Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ek58CtKXPlBDwivKUwa3P1JQ3Ms.roa
File: Ek58CtKXPlBDwivKUwa3P1JQ3Ms.roa (raw, json)
Hash identifier: JVRZWCRIyUuH2NfjWbQ/WC5aVp46XK63j3wcs0b29jw=
Subject key identifier: 12:4E:7C:0A:D2:97:3E:50:43:C2:2B:CA:53:06:B7:3F:52:50:DC:CB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851FC83EE14DDF6C947E4B4B90035EA192
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ek58CtKXPlBDwivKUwa3P1JQ3Ms.roa
Signing time: Sat 17 Dec 2022 11:11:34 +0000
ROA not before: Sat 17 Dec 2022 11:11:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1f:c8:3e:e1:4d:df:6c:94:7e:4b:4b:90:03:5e:a1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 17 11:11:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=124e7c0ad2973e5043c22bca5306b73f5250dccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:48:77:42:e5:e4:1c:50:ef:37:f4:6d:9a:7e:
66:85:96:b4:8b:9d:c9:09:9f:2d:95:eb:1a:e5:b0:
b1:e9:4a:5b:64:e1:05:8b:66:87:1a:23:e3:c7:6b:
96:1c:33:dd:3a:cf:ab:e0:f5:6f:ae:d2:02:12:48:
f5:6b:aa:6c:89:1f:ed:eb:3f:02:2e:98:4e:fb:25:
b5:31:5b:7e:dd:a2:98:47:ff:15:09:c0:a8:f8:37:
9d:0d:1b:97:97:f2:fc:87:88:95:d3:e3:59:7c:88:
53:28:ab:13:f1:78:4e:b3:14:2b:1e:dc:2f:91:d8:
2d:31:72:53:fb:9c:f7:87:ce:f6:65:51:bf:a7:8a:
f8:33:75:bc:fc:01:ba:fa:38:0b:e6:90:19:7b:f3:
7a:b1:6b:c7:80:7b:7a:7a:9d:6b:fc:91:98:21:5b:
46:2c:a0:fa:6b:ba:66:81:c7:fb:c5:10:d6:ed:04:
a0:53:0f:92:d0:8f:6b:e2:b0:eb:36:fe:af:0b:70:
4c:84:35:57:11:20:94:b4:24:e8:30:78:70:3e:54:
6f:9c:32:a5:8b:ae:fa:e1:d2:4a:00:16:54:66:77:
53:d5:de:b3:de:7b:d1:b2:1e:7c:b0:fa:50:4b:d1:
55:27:89:a0:34:f4:92:fc:ab:fd:5f:b5:fc:65:70:
92:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4E:7C:0A:D2:97:3E:50:43:C2:2B:CA:53:06:B7:3F:52:50:DC:CB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ek58CtKXPlBDwivKUwa3P1JQ3Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:01:9c:18:fa:02:e8:4d:16:c3:a3:26:ca:77:e4:b7:43:ad:
98:72:fd:f8:6f:95:5d:59:bf:2e:47:0b:94:b9:a4:cd:24:4d:
e3:ce:a7:37:be:0c:2d:4e:6d:c2:cd:09:b0:07:1d:af:0a:86:
c3:1d:94:d3:9e:12:dd:3e:f8:ec:0e:7a:af:d3:77:f0:6e:bb:
b0:b2:8b:d3:92:e9:a6:28:50:93:1a:aa:6b:7a:6c:9c:cb:c9:
6a:71:b3:90:98:f9:4a:1f:11:1b:70:c9:e7:41:1f:65:12:15:
fb:68:5f:ac:2e:b4:2a:17:cb:0d:91:b1:91:f1:ce:1b:af:6e:
ba:26:90:e8:43:0d:dd:a1:05:f0:9e:04:52:f5:51:c8:16:8b:
40:f1:1e:f6:e7:8c:47:e6:db:95:52:d4:5a:7c:db:2b:dc:5d:
fc:3d:c6:e0:2b:94:c6:94:32:94:fc:96:04:98:98:a3:75:35:
db:d3:05:3e:0e:86:df:30:9b:70:01:b9:ae:9e:f6:7c:fe:e3:
e1:05:dc:29:1d:39:f1:a2:40:05:12:f0:5b:39:5a:7e:d5:0b:
37:e8:c1:06:3b:5a:f7:70:ca:9c:30:fb:1e:a8:94:49:a6:cf:
35:03:97:54:07:4b:7c:a5:7b:d7:0d:b3:e0:71:16:30:58:74:
fc:d9:10:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUfyD7hTd9slH5LS5ADXqGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE3MTExMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjRlN2MwYWQyOTczZTUwNDNjMjJiY2E1MzA2YjczZjUyNTBkY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0h3QuXkHFDvN/Rtmn5mhZa0i53J
CZ8tlesa5bCx6UpbZOEFi2aHGiPjx2uWHDPdOs+r4PVvrtICEkj1a6psiR/t6z8C
LphO+yW1MVt+3aKYR/8VCcCo+DedDRuXl/L8h4iV0+NZfIhTKKsT8XhOsxQrHtwv
kdgtMXJT+5z3h872ZVG/p4r4M3W8/AG6+jgL5pAZe/N6sWvHgHt6ep1r/JGYIVtG
LKD6a7pmgcf7xRDW7QSgUw+S0I9r4rDrNv6vC3BMhDVXESCUtCToMHhwPlRvnDKl
i6764dJKABZUZndT1d6z3nvRsh58sPpQS9FVJ4mgNPSS/Kv9X7X8ZXCS6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBJOfArSlz5QQ8IrylMGtz9SUNzLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRWs1OEN0S1hQbEJEd2l2S1V3YTNQMUpRM01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJYBnBj6AuhNFsOjJsp3
5LdDrZhy/fhvlV1Zvy5HC5S5pM0kTePOpze+DC1ObcLNCbAHHa8KhsMdlNOeEt0+
+OwOeq/Td/Buu7Cyi9OS6aYoUJMaqmt6bJzLyWpxs5CY+UofERtwyedBH2USFfto
X6wutCoXyw2RsZHxzhuvbromkOhDDd2hBfCeBFL1UcgWi0DxHvbnjEfm25VS1Fp8
2yvcXfw9xuArlMaUMpT8lgSYmKN1NdvTBT4Oht8wm3ABua6e9nz+4+EF3CkdOfGi
QAUS8Fs5Wn7VCzfowQY7Wvdwypww+x6olEmmzzUDl1QHS3yle9cNs+BxFjBYdPzZ
EPI=
-----END CERTIFICATE-----
Generated at Thu May 1 07:08:14 2025 by rpki-client