Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EcmOz99USyQJdfxUFrBDKHlHoj4.roa
File: EcmOz99USyQJdfxUFrBDKHlHoj4.roa (raw, json)
Hash identifier: wPVv7Tt3s53pe+097P6yLawJNaPidoIfuEvVAMxbXjM=
Subject key identifier: 11:C9:8E:CF:DF:54:4B:24:09:75:FC:54:16:B0:43:28:79:47:A2:3E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01863A923E686233E620F10CF17B83A693DA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EcmOz99USyQJdfxUFrBDKHlHoj4.roa
Signing time: Fri 10 Feb 2023 09:05:08 +0000
ROA not before: Fri 10 Feb 2023 09:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:3a91:5bc9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:92:3e:68:62:33:e6:20:f1:0c:f1:7b:83:a6:93:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 10 09:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11c98ecfdf544b240975fc5416b043287947a23e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:59:85:fe:d9:43:61:c0:c3:ef:89:dd:e5:bc:
b2:8c:28:e2:00:a8:3a:d3:38:78:9c:44:38:c4:f6:
cd:65:a7:3c:a4:e7:da:0f:3d:75:55:88:cb:5c:f9:
be:95:9b:d2:7e:26:37:9c:2e:1c:76:46:ef:8d:1e:
3a:2c:71:1e:6c:65:71:60:00:64:fa:ca:70:2e:30:
31:b7:7b:06:7a:47:7e:20:fd:67:97:5c:e1:60:ad:
83:0d:c6:c1:38:b1:f2:c6:e8:70:3d:b3:d3:82:6a:
49:ab:db:c1:0f:91:02:16:60:73:54:36:fd:8f:88:
36:9b:81:32:86:3e:bb:40:89:e6:a3:42:16:e7:36:
4f:c6:24:de:f9:71:2e:46:f7:bf:82:d8:d2:cd:7e:
c6:38:31:86:47:a0:1a:c5:44:71:ea:ec:1c:9e:6e:
23:13:b9:87:73:4f:d6:64:ee:00:cd:aa:1c:c1:7d:
ab:57:a7:9a:dc:1f:57:c1:af:d1:2a:47:33:37:4f:
65:36:20:39:9f:c4:74:8b:92:b6:91:3b:1a:d1:d3:
ea:d6:7f:0f:ea:0b:6c:0a:8e:6d:99:96:85:ec:c0:
74:fc:eb:ea:0e:0f:6e:a2:a0:1a:43:fa:4d:ac:a7:
28:42:a2:0a:84:44:44:58:ce:dc:d8:d4:ea:39:b8:
83:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C9:8E:CF:DF:54:4B:24:09:75:FC:54:16:B0:43:28:79:47:A2:3E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EcmOz99USyQJdfxUFrBDKHlHoj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:96:52:da:fe:38:5e:bb:d7:dd:40:5b:f9:f3:cb:e6:fd:fc:
57:f0:4f:7d:2f:c4:95:b4:f5:35:58:e6:1d:5e:e0:5a:df:b4:
83:44:3f:70:06:0e:cb:db:5e:ea:10:9d:d0:3f:e3:18:66:cf:
17:7a:b2:48:d8:9e:de:6b:f7:b9:57:dd:f2:68:5a:33:d6:40:
03:1f:96:22:79:f1:ce:f5:39:7b:9a:ee:1a:c7:f2:6b:37:dd:
43:b2:36:3a:f1:c9:17:3b:b5:45:c2:f6:5c:1e:80:63:8c:ba:
74:30:5c:c4:ca:36:6d:2d:e7:40:2d:df:d7:96:23:7b:e0:b0:
2a:58:7f:bb:dd:26:88:18:cf:9f:79:92:3b:b4:04:dc:37:c8:
8d:bb:a7:b6:bb:a0:88:6e:8b:32:d6:35:58:82:b2:a8:64:2a:
c0:22:93:29:cf:9e:0c:53:1d:b5:90:49:42:67:ab:d7:c2:5c:
8c:c4:b0:e5:7e:9a:69:f4:ee:52:76:bd:f5:20:fa:f4:55:37:
ef:e8:ae:e0:5f:1f:80:82:5f:9a:27:b4:b2:51:98:d6:a3:e3:
01:21:41:f8:d9:63:36:64:6e:44:39:8f:65:00:df:a2:93:6d:
d1:f3:e9:5c:85:06:9e:76:0b:10:5e:df:43:83:f7:33:7b:fa:
01:a6:7a:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYY6kj5oYjPmIPEM8XuDppPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEwMDkwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWM5OGVjZmRmNTQ0YjI0MDk3NWZjNTQxNmIwNDMyODc5NDdhMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFmF/tlDYcDD74nd5byyjCjiAKg6
0zh4nEQ4xPbNZac8pOfaDz11VYjLXPm+lZvSfiY3nC4cdkbvjR46LHEebGVxYABk
+spwLjAxt3sGekd+IP1nl1zhYK2DDcbBOLHyxuhwPbPTgmpJq9vBD5ECFmBzVDb9
j4g2m4Eyhj67QInmo0IW5zZPxiTe+XEuRve/gtjSzX7GODGGR6AaxURx6uwcnm4j
E7mHc0/WZO4AzaocwX2rV6ea3B9Xwa/RKkczN09lNiA5n8R0i5K2kTsa0dPq1n8P
6gtsCo5tmZaF7MB0/OvqDg9uoqAaQ/pNrKcoQqIKhEREWM7c2NTqObiD2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBHJjs/fVEskCXX8VBawQyh5R6I+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRWNtT3o5OVVTeVFKZGZ4VUZyQkRLSGxIb2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABiWUtr+OF67191AW/nz
y+b9/FfwT30vxJW09TVY5h1e4FrftINEP3AGDsvbXuoQndA/4xhmzxd6skjYnt5r
97lX3fJoWjPWQAMfliJ58c71OXua7hrH8ms33UOyNjrxyRc7tUXC9lwegGOMunQw
XMTKNm0t50At39eWI3vgsCpYf7vdJogYz595kju0BNw3yI27p7a7oIhuizLWNViC
sqhkKsAikynPngxTHbWQSUJnq9fCXIzEsOV+mmn07lJ2vfUg+vRVN+/oruBfH4CC
X5ontLJRmNaj4wEhQfjZYzZkbkQ5j2UA36KTbdHz6VyFBp52CxBe30OD9zN7+gGm
eoA=
-----END CERTIFICATE-----
Generated at Thu May 1 18:42:30 2025 by rpki-client