Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O_HtYRMf9hbnTPq3g5L_e49LGV4.roa
File: O_HtYRMf9hbnTPq3g5L_e49LGV4.roa (raw, json)
Hash identifier: wfztz7IQ/BB8tdFOyPfJqnRqgtfcShEHzm+iKNl7oNc=
Subject key identifier: 3B:F1:ED:61:13:1F:F6:16:E7:4C:FA:B7:83:92:FF:7B:8F:4B:19:5E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01866135BEAD704D9433EE11D1AF696ACF41
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O_HtYRMf9hbnTPq3g5L_e49LGV4.roa
Signing time: Fri 17 Feb 2023 21:09:17 +0000
ROA not before: Fri 17 Feb 2023 21:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:61:35:be:ad:70:4d:94:33:ee:11:d1:af:69:6a:cf:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 21:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf1ed61131ff616e74cfab78392ff7b8f4b195e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f0:eb:96:65:88:13:4c:01:93:15:94:0c:51:
72:a1:cc:c2:86:29:fe:86:74:20:ef:ab:9a:74:99:
5d:26:f0:85:4f:29:c2:3c:0b:57:95:57:49:b2:c6:
63:17:72:01:fb:b0:6e:93:3c:d3:0b:cf:3c:da:3c:
96:fc:a4:8e:ca:0c:4b:59:e4:58:74:50:12:7f:eb:
9c:c9:d8:4f:18:d6:8a:57:99:79:f8:dc:fd:fb:a3:
ed:41:ed:50:fa:b4:46:5c:26:26:b9:7e:74:73:20:
84:4c:fb:1a:18:ba:a0:21:96:05:b3:e7:1d:78:d8:
25:6a:c7:cf:c5:77:fd:77:08:e0:40:2c:a5:d4:d6:
af:f6:65:71:f6:9a:44:fd:65:ca:a9:4a:19:32:6a:
9e:25:4c:ff:a2:95:9e:1c:96:4e:5e:16:68:1b:5b:
58:11:1b:65:48:82:89:23:c4:30:97:69:84:16:66:
99:98:87:d9:b4:30:e6:40:0c:65:b2:7b:ce:23:1c:
b4:e9:4e:de:53:f9:61:05:1a:e7:a3:2b:82:99:5a:
a1:08:71:0d:e5:36:dd:13:b6:88:87:4a:85:19:31:
43:26:8e:41:f3:9c:f6:2c:90:56:58:56:18:be:c2:
38:e0:f6:7f:1d:e8:e7:52:f7:a0:d9:b8:fc:da:2b:
16:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F1:ED:61:13:1F:F6:16:E7:4C:FA:B7:83:92:FF:7B:8F:4B:19:5E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O_HtYRMf9hbnTPq3g5L_e49LGV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:86:b8:eb:a2:bc:cb:90:97:54:ad:a6:d7:64:ab:be:86:b2:
59:aa:37:0a:71:07:cb:82:3e:86:1b:10:08:51:f0:bb:78:31:
7d:5d:57:d3:de:42:5b:de:cc:56:f8:2a:9d:5d:4a:23:30:c0:
ab:73:e5:1f:af:2d:cb:78:45:58:c8:79:df:35:31:6e:de:0e:
44:e1:f9:bf:55:81:cf:4a:88:3e:d9:94:31:f4:8f:12:0f:03:
ec:7b:3c:0a:22:10:ab:f0:25:e0:b9:2c:8c:7c:4f:32:74:08:
a1:db:5e:a9:63:0e:c0:87:aa:75:61:d8:24:ad:d1:21:df:88:
88:7c:bb:68:d5:57:26:a2:bf:10:d5:a1:cf:5c:48:45:bd:4f:
0d:6b:45:05:09:3a:ef:43:66:0c:58:31:9f:6a:3f:5a:b7:93:
c8:f3:57:d9:32:b6:88:b0:d6:a7:44:95:e6:71:d0:56:03:47:
09:a2:96:be:42:a7:5b:5b:a7:95:70:a5:4e:81:a1:b1:44:dc:
00:50:be:2a:b1:1f:66:59:aa:19:77:85:b3:a7:8f:27:51:1d:
ea:13:f7:33:f9:a0:0b:89:1a:01:d3:8b:ee:c5:8a:1b:08:75:
26:33:cc:12:65:9f:55:f0:02:23:34:2b:78:20:ce:58:cb:a1:
3d:8a:c0:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZhNb6tcE2UM+4R0a9pas9BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE3MjEwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmYxZWQ2MTEzMWZmNjE2ZTc0Y2ZhYjc4MzkyZmY3YjhmNGIxOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfDrlmWIE0wBkxWUDFFyoczChin+
hnQg76uadJldJvCFTynCPAtXlVdJssZjF3IB+7BukzzTC8882jyW/KSOygxLWeRY
dFASf+ucydhPGNaKV5l5+Nz9+6PtQe1Q+rRGXCYmuX50cyCETPsaGLqgIZYFs+cd
eNglasfPxXf9dwjgQCyl1Nav9mVx9ppE/WXKqUoZMmqeJUz/opWeHJZOXhZoG1tY
ERtlSIKJI8Qwl2mEFmaZmIfZtDDmQAxlsnvOIxy06U7eU/lhBRrnoyuCmVqhCHEN
5TbdE7aIh0qFGTFDJo5B85z2LJBWWFYYvsI44PZ/HejnUveg2bj82isWHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDvx7WETH/YW50z6t4OS/3uPSxleMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT19IdFlSTWY5aGJuVFBxM2c1TF9lNDlMR1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJOGuOuivMuQl1Stptdk
q76GslmqNwpxB8uCPoYbEAhR8Lt4MX1dV9PeQlvezFb4Kp1dSiMwwKtz5R+vLct4
RVjIed81MW7eDkTh+b9Vgc9KiD7ZlDH0jxIPA+x7PAoiEKvwJeC5LIx8TzJ0CKHb
XqljDsCHqnVh2CSt0SHfiIh8u2jVVyaivxDVoc9cSEW9Tw1rRQUJOu9DZgxYMZ9q
P1q3k8jzV9kytoiw1qdEleZx0FYDRwmilr5Cp1tbp5VwpU6BobFE3ABQviqxH2ZZ
qhl3hbOnjydRHeoT9zP5oAuJGgHTi+7FihsIdSYzzBJln1XwAiM0K3ggzljLoT2K
wJk=
-----END CERTIFICATE-----
Generated at Thu May 1 07:42:42 2025 by rpki-client