Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OESiwBrOi-d8lSABc7-FxX5KZTY.roa
File: OESiwBrOi-d8lSABc7-FxX5KZTY.roa (raw, json)
Hash identifier: 6pHxDRCSfg4B2pAyqVahnUMJQnmOQpVPzCHX0jXeaZM=
Subject key identifier: 38:44:A2:C0:1A:CE:8B:E7:7C:95:20:01:73:BF:85:C5:7E:4A:65:36
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C7F262F921F1A03784B2F9A98C6066D9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OESiwBrOi-d8lSABc7-FxX5KZTY.roa
Signing time: Sat 05 Aug 2023 23:04:58 +0000
ROA not before: Sat 05 Aug 2023 23:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:c7f1:a9ef/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c7:f2:62:f9:21:f1:a0:37:84:b2:f9:a9:8c:60:66:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 5 23:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3844a2c01ace8be77c95200173bf85c57e4a6536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6e:bb:93:38:47:4a:c1:c7:93:01:31:60:18:
06:55:0f:d4:17:e7:a5:d8:63:8e:d8:d9:05:2d:06:
82:fa:52:f9:da:63:38:78:bb:70:06:53:08:2f:e8:
a8:62:26:70:9f:b1:93:e2:f8:02:82:0d:49:80:3d:
3d:86:2e:dc:40:19:bd:d6:75:1f:50:20:4d:dc:b0:
6e:d5:a8:be:5e:ac:56:ea:4d:e6:7a:19:ff:98:f5:
fa:27:5e:ea:ce:66:38:06:ae:e8:f6:6f:53:76:66:
28:2d:19:00:a8:17:70:e7:08:e8:87:52:2e:7b:84:
2c:74:8f:d8:23:2c:f5:a5:c3:70:97:24:d6:00:73:
3c:82:51:ea:4a:14:48:b3:c9:64:17:eb:41:47:03:
a4:9a:17:58:20:89:dd:e2:a2:2d:56:e3:84:a7:71:
a3:37:01:a0:8e:9c:03:4d:8a:ff:2a:19:51:55:f5:
a8:a1:12:06:00:d1:34:65:c6:47:f8:cf:c4:0a:90:
88:0e:57:de:ea:d4:a8:f1:6f:5c:32:53:57:7c:65:
6e:37:5d:38:5d:83:66:e5:12:d7:f2:b1:27:74:4a:
d1:aa:f7:ab:63:7a:ca:ad:fb:3d:df:62:1f:e5:57:
e2:43:32:0c:4b:83:0a:e4:ad:12:bb:54:01:63:70:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:44:A2:C0:1A:CE:8B:E7:7C:95:20:01:73:BF:85:C5:7E:4A:65:36
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OESiwBrOi-d8lSABc7-FxX5KZTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
aa:b2:c9:84:2d:24:3a:39:18:5c:86:3f:58:35:11:26:4d:e5:
3e:0d:04:eb:2e:1d:5e:00:41:43:a1:ea:b7:69:ae:8e:4a:16:
74:ae:55:58:41:7a:6d:a1:c5:90:44:14:97:85:c1:bb:ea:98:
2a:43:9c:ad:88:ba:9a:e2:77:3b:ba:95:c5:f6:5d:69:d4:22:
36:3c:3a:da:c5:c9:d3:5b:ec:5c:86:85:64:3b:0f:c9:9c:92:
35:cb:d5:d3:a8:f3:60:5e:fb:32:b8:20:22:a3:5c:50:8b:aa:
a1:e7:e6:2a:ce:ea:a0:fd:a3:98:70:15:30:de:bd:37:c9:da:
bb:40:52:39:60:1c:9c:b3:6a:b6:bc:17:4b:b1:00:ed:8b:f4:
ab:98:38:79:a5:68:6c:94:96:50:c6:35:1b:96:7f:f7:c3:c8:
15:86:94:f9:2c:9d:42:49:bf:09:e7:10:93:45:bc:87:19:ec:
16:5e:79:fe:86:ad:5f:67:59:c2:33:86:89:a2:94:36:6e:de:
43:ad:9b:6e:a4:7e:30:38:ed:a8:f1:87:e2:68:42:a6:45:f6:
23:c1:6c:fa:a0:32:8e:01:1e:be:b3:c5:d7:f1:2b:80:6a:35:
6b:72:d5:cd:03:4c:0d:0c:44:95:81:6c:a2:c9:7e:f4:42:03:
90:71:62:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnH8mL5IfGgN4Sy+amMYGbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA1MjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQ0YTJjMDFhY2U4YmU3N2M5NTIwMDE3M2JmODVjNTdlNGE2NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW67kzhHSsHHkwExYBgGVQ/UF+el
2GOO2NkFLQaC+lL52mM4eLtwBlMIL+ioYiZwn7GT4vgCgg1JgD09hi7cQBm91nUf
UCBN3LBu1ai+XqxW6k3mehn/mPX6J17qzmY4Bq7o9m9TdmYoLRkAqBdw5wjoh1Iu
e4QsdI/YIyz1pcNwlyTWAHM8glHqShRIs8lkF+tBRwOkmhdYIInd4qItVuOEp3Gj
NwGgjpwDTYr/KhlRVfWooRIGANE0ZcZH+M/ECpCIDlfe6tSo8W9cMlNXfGVuN104
XYNm5RLX8rEndErRqverY3rKrfs932If5VfiQzIMS4MK5K0Su1QBY3AKxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhEosAazovnfJUgAXO/hcV+SmU2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT0VTaXdCck9pLWQ4bFNBQmM3LUZ4WDVLWlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKqyyYQtJDo5GFyGP1g1
ESZN5T4NBOsuHV4AQUOh6rdpro5KFnSuVVhBem2hxZBEFJeFwbvqmCpDnK2Iupri
dzu6lcX2XWnUIjY8OtrFydNb7FyGhWQ7D8mckjXL1dOo82Be+zK4ICKjXFCLqqHn
5irO6qD9o5hwFTDevTfJ2rtAUjlgHJyzara8F0uxAO2L9KuYOHmlaGyUllDGNRuW
f/fDyBWGlPksnUJJvwnnEJNFvIcZ7BZeef6GrV9nWcIzhomilDZu3kOtm26kfjA4
7ajxh+JoQqZF9iPBbPqgMo4BHr6zxdfxK4BqNWty1c0DTA0MRJWBbKLJfvRCA5Bx
YjU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:23:30 2025 by rpki-client