Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EdQk040F0_LaLpIxaYq4XuyglbM.roa
File: EdQk040F0_LaLpIxaYq4XuyglbM.roa (raw, json)
Hash identifier: a2P/fRK29HvmkGgQR1tuGdIcoGX+IX0Iy1RnCrXncx0=
Subject key identifier: 11:D4:24:D3:8D:05:D3:F2:DA:2E:92:31:69:8A:B8:5E:EC:A0:95:B3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F0B765B40596D93414AB167BD38531DA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EdQk040F0_LaLpIxaYq4XuyglbM.roa
Signing time: Sun 13 Aug 2023 21:04:58 +0000
ROA not before: Sun 13 Aug 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:f0b6:bdcc/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f0:b7:65:b4:05:96:d9:34:14:ab:16:7b:d3:85:31:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11d424d38d05d3f2da2e9231698ab85eeca095b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2c:74:4f:5d:02:4c:95:84:40:dc:55:55:c2:
99:dc:72:c3:b5:aa:df:d8:8a:65:86:5c:ec:dc:77:
58:62:d1:ed:53:93:e8:a3:e4:83:83:51:89:5c:41:
4b:b6:8c:14:8b:0b:89:2d:54:3f:87:25:9f:6f:09:
30:36:1e:3d:35:b2:35:66:97:50:af:69:92:59:28:
3f:10:93:76:b0:c5:52:1b:d0:d9:54:f9:6b:0e:f3:
a6:f1:df:03:f3:c7:d2:3e:bb:52:44:f7:68:be:65:
4a:24:75:27:f1:07:96:ad:c5:95:00:da:63:bf:0a:
dc:bf:18:43:ae:02:ef:bc:0d:14:19:39:dd:b7:92:
4b:57:76:e9:15:6f:13:52:b6:6c:9e:46:f0:80:2f:
e5:9a:90:f8:39:22:cb:67:f6:ab:73:98:d5:a2:3e:
58:7b:1e:f5:3d:a2:d7:71:c6:c4:38:bd:9f:e4:1f:
01:b2:3a:14:76:67:9c:e4:c0:3e:87:f9:a8:fd:1f:
1b:eb:16:67:7f:c5:0f:13:66:b1:4f:ea:15:2b:d4:
7f:23:fe:f5:5f:a6:7b:26:7a:d6:7c:44:6a:3c:24:
dc:af:01:29:53:3b:16:19:9d:b5:bc:b4:19:9f:4f:
e2:4f:e5:51:25:d3:be:b6:59:c4:e4:37:45:39:1e:
a2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D4:24:D3:8D:05:D3:F2:DA:2E:92:31:69:8A:B8:5E:EC:A0:95:B3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EdQk040F0_LaLpIxaYq4XuyglbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:b4:ce:5b:41:77:03:e6:3d:10:c7:c0:2a:3d:b8:3c:3c:e4:
c7:39:3e:d8:36:b2:b6:81:d2:f9:6e:af:02:ae:0a:01:78:77:
ae:47:1e:72:93:9a:b5:2b:2d:45:b5:80:86:4c:2f:dc:dc:fc:
f4:26:3d:00:6d:88:3e:b6:a9:0a:bd:5a:71:c6:6e:4f:5a:c9:
20:89:41:dc:bf:a4:6a:ba:3b:bf:e7:4e:7b:45:f7:29:45:19:
3d:20:ae:81:a0:d2:a5:0c:3f:f5:c1:8f:c2:38:41:cb:2a:9b:
c8:b4:ad:87:48:f9:c0:ef:7e:5f:9d:e6:5a:e7:dd:20:9e:1d:
42:02:ce:9c:ed:4c:61:36:1e:e1:6a:06:8e:05:e5:b9:c7:7c:
51:e5:d2:00:df:7d:80:e5:0e:55:87:48:d7:3e:6e:56:da:48:
e3:9f:fd:86:08:ee:aa:ef:e9:bc:59:c8:78:c4:df:10:2d:c9:
ef:91:60:03:d5:8a:2e:f2:c1:87:e0:4f:73:5f:9d:de:1d:7a:
e4:a6:77:5d:9e:29:a1:f3:57:82:13:7a:e6:84:8f:f3:3d:1c:
49:5a:7a:df:f4:af:0a:61:c1:5f:de:c5:66:1f:70:a0:96:07:
29:f4:d3:e9:0a:42:00:78:4e:0f:6a:2a:55:e4:75:66:07:61:
71:4f:ef:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnwt2W0BZbZNBSrFnvThTHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ0MjRkMzhkMDVkM2YyZGEyZTkyMzE2OThhYjg1ZWVjYTA5NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCx0T10CTJWEQNxVVcKZ3HLDtarf
2Iplhlzs3HdYYtHtU5Poo+SDg1GJXEFLtowUiwuJLVQ/hyWfbwkwNh49NbI1ZpdQ
r2mSWSg/EJN2sMVSG9DZVPlrDvOm8d8D88fSPrtSRPdovmVKJHUn8QeWrcWVANpj
vwrcvxhDrgLvvA0UGTndt5JLV3bpFW8TUrZsnkbwgC/lmpD4OSLLZ/arc5jVoj5Y
ex71PaLXccbEOL2f5B8BsjoUdmec5MA+h/mo/R8b6xZnf8UPE2axT+oVK9R/I/71
X6Z7JnrWfERqPCTcrwEpUzsWGZ21vLQZn0/iT+VRJdO+tlnE5DdFOR6iLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBHUJNONBdPy2i6SMWmKuF7soJWzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRWRRazA0MEYwX0xhTHBJeGFZcTRYdXlnbGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH20zltBdwPmPRDHwCo9
uDw85Mc5Ptg2sraB0vlurwKuCgF4d65HHnKTmrUrLUW1gIZML9zc/PQmPQBtiD62
qQq9WnHGbk9aySCJQdy/pGq6O7/nTntF9ylFGT0groGg0qUMP/XBj8I4Qcsqm8i0
rYdI+cDvfl+d5lrn3SCeHUICzpztTGE2HuFqBo4F5bnHfFHl0gDffYDlDlWHSNc+
blbaSOOf/YYI7qrv6bxZyHjE3xAtye+RYAPVii7ywYfgT3Nfnd4deuSmd12eKaHz
V4ITeuaEj/M9HElaet/0rwphwV/exWYfcKCWByn00+kKQgB4Tg9qKlXkdWYHYXFP
71k=
-----END CERTIFICATE-----
Generated at Fri May 2 15:36:13 2025 by rpki-client