Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OiJbqxXwH97MTmm7joFxCU82IrE.roa
File: OiJbqxXwH97MTmm7joFxCU82IrE.roa (raw, json)
Hash identifier: gEYKmdgtEKaV5vehOWrMJip/LyBKq41qg9FVh2rq8ms=
Subject key identifier: 3A:22:5B:AB:15:F0:1F:DE:CC:4E:69:BB:8E:81:71:09:4F:36:22:B1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01899AB47DBCE04A150FFD9C0A949C58E41E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OiJbqxXwH97MTmm7joFxCU82IrE.roa
Signing time: Fri 28 Jul 2023 04:14:27 +0000
ROA not before: Fri 28 Jul 2023 04:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9a:b4:7d:bc:e0:4a:15:0f:fd:9c:0a:94:9c:58:e4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 28 04:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a225bab15f01fdecc4e69bb8e8171094f3622b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:53:0d:7f:82:54:5e:b2:1a:f8:2d:98:7c:70:
cc:2c:bb:c7:5e:39:59:48:bc:13:67:0d:a7:48:0a:
38:74:75:8c:0c:c4:fa:d3:44:3c:38:e1:3f:a6:31:
ea:68:d8:59:c4:2a:e2:5f:20:29:0b:6e:12:b7:d2:
a4:3a:54:c4:d5:dd:40:16:39:3d:04:52:d3:03:90:
8a:de:84:9a:95:cc:34:79:74:06:5d:f4:81:b5:c9:
bc:65:0d:4c:56:0c:bd:ac:17:35:f8:8f:aa:31:72:
c2:2a:01:cc:9e:53:56:4f:81:e8:5b:a9:33:00:94:
12:fd:c0:04:e5:45:67:ce:6f:10:eb:dd:d9:f4:8e:
17:97:70:f8:82:55:12:16:30:b3:89:5e:a0:f6:34:
4a:94:94:0c:9d:e3:0c:59:cb:20:b2:1e:6a:eb:d0:
43:0f:cc:b8:1f:84:3f:a8:c6:23:90:b8:65:d9:9c:
09:e8:45:bc:b1:0c:55:8d:f1:eb:73:92:fb:fa:e0:
90:5d:0c:d3:73:dc:07:e6:5b:aa:93:fa:55:51:26:
7a:a3:2c:89:d5:1e:95:8b:a8:bc:e2:3b:90:2c:d7:
ad:ef:42:ff:6d:d2:53:51:58:27:b7:69:e4:f6:04:
a0:bb:ff:dd:69:a1:0a:b4:cb:c9:55:c9:3f:81:33:
2d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:22:5B:AB:15:F0:1F:DE:CC:4E:69:BB:8E:81:71:09:4F:36:22:B1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OiJbqxXwH97MTmm7joFxCU82IrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:5b:5b:d3:0b:e8:86:11:d4:61:16:c1:05:88:4f:ec:af:8a:
35:8f:e0:5c:ad:6f:0a:9e:66:93:a0:e7:8a:8a:5e:bd:1d:f5:
8c:9a:13:d1:a6:4b:1c:aa:0b:df:3f:e7:c0:e6:a2:60:36:67:
bd:54:bf:2b:e6:b2:10:50:b6:95:c4:4b:cd:3b:68:10:6c:f9:
9a:51:b3:1a:fc:db:fc:e4:ba:2d:66:72:da:84:94:1c:98:7e:
38:cc:9a:a9:73:8b:02:da:45:56:a6:94:6d:29:0a:f6:4b:ef:
3e:e4:b1:51:4c:e8:c1:9e:96:c1:f2:36:7c:87:18:5b:1b:80:
eb:95:a9:9c:4c:63:4f:9a:f9:d0:8e:b8:da:48:55:d4:f3:72:
a1:07:dd:80:a9:d7:aa:20:9d:89:5f:c4:8a:c2:5e:a5:3c:aa:
da:e7:4f:4c:cd:e4:e7:dd:2c:2a:12:ba:66:c6:bc:c5:ca:87:
d7:70:3b:2d:0e:42:a4:66:cc:a0:ce:94:30:2b:2e:38:5c:39:
a6:f7:41:2c:04:f9:00:fe:80:07:cc:d8:42:44:4c:7e:ee:bc:
08:2c:c9:d2:65:c1:91:4f:f2:3d:5d:fb:f8:88:cf:2a:fb:1b:
b9:51:09:ad:1d:59:fb:9a:88:c7:75:41:9a:8b:9e:03:15:94:
9a:ed:76:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmatH284EoVD/2cCpScWOQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI4MDQxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTIyNWJhYjE1ZjAxZmRlY2M0ZTY5YmI4ZTgxNzEwOTRmMzYyMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFMNf4JUXrIa+C2YfHDMLLvHXjlZ
SLwTZw2nSAo4dHWMDMT600Q8OOE/pjHqaNhZxCriXyApC24St9KkOlTE1d1AFjk9
BFLTA5CK3oSalcw0eXQGXfSBtcm8ZQ1MVgy9rBc1+I+qMXLCKgHMnlNWT4HoW6kz
AJQS/cAE5UVnzm8Q693Z9I4Xl3D4glUSFjCziV6g9jRKlJQMneMMWcsgsh5q69BD
D8y4H4Q/qMYjkLhl2ZwJ6EW8sQxVjfHrc5L7+uCQXQzTc9wH5luqk/pVUSZ6oyyJ
1R6Vi6i84juQLNet70L/bdJTUVgnt2nk9gSgu//daaEKtMvJVck/gTMtEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDoiW6sV8B/ezE5pu46BcQlPNiKxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT2lKYnF4WHdIOTdNVG1tN2pvRnhDVTgySXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGtbW9ML6IYR1GEWwQWI
T+yvijWP4FytbwqeZpOg54qKXr0d9YyaE9GmSxyqC98/58DmomA2Z71UvyvmshBQ
tpXES807aBBs+ZpRsxr82/zkui1mctqElByYfjjMmqlziwLaRVamlG0pCvZL7z7k
sVFM6MGelsHyNnyHGFsbgOuVqZxMY0+a+dCOuNpIVdTzcqEH3YCp16ognYlfxIrC
XqU8qtrnT0zN5OfdLCoSumbGvMXKh9dwOy0OQqRmzKDOlDArLjhcOab3QSwE+QD+
gAfM2EJETH7uvAgsydJlwZFP8j1d+/iIzyr7G7lRCa0dWfuaiMd1QZqLngMVlJrt
drI=
-----END CERTIFICATE-----
Generated at Fri May 2 18:59:22 2025 by rpki-client