Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ONem6H36J045sYeZRmEhO3xm66w.roa
File: ONem6H36J045sYeZRmEhO3xm66w.roa (raw, json)
Hash identifier: NjF7+aeHtax0KI/5hk/g4Y/sJqWXxGtl0ldPs4LdMOs=
Subject key identifier: 38:D7:A6:E8:7D:FA:27:4E:39:B1:87:99:46:61:21:3B:7C:66:EB:AC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01862E93963C2F61F04D91C8675CFF28283A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ONem6H36J045sYeZRmEhO3xm66w.roa
Signing time: Wed 08 Feb 2023 01:11:09 +0000
ROA not before: Wed 08 Feb 2023 01:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2e:93:96:3c:2f:61:f0:4d:91:c8:67:5c:ff:28:28:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 8 01:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38d7a6e87dfa274e39b187994661213b7c66ebac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:62:2a:45:5e:45:51:57:e5:70:c8:1f:7a:
99:f7:46:33:22:48:5b:82:bf:6f:b6:a4:d7:2b:8d:
73:93:66:d1:8a:ab:1c:4b:b9:f4:1b:9a:6e:3c:a8:
5c:7a:9c:fb:dd:67:19:43:a8:a1:80:d9:56:9d:9d:
c6:7a:66:fd:40:f2:0e:22:8f:04:0b:81:ad:0d:ec:
02:d2:6b:29:09:ec:04:e8:1c:e8:4c:1d:6e:85:4a:
46:6b:27:c7:23:cb:5a:f4:7b:68:ee:ab:f6:58:be:
4e:a2:f4:3e:fa:b9:c8:bf:3d:3c:44:f7:0b:d4:2c:
dc:42:a2:f6:db:0f:a9:9f:a9:18:3a:6c:08:f3:e2:
9b:39:a0:2b:e7:d7:9f:d0:9f:5e:62:4b:b0:43:20:
09:95:17:25:b4:23:81:47:d6:e5:cc:93:6e:71:f6:
54:54:84:16:ba:dc:ee:e9:49:de:4d:01:be:28:52:
24:07:75:cb:2e:d6:1e:8c:80:20:2e:fa:56:36:af:
83:49:0e:2e:86:97:65:36:ae:a1:0e:7c:66:99:55:
7a:86:50:68:7b:21:e1:98:1e:2f:e3:71:f6:83:3b:
1b:27:a1:5b:59:7e:5e:95:18:0d:62:a8:6b:61:1b:
d1:fc:71:fd:43:97:06:2f:5b:8b:55:4e:8e:3b:60:
97:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D7:A6:E8:7D:FA:27:4E:39:B1:87:99:46:61:21:3B:7C:66:EB:AC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ONem6H36J045sYeZRmEhO3xm66w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:49:65:d0:e1:a7:d1:73:77:db:cc:18:fd:67:47:89:65:a4:
a4:8a:f4:f3:66:51:9f:1d:db:b1:68:79:a1:df:f0:cb:f9:aa:
e1:fe:bc:81:47:50:97:7b:10:d5:3c:fb:a2:bc:e4:aa:08:71:
88:c5:e8:e9:15:ba:0f:88:bf:c9:c3:cc:fa:08:ba:d3:52:b9:
bf:fd:fd:b4:ec:2d:99:b8:1b:00:1a:98:b9:fe:b9:b8:52:fb:
b9:e5:f5:d6:c9:45:d2:f3:84:bc:10:55:52:ee:9a:a0:38:c2:
8e:5f:15:59:ef:a0:99:59:2d:2c:6d:4a:96:9f:9a:3d:0b:46:
55:c1:35:a5:e8:0e:e7:24:64:79:13:f8:89:30:bd:ff:1e:d7:
6d:43:29:e8:fc:38:27:58:ae:88:ad:91:dc:46:98:9d:4a:a6:
ed:4b:55:3d:92:31:90:72:af:d9:ed:33:2a:e4:52:1b:9c:ae:
e5:b5:3d:0e:1b:92:72:63:a3:89:f0:bf:16:e7:32:65:2b:3f:
47:8b:12:0b:d7:52:50:05:0e:e8:30:1a:b0:71:f6:83:8e:92:
f2:ae:ae:64:f7:c1:6e:87:1b:e5:72:47:86:b5:c6:06:71:c0:
9c:2b:03:6a:da:51:ff:2c:b8:a8:7d:09:d4:36:ec:30:cb:f8:
83:be:77:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYuk5Y8L2HwTZHIZ1z/KCg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA4MDExMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ3YTZlODdkZmEyNzRlMzliMTg3OTk0NjYxMjEzYjdjNjZlYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle5iKkVeRVFX5XDIH3qZ90YzIkhb
gr9vtqTXK41zk2bRiqscS7n0G5puPKhcepz73WcZQ6ihgNlWnZ3Gemb9QPIOIo8E
C4GtDewC0mspCewE6BzoTB1uhUpGayfHI8ta9Hto7qv2WL5OovQ++rnIvz08RPcL
1CzcQqL22w+pn6kYOmwI8+KbOaAr59ef0J9eYkuwQyAJlRcltCOBR9blzJNucfZU
VIQWutzu6UneTQG+KFIkB3XLLtYejIAgLvpWNq+DSQ4uhpdlNq6hDnxmmVV6hlBo
eyHhmB4v43H2gzsbJ6FbWX5elRgNYqhrYRvR/HH9Q5cGL1uLVU6OO2CX/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDjXpuh9+idOObGHmUZhITt8ZuusMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT05lbTZIMzZKMDQ1c1llWlJtRWhPM3htNjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFNJZdDhp9Fzd9vMGP1n
R4llpKSK9PNmUZ8d27FoeaHf8Mv5quH+vIFHUJd7ENU8+6K85KoIcYjF6OkVug+I
v8nDzPoIutNSub/9/bTsLZm4GwAamLn+ubhS+7nl9dbJRdLzhLwQVVLumqA4wo5f
FVnvoJlZLSxtSpafmj0LRlXBNaXoDuckZHkT+Ikwvf8e121DKej8OCdYroitkdxG
mJ1Kpu1LVT2SMZByr9ntMyrkUhucruW1PQ4bknJjo4nwvxbnMmUrP0eLEgvXUlAF
DugwGrBx9oOOkvKurmT3wW6HG+VyR4a1xgZxwJwrA2raUf8suKh9CdQ27DDL+IO+
d9o=
-----END CERTIFICATE-----
Generated at Sat May 3 22:41:19 2025 by rpki-client