Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Esm5B0hG3Jj5VJR5WCpSgTeNRyk.roa
File: Esm5B0hG3Jj5VJR5WCpSgTeNRyk.roa (raw, json)
Hash identifier: AiM12SOr/GGLYvxfcCIEk4a65ZHUVY+2pk3CzDbXYzU=
Subject key identifier: 12:C9:B9:07:48:46:DC:98:F9:54:94:79:58:2A:52:81:37:8D:47:29
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F508EA721C60B739C3128C0108D08474
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Esm5B0hG3Jj5VJR5WCpSgTeNRyk.roa
Signing time: Mon 14 Aug 2023 17:12:29 +0000
ROA not before: Mon 14 Aug 2023 17:12:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f5:08:ea:72:1c:60:b7:39:c3:12:8c:01:08:d0:84:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 14 17:12:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12c9b9074846dc98f9549479582a5281378d4729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:66:24:a6:76:a4:67:c0:fa:48:35:78:ab:25:
f8:c2:ef:be:f0:8c:4c:d8:e9:38:e8:b5:e3:f6:89:
b1:54:71:72:61:71:b6:55:05:8d:47:99:cf:91:49:
2f:a7:a8:ef:c3:8c:ea:66:e2:20:29:aa:f1:b0:bd:
f3:18:a9:65:9e:cb:ea:f2:9d:37:17:7d:81:ba:f1:
4c:de:8b:c2:22:64:e3:03:63:24:04:33:ab:b1:cd:
15:76:78:8b:22:fc:d4:0e:cb:7e:56:03:52:83:c3:
90:96:e2:f7:f1:bf:26:64:b0:2f:9a:b3:2b:bc:7d:
d2:c6:88:05:66:8e:80:7c:c3:14:62:f5:30:e5:de:
2f:21:3c:94:05:2b:4a:25:db:83:59:73:01:75:90:
f6:a0:0b:1d:4b:6a:6d:a7:67:7f:b6:6c:1c:24:4b:
e4:50:53:9a:39:9e:5d:f3:09:91:d7:cd:10:be:ab:
31:54:6f:35:0d:3a:63:bb:d0:5e:2f:63:dd:77:4d:
ad:98:14:7c:6b:bb:10:fa:c9:d4:95:77:c5:b1:4e:
80:e5:5a:c9:35:62:90:b6:17:93:e3:4c:92:fc:e7:
cc:97:db:44:16:ef:56:db:75:ee:6d:71:af:ca:0a:
33:26:cf:d9:e5:9e:a6:1c:d3:f6:a2:ae:f8:d8:d9:
d4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C9:B9:07:48:46:DC:98:F9:54:94:79:58:2A:52:81:37:8D:47:29
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Esm5B0hG3Jj5VJR5WCpSgTeNRyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:94:07:f2:c2:83:ff:88:23:ef:ef:8e:34:9c:e5:5e:29:e4:
07:14:7e:44:31:f7:b0:f1:80:ed:5a:68:00:b3:e9:02:a4:5a:
94:54:bb:8a:41:11:e7:4b:07:42:28:ed:bd:59:99:39:42:66:
e8:a6:c7:d1:55:86:d8:02:5a:ab:4c:77:52:9d:2b:9e:95:37:
b7:6a:e8:5d:78:22:4a:34:d0:bb:39:56:a2:6f:99:26:7d:c3:
ee:ab:80:79:d2:6e:02:a2:5c:cd:c1:60:fb:94:73:4c:ef:ef:
ac:cc:8b:9a:c8:d0:ca:19:84:d9:77:6b:12:e7:80:b7:83:ef:
4b:05:b1:fb:7e:7c:0e:5b:8f:be:8c:a7:3f:c3:6e:1e:bd:15:
9a:3e:83:0d:80:b0:18:36:7c:9f:4e:e8:ca:d1:c9:77:55:84:
88:4b:92:48:ae:63:f4:c9:8a:27:a5:df:8d:01:1b:95:0f:4c:
a8:fe:20:10:e0:99:0d:40:b6:fc:c1:f9:a2:19:85:24:b1:a0:
c8:47:b2:3d:a9:fb:10:21:9e:2f:42:29:51:3b:1a:28:cb:be:
45:13:1f:1e:40:e6:c6:2b:a9:98:74:dc:2e:ad:fd:29:44:bb:
8e:e9:c7:29:a7:da:1b:b8:48:07:4a:e8:41:dc:bd:35:6e:4a:
76:94:b4:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn1COpyHGC3OcMSjAEI0IR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE0MTcxMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmM5YjkwNzQ4NDZkYzk4Zjk1NDk0Nzk1ODJhNTI4MTM3OGQ0NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGYkpnakZ8D6SDV4qyX4wu++8IxM
2Ok46LXj9omxVHFyYXG2VQWNR5nPkUkvp6jvw4zqZuIgKarxsL3zGKllnsvq8p03
F32BuvFM3ovCImTjA2MkBDOrsc0VdniLIvzUDst+VgNSg8OQluL38b8mZLAvmrMr
vH3SxogFZo6AfMMUYvUw5d4vITyUBStKJduDWXMBdZD2oAsdS2ptp2d/tmwcJEvk
UFOaOZ5d8wmR180QvqsxVG81DTpju9BeL2Pdd02tmBR8a7sQ+snUlXfFsU6A5VrJ
NWKQtheT40yS/OfMl9tEFu9W23XubXGvygozJs/Z5Z6mHNP2oq742NnUgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBLJuQdIRtyY+VSUeVgqUoE3jUcpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRXNtNUIwaEczSmo1VkpSNVdDcFNnVGVOUnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEmUB/LCg/+II+/vjjSc
5V4p5AcUfkQx97DxgO1aaACz6QKkWpRUu4pBEedLB0Io7b1ZmTlCZuimx9FVhtgC
WqtMd1KdK56VN7dq6F14Iko00Ls5VqJvmSZ9w+6rgHnSbgKiXM3BYPuUc0zv76zM
i5rI0MoZhNl3axLngLeD70sFsft+fA5bj76Mpz/Dbh69FZo+gw2AsBg2fJ9O6MrR
yXdVhIhLkkiuY/TJiiel340BG5UPTKj+IBDgmQ1AtvzB+aIZhSSxoMhHsj2p+xAh
ni9CKVE7GijLvkUTHx5A5sYrqZh03C6t/SlEu47pxymn2hu4SAdK6EHcvTVuSnaU
tHA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:40 2025 by rpki-client