Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EkqDl9-Aw3rn3P_CzOxrDH9rBdk.roa
File: EkqDl9-Aw3rn3P_CzOxrDH9rBdk.roa (raw, json)
Hash identifier: 26YdmSjOqaqSvMLD1BMPcViqHX0zriuafqvDJvGFzdw=
Subject key identifier: 12:4A:83:97:DF:80:C3:7A:E7:DC:FF:C2:CC:EC:6B:0C:7F:6B:05:D9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186A20D5A34B251A8B2577F557AAF9C5AF8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EkqDl9-Aw3rn3P_CzOxrDH9rBdk.roa
Signing time: Thu 02 Mar 2023 11:20:29 +0000
ROA not before: Thu 02 Mar 2023 11:20:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:0d:5a:34:b2:51:a8:b2:57:7f:55:7a:af:9c:5a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 2 11:20:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=124a8397df80c37ae7dcffc2ccec6b0c7f6b05d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2c:24:c3:99:f4:3b:6e:5b:81:e2:49:98:02:
10:67:f2:d7:9f:ed:3c:b5:6f:78:3b:80:98:20:99:
3c:0a:a5:69:c6:04:2c:05:da:fb:d2:14:66:f7:ba:
73:6c:85:6c:bc:3d:aa:36:e7:f7:ab:06:54:43:b2:
21:65:11:98:a1:fb:97:1c:66:0b:32:f2:77:cb:fb:
35:fe:3c:6b:b1:b5:40:9d:8b:37:6e:c1:d0:c2:36:
a2:d2:8d:06:25:31:7c:7d:08:65:29:93:39:03:1c:
e2:03:36:02:49:48:35:19:fd:4b:47:60:1f:7d:1f:
a6:03:17:99:ad:f9:3e:07:0a:96:94:83:46:e4:4a:
60:bb:94:c5:61:63:ba:4c:7b:bc:44:00:94:4d:67:
34:06:e5:9c:e2:48:bc:20:8e:d7:b5:96:60:80:24:
da:a7:e8:cd:e6:cc:3f:70:67:62:60:00:18:7a:d9:
da:9d:2c:b4:2f:39:83:3b:14:34:9b:cd:4b:82:9a:
eb:04:da:1d:2d:3b:f8:74:e4:b4:63:45:4b:dc:d2:
7b:04:a9:eb:ec:b3:3a:44:0e:8d:14:4c:60:f4:a0:
9c:df:a6:2a:0a:d7:60:60:d9:6a:85:72:a9:b9:75:
06:6e:da:86:c2:df:6e:ef:75:eb:c0:14:cc:0c:fe:
14:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4A:83:97:DF:80:C3:7A:E7:DC:FF:C2:CC:EC:6B:0C:7F:6B:05:D9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EkqDl9-Aw3rn3P_CzOxrDH9rBdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:31:59:7b:31:eb:05:f1:5e:35:fb:65:60:43:22:e8:b8:ec:
b7:8a:cc:ea:f5:72:67:80:1a:d9:90:31:36:0d:14:97:c0:0a:
88:e1:cb:c4:3a:95:05:c4:86:a2:1e:72:5d:d7:b2:62:c5:0f:
17:93:56:66:4c:ff:4f:5c:70:bb:ce:ea:56:d1:f2:24:9c:3d:
f3:24:91:ef:da:71:67:04:bb:7f:bf:62:04:df:62:f0:a6:8a:
2b:90:a0:31:46:02:32:17:13:96:de:d0:44:8c:28:34:23:fb:
f2:4a:5a:98:55:9c:6f:13:65:da:a6:4f:3f:7b:f0:e7:08:4a:
0d:ab:d4:47:7a:58:3d:c2:cb:58:72:9f:a9:85:9e:6f:46:40:
68:2d:e9:e2:68:e0:05:20:3d:f3:b6:cb:83:a4:6e:11:a8:35:
b1:c3:ba:be:0c:66:52:86:48:0b:88:2f:ed:64:de:72:dd:1f:
b5:29:d0:4a:c6:6c:53:17:a7:a4:f2:9c:c0:ef:a1:04:fa:ac:
74:03:97:7e:4f:bb:85:9d:a1:3f:84:d4:15:c3:86:8e:2b:c4:
d5:4c:04:c6:b4:66:44:c7:cf:aa:8f:9d:05:4a:0b:7b:1d:19:
4c:01:2a:1e:42:af:e2:97:9c:a6:b0:03:06:91:6a:bd:50:74:
d0:2c:ca:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaiDVo0slGosld/VXqvnFr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAyMTEyMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjRhODM5N2RmODBjMzdhZTdkY2ZmYzJjY2VjNmIwYzdmNmIwNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnywkw5n0O25bgeJJmAIQZ/LXn+08
tW94O4CYIJk8CqVpxgQsBdr70hRm97pzbIVsvD2qNuf3qwZUQ7IhZRGYofuXHGYL
MvJ3y/s1/jxrsbVAnYs3bsHQwjai0o0GJTF8fQhlKZM5AxziAzYCSUg1Gf1LR2Af
fR+mAxeZrfk+BwqWlING5Epgu5TFYWO6THu8RACUTWc0BuWc4ki8II7XtZZggCTa
p+jN5sw/cGdiYAAYetnanSy0LzmDOxQ0m81LgprrBNodLTv4dOS0Y0VL3NJ7BKnr
7LM6RA6NFExg9KCc36YqCtdgYNlqhXKpuXUGbtqGwt9u73XrwBTMDP4UpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBJKg5ffgMN659z/wszsawx/awXZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRWtxRGw5LUF3M3JuM1BfQ3pPeHJESDlyQmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ8xWXsx6wXxXjX7ZWBD
Iui47LeKzOr1cmeAGtmQMTYNFJfACojhy8Q6lQXEhqIecl3XsmLFDxeTVmZM/09c
cLvO6lbR8iScPfMkke/acWcEu3+/YgTfYvCmiiuQoDFGAjIXE5be0ESMKDQj+/JK
WphVnG8TZdqmTz978OcISg2r1Ed6WD3Cy1hyn6mFnm9GQGgt6eJo4AUgPfO2y4Ok
bhGoNbHDur4MZlKGSAuIL+1k3nLdH7Up0ErGbFMXp6TynMDvoQT6rHQDl35Pu4Wd
oT+E1BXDho4rxNVMBMa0ZkTHz6qPnQVKC3sdGUwBKh5Cr+KXnKawAwaRar1QdNAs
yvQ=
-----END CERTIFICATE-----
Generated at Thu May 1 06:47:16 2025 by rpki-client