpki-client