Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G9a-FhlJL-JOajBI4hocyWX_Mmw.roa
File: G9a-FhlJL-JOajBI4hocyWX_Mmw.roa (raw, json)
Hash identifier: olblpHlfgcwNSBjNDczpwVsEloa6EH+VTX0Rx8PKHoc=
Subject key identifier: 1B:D6:BE:16:19:49:2F:E2:4E:6A:30:48:E2:1A:1C:C9:65:FF:32:6C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184DC67A053048D311A06D9F10208A12A7F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G9a-FhlJL-JOajBI4hocyWX_Mmw.roa
Signing time: Sun 04 Dec 2022 09:11:29 +0000
ROA not before: Sun 04 Dec 2022 09:11:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:dc:67:a0:53:04:8d:31:1a:06:d9:f1:02:08:a1:2a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 4 09:11:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bd6be1619492fe24e6a3048e21a1cc965ff326c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a1:32:26:ec:34:6e:48:be:07:5f:09:67:de:
9c:95:f8:33:90:54:ee:11:3e:73:25:98:09:05:9a:
ec:f8:da:61:d3:ef:e4:d9:4e:2a:f4:d9:ba:5a:c0:
55:be:36:c0:76:cb:d7:59:d3:c0:59:87:89:91:2d:
35:51:aa:ec:ae:3a:99:54:2f:26:10:3b:70:f3:6f:
fd:3f:c2:f2:8c:ff:65:12:74:23:79:3f:b2:3f:8a:
25:57:7a:48:b9:e3:73:c4:62:4f:88:78:56:4b:3b:
5d:a7:96:0f:72:8d:25:32:a8:fd:cb:37:4d:6e:3b:
bf:b3:04:f5:fa:78:cc:14:7a:90:bf:e7:cf:7c:67:
64:0c:57:47:65:b1:1e:a2:da:f6:ed:60:a1:12:80:
81:e5:c1:fc:02:2a:a8:cc:f2:4a:98:27:03:00:21:
1a:d1:60:b2:cf:17:e3:bf:d5:e1:c8:78:05:f5:12:
8c:a0:fd:f4:96:28:54:27:d8:0e:34:39:c1:45:2d:
6e:7f:da:d2:d3:62:3f:4b:63:83:d0:02:bf:4d:c0:
a9:db:50:a4:bb:59:7e:0e:a3:27:ac:ea:6e:8e:47:
f5:0d:17:f5:ab:05:85:68:3d:a4:8b:27:06:00:35:
dd:62:a1:d6:b3:3e:1d:8f:3b:4c:4e:b2:f7:b2:b2:
6f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D6:BE:16:19:49:2F:E2:4E:6A:30:48:E2:1A:1C:C9:65:FF:32:6C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G9a-FhlJL-JOajBI4hocyWX_Mmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:f3:3b:ea:89:db:6e:e7:50:15:83:48:9b:27:b0:39:95:14:
23:23:dd:a0:18:2d:eb:d2:ce:36:98:fe:3a:db:24:0e:81:c8:
58:12:b9:a5:fb:ff:a8:23:99:72:6e:7d:3d:3d:27:4c:6c:c0:
41:9b:04:b3:d2:5d:8f:41:a6:93:24:93:b7:30:45:1a:be:21:
8f:ce:ea:39:e3:bb:04:37:61:d6:79:37:e0:a8:20:b5:6f:51:
ce:7f:51:e4:40:77:db:5f:6e:b5:a6:b0:eb:b1:08:74:5e:53:
c6:05:ab:6a:2b:bb:77:5c:6d:17:4d:ff:06:96:23:a2:e6:39:
76:1a:0f:96:08:df:9d:5e:76:c8:55:dc:e5:7c:1e:03:9b:ab:
55:59:4c:df:4f:e8:b9:2a:cb:13:63:a8:5e:da:1d:55:b7:a2:
03:24:1a:c3:57:12:06:3a:af:93:48:79:6f:7d:50:e8:5c:e0:
e0:ea:35:6c:5c:59:85:68:7a:39:80:01:1e:75:b1:55:19:a1:
40:60:84:e1:e7:5e:b9:da:4c:40:73:95:2a:4a:6b:2e:50:18:
03:1a:09:eb:b0:1c:38:cc:db:45:a9:ff:02:57:35:4b:9a:ca:
56:91:40:f4:3d:16:43:60:99:4f:49:bf:bc:14:f4:5f:8b:32:
26:c3:ff:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTcZ6BTBI0xGgbZ8QIIoSp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA0MDkxMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQ2YmUxNjE5NDkyZmUyNGU2YTMwNDhlMjFhMWNjOTY1ZmYzMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KEyJuw0bki+B18JZ96clfgzkFTu
ET5zJZgJBZrs+Nph0+/k2U4q9Nm6WsBVvjbAdsvXWdPAWYeJkS01UarsrjqZVC8m
EDtw82/9P8LyjP9lEnQjeT+yP4olV3pIueNzxGJPiHhWSztdp5YPco0lMqj9yzdN
bju/swT1+njMFHqQv+fPfGdkDFdHZbEeotr27WChEoCB5cH8AiqozPJKmCcDACEa
0WCyzxfjv9XhyHgF9RKMoP30lihUJ9gONDnBRS1uf9rS02I/S2OD0AK/TcCp21Ck
u1l+DqMnrOpujkf1DRf1qwWFaD2kiycGADXdYqHWsz4djztMTrL3srJvEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBvWvhYZSS/iTmowSOIaHMll/zJsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRzlhLUZobEpMLUpPYWpCSTRob2N5V1hfTW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAvzO+qJ227nUBWDSJsn
sDmVFCMj3aAYLevSzjaY/jrbJA6ByFgSuaX7/6gjmXJufT09J0xswEGbBLPSXY9B
ppMkk7cwRRq+IY/O6jnjuwQ3YdZ5N+CoILVvUc5/UeRAd9tfbrWmsOuxCHReU8YF
q2oru3dcbRdN/waWI6LmOXYaD5YI351edshV3OV8HgObq1VZTN9P6LkqyxNjqF7a
HVW3ogMkGsNXEgY6r5NIeW99UOhc4ODqNWxcWYVoejmAAR51sVUZoUBghOHnXrna
TEBzlSpKay5QGAMaCeuwHDjM20Wp/wJXNUuaylaRQPQ9FkNgmU9Jv7wU9F+LMibD
/64=
-----END CERTIFICATE-----
Generated at Thu May 1 07:26:06 2025 by rpki-client