Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OhOkFbnz5R0akL_qro05TImD3zQ.roa
File: OhOkFbnz5R0akL_qro05TImD3zQ.roa (raw, json)
Hash identifier: lTLnmq6HDIH6RwJKFq5mxfw5RiT4UrfV7om+TqHQ++A=
Subject key identifier: 3A:13:A4:15:B9:F3:E5:1D:1A:90:BF:EA:AE:8D:39:4C:89:83:DF:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6E909149
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OhOkFbnz5R0akL_qro05TImD3zQ.roa
Signing time: Mon 28 Feb 2022 21:07:45 +0000
ROA not before: Mon 28 Feb 2022 21:07:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1854968137 (0x6e909149)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 21:07:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a13a415b9f3e51d1a90bfeaae8d394c8983df34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:f1:f4:33:37:06:fe:e3:d0:7b:bb:01:46:
05:c3:da:4b:4c:c0:b0:5d:f1:f7:4d:3b:5e:1a:b2:
f3:37:8d:91:06:1e:c1:5b:7c:c8:99:a1:03:ae:0a:
55:72:c3:4a:95:15:06:eb:3a:2b:2f:81:81:75:fb:
cc:77:d4:7b:64:1c:9b:75:1e:5d:00:f8:70:73:17:
8b:de:e4:14:37:2d:d6:a4:b2:23:42:7f:97:93:f8:
19:dd:a5:76:fb:81:b2:e7:ec:60:e7:02:d6:cb:94:
bb:d1:ad:ab:20:37:ca:8a:af:f0:2c:74:46:93:4d:
0c:9e:82:29:6c:84:a9:2d:86:f1:82:6c:79:8e:98:
ea:16:04:5f:3c:f2:0f:2c:f6:98:fa:89:b8:00:ca:
b1:54:d3:40:4c:5c:67:07:c2:2d:8c:55:aa:66:51:
00:7b:79:44:90:a1:4d:55:d9:68:8a:29:71:34:8e:
c4:cf:01:b8:9d:24:b5:53:b8:c4:b2:b6:68:c8:50:
51:ed:6c:26:6d:79:40:7c:98:04:54:2e:21:b0:87:
81:0b:f6:2a:f1:e3:dc:f8:48:fb:c4:9f:08:ae:9e:
cd:ae:34:bb:4b:ae:34:37:7e:26:6b:06:a3:76:3d:
c9:d7:98:df:52:13:b9:db:a6:21:bb:92:a5:f3:6e:
ad:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:13:A4:15:B9:F3:E5:1D:1A:90:BF:EA:AE:8D:39:4C:89:83:DF:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OhOkFbnz5R0akL_qro05TImD3zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:81:7e:0f:18:95:1c:58:e8:c4:6c:13:2d:f5:cf:35:a2:29:
c4:17:df:d5:06:40:fd:b0:25:34:31:c0:b1:04:07:ac:53:7d:
c3:2a:8d:95:4b:35:f5:b2:88:03:4b:76:e2:bf:e9:8c:15:65:
11:eb:6b:8b:e6:93:ef:42:95:c7:26:28:66:2a:92:ed:61:17:
a9:a2:61:c5:04:0b:39:5f:07:78:b7:7a:28:4a:3c:6c:cd:f4:
d6:6f:e2:6c:73:6d:ea:eb:a7:04:9b:f6:3b:9b:44:1f:56:a5:
26:30:2c:ac:bd:04:13:c9:aa:30:c7:dd:cf:bd:cd:78:34:a1:
32:42:9a:02:d2:59:30:b5:c2:70:2d:11:96:02:c5:1e:5e:fc:
da:f6:cd:de:1c:b4:ae:c0:61:1e:35:5d:04:05:85:07:91:aa:
25:a6:90:c1:da:d7:f0:45:a1:31:0a:e4:26:11:11:a9:52:f0:
b4:ed:e3:a8:e6:19:a2:88:04:28:40:b8:5a:fe:c2:5d:cd:be:
1a:1b:4a:4d:df:de:76:0f:12:d9:f0:f7:73:06:8b:13:ed:83:
1d:a2:a4:91:ec:63:0f:78:f9:a9:76:53:f3:01:d7:6c:8c:db:
82:51:32:65:ca:d0:64:3c:fe:4a:a3:33:78:0b:20:83:66:85:
c9:d7:88:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbpCRSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIy
ODIxMDc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ExM2E0MTViOWYz
ZTUxZDFhOTBiZmVhYWU4ZDM5NGM4OTgzZGYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpF8fQzNwb+49B7uwFGBcPaS0zAsF3x9007Xhqy8zeNkQYe
wVt8yJmhA64KVXLDSpUVBus6Ky+BgXX7zHfUe2Qcm3UeXQD4cHMXi97kFDct1qSy
I0J/l5P4Gd2ldvuBsufsYOcC1suUu9GtqyA3yoqv8Cx0RpNNDJ6CKWyEqS2G8YJs
eY6Y6hYEXzzyDyz2mPqJuADKsVTTQExcZwfCLYxVqmZRAHt5RJChTVXZaIopcTSO
xM8BuJ0ktVO4xLK2aMhQUe1sJm15QHyYBFQuIbCHgQv2KvHj3PhI+8SfCK6eza40
u0uuNDd+JmsGo3Y9ydeY31ITudumIbuSpfNurXUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ6E6QVufPlHRqQv+qujTlMiYPfNDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L09oT2tGYm56NVIwYWtMX3FybzA1VEltRDN6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQA2gX4PGJUcWOjEbBMt9c81oinEF9/VBkD9sCU0
McCxBAesU33DKo2VSzX1sogDS3biv+mMFWUR62uL5pPvQpXHJihmKpLtYRepomHF
BAs5Xwd4t3ooSjxszfTWb+Jsc23q66cEm/Y7m0QfVqUmMCysvQQTyaowx93Pvc14
NKEyQpoC0lkwtcJwLRGWAsUeXvza9s3eHLSuwGEeNV0EBYUHkaolppDB2tfwRaEx
CuQmERGpUvC07eOo5hmiiAQoQLha/sJdzb4aG0pN3952DxLZ8PdzBosT7YMdoqSR
7GMPePmpdlPzAddsjNuCUTJlytBkPP5KozN4CyCDZoXJ14ie
-----END CERTIFICATE-----
Generated at Sat May 3 00:02:33 2025 by rpki-client