Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GOJidMPxQEKtXNHYd0l9HY1br-8.roa
File: GOJidMPxQEKtXNHYd0l9HY1br-8.roa (raw, json)
Hash identifier: QOOO43c8BcODqY7cZ0t6aQkxwowHDWu78uCMwGlKJKk=
Subject key identifier: 18:E2:62:74:C3:F1:40:42:AD:5C:D1:D8:77:49:7D:1D:8D:5B:AF:EF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018727AD39C115FCC16C13BECC6308B91F9F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GOJidMPxQEKtXNHYd0l9HY1br-8.roa
Signing time: Tue 28 Mar 2023 10:04:36 +0000
ROA not before: Tue 28 Mar 2023 10:04:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:187:27ac:f939/128 maxlen: 128
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:ad:39:c1:15:fc:c1:6c:13:be:cc:63:08:b9:1f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 28 10:04:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18e26274c3f14042ad5cd1d877497d1d8d5bafef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bc:c0:44:f6:ec:94:64:e6:7b:94:59:c8:99:
eb:12:94:6b:79:d8:0a:a6:ad:b9:e7:9d:bb:b1:18:
c8:f2:f3:70:1f:03:a8:92:cb:68:34:fe:59:67:5f:
ff:8e:39:55:97:fb:0b:61:54:8a:a4:91:0b:0d:4b:
9a:e0:f6:4e:ff:f1:e4:98:a2:4d:95:48:8c:55:3b:
d7:37:3a:62:5e:55:5d:18:5f:69:45:33:3d:6f:8a:
86:1e:f5:bc:02:5e:17:70:5f:32:ae:07:97:cd:58:
18:1b:12:d7:52:9b:04:6a:5a:65:81:54:fc:2b:c6:
d8:9d:78:9a:c0:01:57:0f:cc:97:ce:1c:91:61:bc:
b2:15:b7:b4:88:33:f0:cb:53:c1:c2:1f:8d:78:54:
f8:27:dc:14:46:11:5e:19:46:80:a6:b3:7c:27:84:
a6:1c:fa:6d:59:f0:90:72:f4:ef:c2:4c:c8:8c:7c:
4a:a0:af:f5:87:b8:b7:14:60:2a:2e:25:54:26:b6:
e6:24:62:b9:6a:74:39:bc:a7:96:51:77:47:73:d5:
8a:1b:d2:17:c1:13:ed:b6:bd:03:6d:dc:54:93:4f:
39:7d:c4:c0:c7:78:91:f2:92:1d:2f:b9:a0:aa:7b:
d8:df:84:34:eb:d1:37:40:cf:c9:08:c3:88:d2:6e:
f0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E2:62:74:C3:F1:40:42:AD:5C:D1:D8:77:49:7D:1D:8D:5B:AF:EF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GOJidMPxQEKtXNHYd0l9HY1br-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:e2:b5:53:17:50:7c:33:b1:aa:12:bb:a5:f7:96:c2:91:62:
7d:d6:59:32:88:4a:6e:88:a0:66:c8:5e:59:33:be:a3:82:de:
2e:8a:ab:1f:ea:46:5d:b9:ac:65:3b:51:55:d6:35:c3:8a:d6:
79:84:1d:f6:3a:68:12:a5:e1:79:3f:3d:ba:15:20:5f:5e:fe:
28:3c:ab:9e:4c:2e:ea:05:f4:7d:4c:78:92:db:9b:ea:95:b5:
d1:44:25:70:e1:8f:1c:37:06:f3:74:3e:42:76:20:2d:ef:8e:
85:4a:b3:70:9e:8f:14:5f:43:cc:aa:49:a9:7c:1a:ea:74:82:
5f:c0:7d:5b:b6:d7:20:f3:4a:04:3b:82:8f:b5:3f:63:be:b1:
cb:db:79:e2:ab:7b:fc:6f:a2:2b:05:b2:64:1e:e7:43:03:a0:
b5:ec:bf:b2:ed:12:5c:e2:43:93:5f:69:dd:9e:f1:18:6c:7d:
6f:97:3c:30:ef:95:47:09:85:69:1d:93:f2:bc:00:92:9c:28:
08:42:23:f4:07:09:fa:e2:10:4f:55:37:03:19:c5:77:63:b6:
91:5c:92:8f:f0:36:a8:7f:0d:e3:3b:73:8b:ef:b1:ac:8a:6c:
22:8a:c7:b5:63:39:b4:3a:bf:3f:a5:6b:80:dc:c1:71:eb:04:
81:46:f4:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcnrTnBFfzBbBO+zGMIuR+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI4MTAwNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGUyNjI3NGMzZjE0MDQyYWQ1Y2QxZDg3NzQ5N2QxZDhkNWJhZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbzARPbslGTme5RZyJnrEpRredgK
pq255527sRjI8vNwHwOokstoNP5ZZ1//jjlVl/sLYVSKpJELDUua4PZO//HkmKJN
lUiMVTvXNzpiXlVdGF9pRTM9b4qGHvW8Al4XcF8yrgeXzVgYGxLXUpsEalplgVT8
K8bYnXiawAFXD8yXzhyRYbyyFbe0iDPwy1PBwh+NeFT4J9wURhFeGUaAprN8J4Sm
HPptWfCQcvTvwkzIjHxKoK/1h7i3FGAqLiVUJrbmJGK5anQ5vKeWUXdHc9WKG9IX
wRPttr0DbdxUk085fcTAx3iR8pIdL7mgqnvY34Q069E3QM/JCMOI0m7wjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBjiYnTD8UBCrVzR2HdJfR2NW6/vMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvR09KaWRNUHhRRUt0WE5IWWQwbDlIWTFici04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGTitVMXUHwzsaoSu6X3
lsKRYn3WWTKISm6IoGbIXlkzvqOC3i6Kqx/qRl25rGU7UVXWNcOK1nmEHfY6aBKl
4Xk/PboVIF9e/ig8q55MLuoF9H1MeJLbm+qVtdFEJXDhjxw3BvN0PkJ2IC3vjoVK
s3CejxRfQ8yqSal8Gup0gl/AfVu21yDzSgQ7go+1P2O+scvbeeKre/xvoisFsmQe
50MDoLXsv7LtElziQ5Nfad2e8RhsfW+XPDDvlUcJhWkdk/K8AJKcKAhCI/QHCfri
EE9VNwMZxXdjtpFcko/wNqh/DeM7c4vvsayKbCKKx7VjObQ6vz+la4DcwXHrBIFG
9EM=
-----END CERTIFICATE-----
Generated at Sun May 4 07:38:56 2025 by rpki-client