Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OIFPBLfStJdicY6syyFdkwKBMxU.roa
File: OIFPBLfStJdicY6syyFdkwKBMxU.roa (raw, json)
Hash identifier: O8V4iECriqwTOac6tw4MiBOPKcoO6ZR7vwVP3SUVElo=
Subject key identifier: 38:81:4F:04:B7:D2:B4:97:62:71:8E:AC:CB:21:5D:93:02:81:33:15
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6DF55DD5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OIFPBLfStJdicY6syyFdkwKBMxU.roa
Signing time: Sat 26 Feb 2022 20:08:41 +0000
ROA not before: Sat 26 Feb 2022 20:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1844796885 (0x6df55dd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 20:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38814f04b7d2b49762718eaccb215d9302813315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:84:a7:3a:78:a6:38:6f:f7:1f:c7:5c:1e:bd:
c8:ff:59:8a:46:97:ec:76:23:60:0a:ef:6d:b0:f9:
27:6e:07:02:18:c2:50:0a:6a:25:ad:5b:97:66:eb:
79:dc:11:66:5c:cc:15:fb:fe:88:33:be:26:ec:b2:
a3:df:66:14:c0:3f:aa:ae:50:90:fb:20:f3:5a:e7:
cf:09:0d:36:c4:72:b4:de:cd:0b:b7:d9:94:38:02:
25:cb:5e:3a:d2:2e:90:d6:ec:ea:94:8f:14:85:cb:
2a:e0:d5:7a:b8:e1:9b:1a:8e:c0:96:da:8a:f3:a6:
ea:3c:81:a1:5d:3a:bf:35:76:1b:77:09:14:1a:8e:
81:c9:46:a6:b1:25:e6:6c:1d:8f:5f:ae:61:5a:35:
a2:4b:28:8d:00:76:9b:51:48:cd:73:99:b8:c9:31:
53:97:54:55:d3:5a:b4:e5:e8:e5:f0:c5:a6:78:31:
e4:a0:bd:3a:72:3b:f4:84:eb:1b:0b:65:d4:a7:77:
1b:9e:f3:b3:eb:ee:de:d4:56:36:6e:56:63:0a:a2:
51:ae:6f:54:6f:d0:73:80:29:59:b5:90:a4:60:99:
a5:bf:41:75:02:6e:7d:1e:e5:34:aa:7c:db:f7:6b:
c8:31:db:80:1a:af:af:90:d6:c8:c7:09:26:e7:8e:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:81:4F:04:B7:D2:B4:97:62:71:8E:AC:CB:21:5D:93:02:81:33:15
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OIFPBLfStJdicY6syyFdkwKBMxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:71:15:94:6f:3f:e1:71:22:2d:25:89:c1:c6:0e:4d:08:31:
f5:33:02:9a:9f:fe:4c:ef:58:2e:d8:0c:0b:c7:27:7f:4c:a1:
7e:5c:ba:c2:1a:51:57:6f:0e:92:1a:de:47:0b:ae:e4:c9:46:
f8:81:52:13:f0:a1:53:1f:a7:0e:64:d0:95:df:53:f9:21:0b:
3f:a1:de:a7:49:b9:ac:23:c3:51:1e:8c:ba:ef:c0:92:f8:ea:
b4:c8:73:93:a9:1f:f3:d3:2d:6c:d9:98:4f:8f:4e:d4:66:6a:
7b:bf:0d:5a:84:ce:91:ec:74:0a:f4:59:80:79:b5:fa:29:fa:
1d:01:a3:7b:cb:52:b5:2e:56:ae:6a:ed:a9:b9:4a:37:fd:da:
33:c4:29:78:0d:91:15:31:55:f1:4a:d0:40:70:df:4a:07:2e:
58:cd:c9:66:7d:32:0e:ce:54:20:61:4a:27:7c:fa:c3:a5:d6:
06:c4:cb:eb:5d:0e:54:29:44:3d:18:69:4a:b8:28:7d:01:a1:
ec:8b:67:9e:ce:b7:b3:43:26:fd:3d:04:22:a8:31:26:a4:62:
b8:a7:cc:af:a5:6c:c9:50:47:7f:25:97:7f:e6:24:7f:f9:1c:
6c:4a:7b:27:e0:ad:7c:a4:64:c8:c9:7e:9f:58:18:43:92:e1:
cb:08:11:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbfVd1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIy
NjIwMDg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg4MTRmMDRiN2Qy
YjQ5NzYyNzE4ZWFjY2IyMTVkOTMwMjgxMzMxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKEpzp4pjhv9x/HXB69yP9ZikaX7HYjYArvbbD5J24HAhjC
UApqJa1bl2bredwRZlzMFfv+iDO+Juyyo99mFMA/qq5QkPsg81rnzwkNNsRytN7N
C7fZlDgCJcteOtIukNbs6pSPFIXLKuDVerjhmxqOwJbaivOm6jyBoV06vzV2G3cJ
FBqOgclGprEl5mwdj1+uYVo1oksojQB2m1FIzXOZuMkxU5dUVdNatOXo5fDFpngx
5KC9OnI79ITrGwtl1Kd3G57zs+vu3tRWNm5WYwqiUa5vVG/Qc4ApWbWQpGCZpb9B
dQJufR7lNKp82/dryDHbgBqvr5DWyMcJJueO/dsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ4gU8Et9K0l2JxjqzLIV2TAoEzFTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L09JRlBCTGZTdEpkaWNZNnN5eUZka3dLQk14VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCJcRWUbz/hcSItJYnBxg5NCDH1MwKan/5M71gu
2AwLxyd/TKF+XLrCGlFXbw6SGt5HC67kyUb4gVIT8KFTH6cOZNCV31P5IQs/od6n
SbmsI8NRHoy678CS+Oq0yHOTqR/z0y1s2ZhPj07UZmp7vw1ahM6R7HQK9FmAebX6
KfodAaN7y1K1Llauau2puUo3/dozxCl4DZEVMVXxStBAcN9KBy5YzclmfTIOzlQg
YUonfPrDpdYGxMvrXQ5UKUQ9GGlKuCh9AaHsi2eezrezQyb9PQQiqDEmpGK4p8yv
pWzJUEd/JZd/5iR/+RxsSnsn4K18pGTIyX6fWBhDkuHLCBEI
-----END CERTIFICATE-----
Generated at Thu May 1 17:40:08 2025 by rpki-client