Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O1UplXhHPXKyNC32wZnUqFpgexY.roa
File: O1UplXhHPXKyNC32wZnUqFpgexY.roa (raw, json)
Hash identifier: prZ1P2Ow4YdpBJoF3xdf/af1gqO0T1iVJTkUUuDJPUo=
Subject key identifier: 3B:55:29:95:78:47:3D:72:B2:34:2D:F6:C1:99:D4:A8:5A:60:7B:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F0F868622AA1B21584D842EEF21CC2DA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O1UplXhHPXKyNC32wZnUqFpgexY.roa
Signing time: Sun 13 Aug 2023 22:15:58 +0000
ROA not before: Sun 13 Aug 2023 22:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f0:f8:68:62:2a:a1:b2:15:84:d8:42:ee:f2:1c:c2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 22:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b55299578473d72b2342df6c199d4a85a607b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d9:6e:26:aa:b1:32:72:38:d9:57:08:26:00:
79:a9:a0:e8:7e:79:90:ce:54:c7:e2:87:50:e2:3b:
81:4c:4d:30:a9:18:67:95:5b:c1:91:79:d9:61:e1:
2b:0e:e9:4d:43:3c:fc:43:8e:9e:a3:ca:fb:14:25:
7f:7e:c1:f5:c7:23:dd:01:1d:86:91:87:11:ac:52:
12:33:40:ed:22:a1:0b:e2:85:83:0d:3d:fb:e7:a7:
e7:29:f4:6a:2c:d4:ed:d1:aa:3f:40:0e:86:24:b5:
d1:f6:9f:37:d9:f6:e2:e3:e8:53:71:e7:b0:3c:67:
bd:56:58:10:fc:d6:8d:f6:98:09:c3:58:64:08:9a:
4d:5a:ef:76:38:10:98:84:49:83:ed:c0:41:c8:54:
2f:09:49:00:97:1c:59:8c:ef:ed:0b:2d:06:6b:ca:
b7:0e:8f:ed:bf:49:0d:21:dc:de:54:62:85:4d:e7:
3c:17:1d:36:10:38:9b:d7:62:2f:1e:de:82:3a:ad:
e1:70:35:6e:f8:3b:a4:1a:bd:ac:1d:4e:7d:50:06:
f7:e3:18:80:99:3b:02:57:fa:78:73:9f:e6:2f:c1:
64:35:6a:f6:4b:b1:c7:42:ac:ee:b5:4c:22:b4:02:
8f:62:76:fc:d9:af:60:0a:bd:b3:21:38:0c:54:78:
06:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:55:29:95:78:47:3D:72:B2:34:2D:F6:C1:99:D4:A8:5A:60:7B:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O1UplXhHPXKyNC32wZnUqFpgexY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:69:04:af:e5:37:e2:d5:df:27:2b:be:0f:0e:0d:14:18:92:
70:65:60:58:0b:a0:56:00:81:3f:00:27:3c:e2:d3:c7:4e:25:
03:98:64:0d:14:c7:fc:cc:88:b0:dc:72:75:2f:12:bc:cf:e3:
18:23:76:29:e1:88:9c:8d:76:94:97:e3:e2:7d:8d:53:d9:de:
84:c3:98:a3:45:19:86:f3:32:af:d4:ca:91:93:09:fb:d7:06:
1b:69:a4:b9:f3:fd:cc:6e:94:7d:b3:f3:e4:cf:cc:2a:03:a8:
fc:3b:93:fd:af:c8:48:47:9e:ce:3b:3a:4d:fe:e6:48:9a:c4:
f0:77:ed:02:08:22:3a:05:4e:1e:ec:e3:9d:f2:94:47:a2:7c:
c6:db:71:cc:98:2b:88:3e:c8:5c:e0:a1:9a:21:5d:ca:f4:4f:
54:39:ee:60:c9:45:bd:03:ba:3e:4b:be:f5:80:a6:47:8f:72:
96:94:9d:b4:64:ad:66:f1:09:d6:24:7f:8c:f8:6e:15:85:10:
45:f9:d5:7a:1e:14:a5:c2:1a:4d:58:b6:d0:ad:09:27:8b:21:
d0:a6:aa:bf:ae:23:d9:25:db:10:00:51:47:ae:30:7c:21:72:
d5:1f:5c:55:41:b6:23:86:1b:82:68:23:d5:85:57:d9:0a:b7:
ab:37:5a:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnw+GhiKqGyFYTYQu7yHMLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMjIxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU1Mjk5NTc4NDczZDcyYjIzNDJkZjZjMTk5ZDRhODVhNjA3YjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtluJqqxMnI42VcIJgB5qaDofnmQ
zlTH4odQ4juBTE0wqRhnlVvBkXnZYeErDulNQzz8Q46eo8r7FCV/fsH1xyPdAR2G
kYcRrFISM0DtIqEL4oWDDT3756fnKfRqLNTt0ao/QA6GJLXR9p832fbi4+hTceew
PGe9VlgQ/NaN9pgJw1hkCJpNWu92OBCYhEmD7cBByFQvCUkAlxxZjO/tCy0Ga8q3
Do/tv0kNIdzeVGKFTec8Fx02EDib12IvHt6COq3hcDVu+DukGr2sHU59UAb34xiA
mTsCV/p4c5/mL8FkNWr2S7HHQqzutUwitAKPYnb82a9gCr2zITgMVHgGgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDtVKZV4Rz1ysjQt9sGZ1KhaYHsWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTzFVcGxYaEhQWEt5TkMzMndablVxRnBnZXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACVpBK/lN+LV3ycrvg8O
DRQYknBlYFgLoFYAgT8AJzzi08dOJQOYZA0Ux/zMiLDccnUvErzP4xgjdinhiJyN
dpSX4+J9jVPZ3oTDmKNFGYbzMq/UypGTCfvXBhtppLnz/cxulH2z8+TPzCoDqPw7
k/2vyEhHns47Ok3+5kiaxPB37QIIIjoFTh7s453ylEeifMbbccyYK4g+yFzgoZoh
Xcr0T1Q57mDJRb0Duj5LvvWApkePcpaUnbRkrWbxCdYkf4z4bhWFEEX51XoeFKXC
Gk1YttCtCSeLIdCmqr+uI9kl2xAAUUeuMHwhctUfXFVBtiOGG4JoI9WFV9kKt6s3
WkU=
-----END CERTIFICATE-----
Generated at Thu May 1 10:28:36 2025 by rpki-client