Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O3pXBGQE56RJ-dCS8fZGWSzKUGg.roa
File: O3pXBGQE56RJ-dCS8fZGWSzKUGg.roa (raw, json)
Hash identifier: ycXxZCFNi0ajzwfeUUOo4wte+bombxX8oKW1jfaocTg=
Subject key identifier: 3B:7A:57:04:64:04:E7:A4:49:F9:D0:92:F1:F6:46:59:2C:CA:50:68
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184EA22CE4473F004653C0EA0E7A137C2E8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O3pXBGQE56RJ-dCS8fZGWSzKUGg.roa
Signing time: Wed 07 Dec 2022 01:11:00 +0000
ROA not before: Wed 07 Dec 2022 01:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ea:22:ce:44:73:f0:04:65:3c:0e:a0:e7:a1:37:c2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 7 01:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b7a57046404e7a449f9d092f1f646592cca5068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1a:86:29:c0:fd:00:19:f6:a0:7a:ba:c2:0a:
19:ee:74:be:87:e8:f6:21:6b:dd:c5:3c:a6:3a:14:
1f:33:a6:43:5d:ef:b3:64:40:ba:76:38:50:20:b7:
07:2d:41:01:76:cb:1b:8d:a3:25:7b:21:57:70:88:
70:c8:23:3b:d1:fb:26:55:9a:05:be:78:cc:1f:34:
c5:d6:88:eb:96:02:0d:f3:44:4a:f3:62:5d:4e:2c:
5c:d9:74:30:2c:c9:8f:c8:de:57:4c:6f:c6:19:55:
3b:be:f2:98:f6:18:98:78:8a:c1:54:5b:70:5b:8e:
36:bf:56:97:c3:06:ce:75:4e:dc:54:92:89:a5:96:
ed:99:9f:62:ba:08:14:64:94:b1:26:1c:c5:f1:f4:
f7:e6:e4:e3:78:a6:72:6c:47:ac:74:80:90:07:d7:
48:32:33:ee:b7:88:c4:f9:2c:89:9d:72:8c:e1:c7:
eb:17:b7:0f:79:7f:9d:29:b0:ab:bf:0a:a3:fa:e9:
91:f9:a8:7b:ec:3b:05:67:a5:69:bc:b8:d4:4c:a1:
05:b9:74:13:af:03:f8:52:d9:3c:9e:85:77:96:7d:
58:ff:b2:42:2a:6f:62:c4:ee:28:77:6b:df:9e:24:
fd:68:89:8f:bf:de:5a:76:30:49:c2:ab:dd:e4:5d:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7A:57:04:64:04:E7:A4:49:F9:D0:92:F1:F6:46:59:2C:CA:50:68
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O3pXBGQE56RJ-dCS8fZGWSzKUGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:27:14:74:9d:b8:75:51:ff:d5:d4:29:fa:07:52:e2:88:f9:
b3:9e:d7:e4:49:41:95:ec:43:9f:af:92:33:1d:5f:26:5f:5c:
03:3d:88:66:d9:eb:49:c2:d8:0b:55:ba:61:b9:9d:1a:22:bb:
e9:5c:53:44:63:f3:56:2a:0c:1a:41:24:a0:f8:68:95:30:81:
64:b1:cf:10:9b:ba:ae:24:e6:9c:6c:16:f1:bf:0d:b0:cd:6a:
60:79:27:86:1c:df:43:64:73:a4:1c:80:1e:41:23:27:12:01:
5f:32:f1:e2:00:b8:b1:11:ec:04:82:32:85:31:c7:36:30:9e:
66:1a:43:16:a8:f0:40:71:5d:43:e2:35:4c:5a:73:f3:6c:dc:
a4:f7:99:b0:f4:44:9d:33:33:b4:97:5a:be:f8:37:0c:85:4c:
c6:53:e4:dd:19:39:29:b3:62:98:bb:92:db:61:5c:fb:94:e1:
00:78:e2:f2:80:ae:b6:78:24:eb:dd:fe:f6:d5:1d:c2:2f:6e:
12:7a:ae:1c:d8:e7:f0:ee:e1:e4:ed:09:8e:99:2a:27:91:0a:
8a:88:6f:a8:ab:ac:15:1e:25:d3:a7:45:5c:23:cc:66:92:36:
a4:09:ca:76:c4:76:72:5c:54:fa:e6:e5:b5:82:15:83:87:86:
16:49:8c:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTqIs5Ec/AEZTwOoOehN8LoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA3MDExMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdhNTcwNDY0MDRlN2E0NDlmOWQwOTJmMWY2NDY1OTJjY2E1MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RqGKcD9ABn2oHq6wgoZ7nS+h+j2
IWvdxTymOhQfM6ZDXe+zZEC6djhQILcHLUEBdssbjaMleyFXcIhwyCM70fsmVZoF
vnjMHzTF1ojrlgIN80RK82JdTixc2XQwLMmPyN5XTG/GGVU7vvKY9hiYeIrBVFtw
W442v1aXwwbOdU7cVJKJpZbtmZ9iuggUZJSxJhzF8fT35uTjeKZybEesdICQB9dI
MjPut4jE+SyJnXKM4cfrF7cPeX+dKbCrvwqj+umR+ah77DsFZ6VpvLjUTKEFuXQT
rwP4Utk8noV3ln1Y/7JCKm9ixO4od2vfniT9aImPv95adjBJwqvd5F1TkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDt6VwRkBOekSfnQkvH2RlksylBoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTzNwWEJHUUU1NlJKLWRDUzhmWkdXU3pLVUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABMnFHSduHVR/9XUKfoH
UuKI+bOe1+RJQZXsQ5+vkjMdXyZfXAM9iGbZ60nC2AtVumG5nRoiu+lcU0Rj81Yq
DBpBJKD4aJUwgWSxzxCbuq4k5pxsFvG/DbDNamB5J4Yc30Nkc6QcgB5BIycSAV8y
8eIAuLER7ASCMoUxxzYwnmYaQxao8EBxXUPiNUxac/Ns3KT3mbD0RJ0zM7SXWr74
NwyFTMZT5N0ZOSmzYpi7ktthXPuU4QB44vKArrZ4JOvd/vbVHcIvbhJ6rhzY5/Du
4eTtCY6ZKieRCoqIb6irrBUeJdOnRVwjzGaSNqQJynbEdnJcVPrm5bWCFYOHhhZJ
jIA=
-----END CERTIFICATE-----
Generated at Thu May 1 02:53:21 2025 by rpki-client