Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Oi8o3b6aasQxrwss6-tsEFIS5VE.roa
File: Oi8o3b6aasQxrwss6-tsEFIS5VE.roa (raw, json)
Hash identifier: MOha1Z+cZpWzQZyYbC8nJw0paBrpNhhmNbyl7jtvYY8=
Subject key identifier: 3A:2F:28:DD:BE:9A:6A:C4:31:AF:0B:2C:EB:EB:6C:10:52:12:E5:51
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186966940B46116050EC56ABE0AB539F910
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Oi8o3b6aasQxrwss6-tsEFIS5VE.roa
Signing time: Tue 28 Feb 2023 05:05:25 +0000
ROA not before: Tue 28 Feb 2023 05:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9668:8278/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:96:69:40:b4:61:16:05:0e:c5:6a:be:0a:b5:39:f9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 05:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a2f28ddbe9a6ac431af0b2cebeb6c105212e551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a5:c8:6c:c9:cd:03:23:a2:84:a4:ff:42:c4:
19:22:3c:0a:36:b7:4e:44:74:ee:f6:71:4b:db:87:
3f:56:6a:29:b0:6d:10:a2:1c:01:f1:32:a8:da:49:
73:8d:a6:9b:92:64:5a:28:2c:01:01:af:5a:e8:53:
57:65:80:39:e4:be:ee:23:47:8c:2c:81:92:92:07:
05:a7:54:7a:29:40:5b:b6:dd:f4:2a:3a:48:7b:76:
94:3a:54:70:60:0e:17:04:48:16:53:f3:91:5d:2f:
cd:bb:09:a8:16:d2:64:c2:80:63:a4:ed:fc:52:69:
a4:6b:4e:46:4d:b6:1f:27:34:70:97:28:78:44:1e:
c6:d9:48:c9:f1:66:6f:c3:ae:ce:b7:ce:63:da:f7:
a2:ce:38:40:a2:f0:3c:64:0a:5f:46:4d:67:e4:bd:
b9:c0:84:03:5b:12:52:d6:a7:9b:07:ca:69:18:6f:
ee:3b:e5:e2:9e:8d:e6:af:ae:72:d2:a5:34:38:e8:
c0:f2:47:03:32:c9:c3:33:f5:5f:46:5a:6e:9e:58:
30:e3:fe:0b:d0:c7:f8:23:42:c4:f8:2c:42:9e:89:
d8:2e:99:a1:d6:35:c8:c8:88:50:0d:11:08:e5:a1:
7c:c3:3a:b7:96:90:f3:fd:c5:2c:e4:b4:e1:d8:36:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2F:28:DD:BE:9A:6A:C4:31:AF:0B:2C:EB:EB:6C:10:52:12:E5:51
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Oi8o3b6aasQxrwss6-tsEFIS5VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:c8:5e:28:20:bb:19:93:dc:65:af:97:fc:34:92:17:20:76:
0f:f2:0e:87:34:39:c6:f9:6f:b2:05:a4:e0:bf:d4:1d:d3:2a:
b4:23:ca:a6:a1:52:2c:73:ca:27:28:60:a8:34:e3:3b:f0:6c:
b8:49:ce:12:9c:79:6c:a6:e3:1f:91:ca:8e:f2:2d:8b:66:1f:
c3:6a:56:b0:e9:54:2d:fb:2b:cb:20:f8:48:47:d4:f5:b2:92:
07:f4:1d:96:1f:47:a2:fa:a1:76:1a:19:56:5f:11:0b:3c:ec:
8b:f7:a9:39:31:61:9e:7b:24:60:26:91:b7:fa:53:ed:e9:24:
30:e5:ed:44:bd:2d:9e:0d:d7:a6:19:a8:63:dd:1c:e7:d8:b2:
f3:7c:3e:c3:fe:29:e5:3f:ba:32:7a:ce:c2:b7:db:4b:31:3f:
67:da:01:ca:53:13:50:d4:83:98:26:8c:63:1d:a4:cf:bb:fd:
0d:7c:d2:98:c8:53:5f:bb:87:05:33:b2:0a:95:97:d4:5a:3a:
06:29:46:ba:06:ef:1f:fa:35:6b:cd:70:6c:02:4e:d8:46:3a:
4c:54:8f:0c:00:1c:31:cf:57:e7:f5:f6:af:4e:f4:cd:b2:8e:
b3:59:99:a8:e4:a1:69:aa:5c:6b:50:27:1f:60:8a:06:f1:1d:
b7:2f:ca:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaWaUC0YRYFDsVqvgq1OfkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MDUwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJmMjhkZGJlOWE2YWM0MzFhZjBiMmNlYmViNmMxMDUyMTJlNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6XIbMnNAyOihKT/QsQZIjwKNrdO
RHTu9nFL24c/VmopsG0QohwB8TKo2klzjaabkmRaKCwBAa9a6FNXZYA55L7uI0eM
LIGSkgcFp1R6KUBbtt30KjpIe3aUOlRwYA4XBEgWU/ORXS/NuwmoFtJkwoBjpO38
Ummka05GTbYfJzRwlyh4RB7G2UjJ8WZvw67Ot85j2veizjhAovA8ZApfRk1n5L25
wIQDWxJS1qebB8ppGG/uO+Xino3mr65y0qU0OOjA8kcDMsnDM/VfRlpunlgw4/4L
0Mf4I0LE+CxCnonYLpmh1jXIyIhQDREI5aF8wzq3lpDz/cUs5LTh2DaCmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDovKN2+mmrEMa8LLOvrbBBSEuVRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT2k4bzNiNmFhc1F4cndzczYtdHNFRklTNVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGHIXigguxmT3GWvl/w0
khcgdg/yDoc0Ocb5b7IFpOC/1B3TKrQjyqahUixzyicoYKg04zvwbLhJzhKceWym
4x+Ryo7yLYtmH8NqVrDpVC37K8sg+EhH1PWykgf0HZYfR6L6oXYaGVZfEQs87Iv3
qTkxYZ57JGAmkbf6U+3pJDDl7US9LZ4N16YZqGPdHOfYsvN8PsP+KeU/ujJ6zsK3
20sxP2faAcpTE1DUg5gmjGMdpM+7/Q180pjIU1+7hwUzsgqVl9RaOgYpRroG7x/6
NWvNcGwCTthGOkxUjwwAHDHPV+f19q9O9M2yjrNZmajkoWmqXGtQJx9gigbxHbcv
yu8=
-----END CERTIFICATE-----
Generated at Thu May 1 00:43:24 2025 by rpki-client