Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/J3_uHM_XAnDuAwBxY-sW5zw5hLs.roa
File: J3_uHM_XAnDuAwBxY-sW5zw5hLs.roa (raw, json)
Hash identifier: NGJ/OWIGCn1vLjh83LKOHHeZ0ItRsDs36wCiFhf8e/g=
Subject key identifier: 27:7F:EE:1C:CF:D7:02:70:EE:03:00:71:63:EB:16:E7:3C:39:84:BB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869FE0B64B282DF603E427102E87A9A604
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/J3_uHM_XAnDuAwBxY-sW5zw5hLs.roa
Signing time: Thu 02 Mar 2023 01:12:29 +0000
ROA not before: Thu 02 Mar 2023 01:12:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9f:e0:b6:4b:28:2d:f6:03:e4:27:10:2e:87:a9:a6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 2 01:12:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=277fee1ccfd70270ee03007163eb16e73c3984bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c3:40:95:63:fe:28:c1:dd:20:46:7b:3d:d7:
ee:a6:b8:ab:6f:0f:f1:7f:55:e0:dd:4d:ef:47:06:
ee:33:f2:b2:f1:73:5f:dc:72:03:b7:a7:d5:b7:ff:
07:64:9c:b9:10:a3:3c:9b:45:8c:dc:fa:04:4a:98:
36:98:74:dc:d4:e7:89:8d:c4:4e:2a:d6:f7:58:d8:
cb:6f:73:eb:a8:02:51:37:3b:23:ad:2d:50:dd:0e:
3a:ec:8f:9a:ac:01:dc:4e:90:0a:00:59:e4:a9:08:
52:74:a4:8c:dd:a2:d1:cd:15:e5:bd:b8:70:5e:74:
9c:6d:2a:54:ea:fe:84:bd:cb:69:67:e8:e8:26:06:
a2:9d:01:64:2e:40:26:d8:b7:71:5e:63:7e:9b:e3:
12:52:a0:20:cd:cf:f9:97:53:7b:82:09:f8:7b:dd:
96:5a:88:53:f1:db:3e:7b:7a:60:e2:4e:6f:c8:82:
fb:3c:37:67:04:43:69:5a:d6:d4:67:64:43:97:05:
94:db:2f:80:b5:48:4b:d1:bd:c3:a5:4d:22:db:95:
ff:12:e7:39:a8:f7:3b:29:1f:89:2c:a9:f5:5c:2b:
e4:5d:38:80:29:ad:c6:e5:b3:fb:31:b5:74:31:88:
d3:9f:5a:41:96:1a:92:ab:fb:6a:52:6e:3c:d8:fc:
3a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:7F:EE:1C:CF:D7:02:70:EE:03:00:71:63:EB:16:E7:3C:39:84:BB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/J3_uHM_XAnDuAwBxY-sW5zw5hLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:87:cf:18:88:10:cb:fe:ec:61:78:4d:5a:81:fe:11:d9:ce:
81:8f:6a:fb:1a:18:88:5c:7d:d4:81:58:c6:24:d1:9a:74:59:
53:8c:88:23:de:a0:b4:27:88:bf:3b:b1:f3:3b:0d:c9:8a:41:
4a:98:9e:24:15:7f:27:ea:fb:50:93:bb:f7:a0:ca:1a:80:f8:
37:19:dc:01:6e:24:7c:8b:13:97:2e:e8:74:0a:d6:66:48:23:
fe:7f:81:98:49:0e:67:60:1a:49:1c:46:17:52:b9:6f:b4:28:
96:f4:4b:1e:6d:5d:ca:f2:fd:a5:cc:3c:a0:a8:ef:7b:60:32:
ca:e7:ed:1d:79:19:c0:10:58:ee:18:0a:d1:a4:67:60:e3:26:
51:b7:3f:f5:1d:f2:5b:41:df:db:93:7d:9f:94:b7:b7:e1:1c:
7b:6f:d9:2e:d8:d7:1c:d1:47:a3:81:b5:23:12:a1:17:9f:99:
b5:b7:be:0f:77:63:fa:69:02:af:94:0f:3d:25:b6:44:5d:a3:
c4:d2:3c:37:24:e6:eb:a1:3d:02:14:f8:bd:14:45:69:2b:44:
ab:d0:8a:43:b7:28:69:44:df:b0:cf:06:a2:8e:bb:66:07:1d:
aa:7e:dd:34:2d:7d:29:31:71:33:15:98:60:23:d2:fa:ed:62:
b4:28:51:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaf4LZLKC32A+QnEC6HqaYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAyMDExMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzdmZWUxY2NmZDcwMjcwZWUwMzAwNzE2M2ViMTZlNzNjMzk4NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMNAlWP+KMHdIEZ7Pdfuprirbw/x
f1Xg3U3vRwbuM/Ky8XNf3HIDt6fVt/8HZJy5EKM8m0WM3PoESpg2mHTc1OeJjcRO
Ktb3WNjLb3PrqAJRNzsjrS1Q3Q467I+arAHcTpAKAFnkqQhSdKSM3aLRzRXlvbhw
XnScbSpU6v6EvctpZ+joJgainQFkLkAm2LdxXmN+m+MSUqAgzc/5l1N7ggn4e92W
WohT8ds+e3pg4k5vyIL7PDdnBENpWtbUZ2RDlwWU2y+AtUhL0b3DpU0i25X/Euc5
qPc7KR+JLKn1XCvkXTiAKa3G5bP7MbV0MYjTn1pBlhqSq/tqUm482Pw6HQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCd/7hzP1wJw7gMAcWPrFuc8OYS7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSjNfdUhNX1hBbkR1QXdCeFktc1c1enc1aExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJKHzxiIEMv+7GF4TVqB
/hHZzoGPavsaGIhcfdSBWMYk0Zp0WVOMiCPeoLQniL87sfM7DcmKQUqYniQVfyfq
+1CTu/egyhqA+DcZ3AFuJHyLE5cu6HQK1mZII/5/gZhJDmdgGkkcRhdSuW+0KJb0
Sx5tXcry/aXMPKCo73tgMsrn7R15GcAQWO4YCtGkZ2DjJlG3P/Ud8ltB39uTfZ+U
t7fhHHtv2S7Y1xzRR6OBtSMSoRefmbW3vg93Y/ppAq+UDz0ltkRdo8TSPDck5uuh
PQIU+L0URWkrRKvQikO3KGlE37DPBqKOu2YHHap+3TQtfSkxcTMVmGAj0vrtYrQo
USc=
-----END CERTIFICATE-----
Generated at Thu May 1 02:51:48 2025 by rpki-client