Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OKm-Y_3fcFQjr9zTx_d39yWWqOI.roa
File: OKm-Y_3fcFQjr9zTx_d39yWWqOI.roa (raw, json)
Hash identifier: 0wK/ykFw+w8/qS9tqym3YyHPxt+SX3EggQGTszMNhak=
Subject key identifier: 38:A9:BE:63:FD:DF:70:54:23:AF:DC:D3:C7:F7:77:F7:25:96:A8:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 854BEA48
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OKm-Y_3fcFQjr9zTx_d39yWWqOI.roa
Signing time: Wed 18 May 2022 23:11:17 +0000
ROA not before: Wed 18 May 2022 23:11:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2236344904 (0x854bea48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 18 23:11:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38a9be63fddf705423afdcd3c7f777f72596a8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:93:6a:13:76:6c:77:01:dd:28:7b:88:b1:f8:
fc:bd:e6:2a:50:5c:40:1d:4c:94:7b:fa:2d:e5:8a:
f2:f4:a2:30:56:23:a7:17:03:7a:b4:c6:2a:8b:ff:
fc:81:31:4f:16:c8:af:eb:83:17:5b:92:d6:7b:94:
0b:d8:db:71:15:0c:57:60:15:6c:a2:c0:c2:b9:72:
9f:d5:a2:de:21:77:6c:1b:70:2b:97:18:02:77:b5:
28:9a:b7:fa:07:a9:0f:74:67:e3:31:05:8e:23:b8:
ef:1c:58:df:65:61:8b:e3:6a:16:fc:6e:a3:07:7f:
af:39:eb:f4:32:a4:39:d6:f7:87:38:b9:3c:d2:1e:
c3:b2:51:76:3f:33:8c:7c:d0:ac:62:6a:84:e7:ae:
bc:88:98:aa:4e:e7:55:07:03:2e:bf:68:36:8c:35:
85:66:21:33:23:d0:a0:ad:e0:46:b6:b6:1b:67:31:
1a:49:93:1e:91:a2:82:88:1e:6d:4f:6f:9d:00:ad:
6a:4a:64:2f:06:75:f0:07:a2:14:39:5a:e6:17:6f:
ea:21:55:9e:89:2f:aa:6d:45:f5:f0:76:c5:0a:c5:
b1:34:fe:b5:74:87:ac:8d:9d:18:fd:18:24:09:72:
19:6a:a8:0a:57:10:5c:01:3a:ee:98:2f:47:1f:cd:
99:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A9:BE:63:FD:DF:70:54:23:AF:DC:D3:C7:F7:77:F7:25:96:A8:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OKm-Y_3fcFQjr9zTx_d39yWWqOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:bf:33:ae:6a:18:49:1b:b1:5f:f3:6e:d4:4a:5c:33:f0:f5:
46:25:83:82:fe:0a:2f:cd:b3:1f:f0:ee:07:67:65:05:10:dd:
81:29:16:28:1f:bd:e4:58:e0:0e:4c:1b:e1:e9:6f:8c:ca:19:
72:95:7d:62:0e:3a:82:ff:42:92:f4:17:2e:00:bd:8a:1b:63:
98:f2:41:40:0e:57:1e:d3:c2:25:01:d0:ea:2a:1e:d8:be:b0:
8b:dd:80:ba:58:82:60:2d:de:4b:90:fb:b0:75:9c:24:ac:4b:
8c:56:fc:0e:a2:9f:53:aa:c9:a9:bf:77:9a:9b:0d:e7:b8:b0:
08:2e:40:e9:49:f5:08:24:ef:96:0a:e6:86:d2:83:16:8c:17:
4a:4e:aa:50:61:6d:d1:61:2d:69:22:ae:42:71:96:cf:33:f1:
86:27:4b:3d:06:6c:f8:14:61:0b:62:5c:4d:8d:92:df:40:73:
97:17:26:e3:47:88:de:85:12:c3:cf:21:c5:ed:68:99:28:a5:
68:1a:87:f3:00:ac:86:21:8c:31:12:63:df:d8:a3:0c:4a:0c:
72:e0:e5:1f:db:70:6b:53:d0:94:8d:47:8f:a5:40:f5:1a:56:
c6:3d:50:5b:b6:63:bf:2c:8a:7b:87:85:43:23:91:fc:f9:b4:
1e:c6:49:d7
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIVL6kgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MTgyMzExMTdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM4YTliZTYzZmRk
ZjcwNTQyM2FmZGNkM2M3Zjc3N2Y3MjU5NmE4ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDnk2oTdmx3Ad0oe4ix+Py95ipQXEAdTJR7+i3livL0ojBW
I6cXA3q0xiqL//yBMU8WyK/rgxdbktZ7lAvY23EVDFdgFWyiwMK5cp/Vot4hd2wb
cCuXGAJ3tSiat/oHqQ90Z+MxBY4juO8cWN9lYYvjahb8bqMHf6856/QypDnW94c4
uTzSHsOyUXY/M4x80KxiaoTnrryImKpO51UHAy6/aDaMNYVmITMj0KCt4Ea2thtn
MRpJkx6RooKIHm1Pb50ArWpKZC8GdfAHohQ5WuYXb+ohVZ6JL6ptRfXwdsUKxbE0
/rV0h6yNnRj9GCQJchlqqApXEFwBOu6YL0cfzZk7AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUOKm+Y/3fcFQjr9zTx/d39yWWqOIwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9PS20tWV8zZmNGUWpyOXpUeF9kMzl5V1dxT0kucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAV78zrmoYSRuxX/Nu1EpcM/D1RiWDgv4KL82z
H/DuB2dlBRDdgSkWKB+95FjgDkwb4elvjMoZcpV9Yg46gv9CkvQXLgC9ihtjmPJB
QA5XHtPCJQHQ6ioe2L6wi92AuliCYC3eS5D7sHWcJKxLjFb8DqKfU6rJqb93mpsN
57iwCC5A6Un1CCTvlgrmhtKDFowXSk6qUGFt0WEtaSKuQnGWzzPxhidLPQZs+BRh
C2JcTY2S30Bzlxcm40eI3oUSw88hxe1omSilaBqH8wCshiGMMRJj39ijDEoMcuDl
H9twa1PQlI1Hj6VA9RpWxj1QW7ZjvyyKe4eFQyOR/Pm0HsZJ1w==
-----END CERTIFICATE-----
Generated at Thu May 1 17:18:44 2025 by rpki-client