Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OjZ4OqkzmzhsLNZp7WOSAaWUEq8.roa
File: OjZ4OqkzmzhsLNZp7WOSAaWUEq8.roa (raw, json)
Hash identifier: LNFedCvCkK7Vms2m0u6wfc4t2OQNGhZv6AEXeN+MfRE=
Subject key identifier: 3A:36:78:3A:A9:33:9B:38:6C:2C:D6:69:ED:63:92:01:A5:94:12:AF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B819AEC7AEE858842E37AE30F8347398
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OjZ4OqkzmzhsLNZp7WOSAaWUEq8.roa
Signing time: Wed 02 Aug 2023 21:13:58 +0000
ROA not before: Wed 02 Aug 2023 21:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b8:19:ae:c7:ae:e8:58:84:2e:37:ae:30:f8:34:73:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 2 21:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a36783aa9339b386c2cd669ed639201a59412af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:22:a8:7d:76:79:3e:8f:ce:6e:9b:23:61:f3:
fe:2f:63:5d:a2:b7:f9:3b:27:28:81:14:7b:bd:7b:
42:7c:a1:bf:ad:a8:90:c1:16:81:3e:fe:78:4c:88:
e2:92:61:3f:b9:3f:47:a6:8b:4c:ee:83:68:e4:63:
3c:6b:ac:0e:99:19:f6:d3:62:b1:d3:47:ba:9b:cf:
7d:56:9d:4f:e4:a5:11:0e:4a:f5:11:50:be:27:32:
8d:8c:83:cd:40:44:1c:7b:ce:eb:d0:14:f7:70:8e:
65:ff:5a:9e:a0:4d:a7:9d:14:cf:5e:ac:8e:7d:9d:
36:a1:ba:87:bc:36:39:e3:6f:57:89:4b:ad:2f:b6:
03:5b:c8:96:b1:84:aa:ea:2d:6a:f5:a6:97:df:9e:
9e:22:f0:8a:0d:57:f9:2c:c9:53:da:68:35:c1:09:
9b:9e:4e:cf:c1:34:e5:72:3a:b0:f0:4b:09:7b:89:
f5:cb:51:ba:7d:f3:24:d6:87:cf:8e:0e:88:c6:77:
46:ca:f2:30:18:cf:39:9e:06:d9:a1:8a:cc:7b:ec:
70:40:34:0c:48:d2:ef:c5:8d:d2:bc:be:a7:6b:16:
8f:38:e1:0f:16:26:42:d3:54:a7:c4:a5:c7:80:c8:
97:50:34:b2:4a:5c:d9:39:d8:95:2f:9b:0c:fc:9b:
14:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:36:78:3A:A9:33:9B:38:6C:2C:D6:69:ED:63:92:01:A5:94:12:AF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OjZ4OqkzmzhsLNZp7WOSAaWUEq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:bd:59:ab:36:1e:2d:aa:2e:53:bb:f3:a0:6d:76:01:37:d1:
66:51:1c:72:2c:a6:0c:e0:29:80:a5:a7:61:86:02:0b:c5:9f:
c9:c1:41:df:f4:70:ba:4b:9c:ba:75:dc:61:d2:26:f0:67:07:
18:39:5f:51:36:84:c9:e2:59:23:4a:44:fc:71:c7:18:07:20:
bf:6d:76:58:fc:af:c2:f0:02:3e:2e:8e:d0:fc:3e:c3:41:86:
d4:76:e9:25:40:e3:35:17:a4:ff:15:1f:85:cd:ba:2d:23:39:
b6:ef:63:f3:75:c2:53:5a:a1:7d:eb:96:fb:b0:df:8a:35:e1:
ca:e2:20:82:8d:04:14:75:ed:9e:fc:64:b1:34:44:05:9c:ac:
23:67:18:2b:2a:73:29:ec:c2:d1:26:6b:be:af:59:96:35:e0:
54:29:ab:cd:e5:a1:a2:47:0b:d7:c7:48:d8:60:62:41:66:b1:
c4:bd:11:de:8f:85:b6:10:bc:05:95:39:4f:da:14:ff:e0:a7:
94:ad:a0:40:0b:0f:63:30:2c:1c:75:64:71:55:c8:2d:f6:01:
00:75:b2:40:ac:62:8c:06:e9:60:d2:ac:1d:4b:72:d2:da:a1:
47:b0:23:43:08:23:c5:d1:03:d6:ad:72:11:aa:28:a0:ff:c6:
1d:7d:87:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm4Ga7HruhYhC43rjD4NHOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAyMjExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM2NzgzYWE5MzM5YjM4NmMyY2Q2NjllZDYzOTIwMWE1OTQxMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSKofXZ5Po/ObpsjYfP+L2Ndorf5
OycogRR7vXtCfKG/raiQwRaBPv54TIjikmE/uT9HpotM7oNo5GM8a6wOmRn202Kx
00e6m899Vp1P5KURDkr1EVC+JzKNjIPNQEQce87r0BT3cI5l/1qeoE2nnRTPXqyO
fZ02obqHvDY5429XiUutL7YDW8iWsYSq6i1q9aaX356eIvCKDVf5LMlT2mg1wQmb
nk7PwTTlcjqw8EsJe4n1y1G6ffMk1ofPjg6IxndGyvIwGM85ngbZoYrMe+xwQDQM
SNLvxY3SvL6naxaPOOEPFiZC01SnxKXHgMiXUDSySlzZOdiVL5sM/JsUJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDo2eDqpM5s4bCzWae1jkgGllBKvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT2paNE9xa3ptemhzTE5acDdXT1NBYVdVRXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIO9Was2Hi2qLlO786Bt
dgE30WZRHHIspgzgKYClp2GGAgvFn8nBQd/0cLpLnLp13GHSJvBnBxg5X1E2hMni
WSNKRPxxxxgHIL9tdlj8r8LwAj4ujtD8PsNBhtR26SVA4zUXpP8VH4XNui0jObbv
Y/N1wlNaoX3rlvuw34o14criIIKNBBR17Z78ZLE0RAWcrCNnGCsqcynswtEma76v
WZY14FQpq83loaJHC9fHSNhgYkFmscS9Ed6PhbYQvAWVOU/aFP/gp5StoEALD2Mw
LBx1ZHFVyC32AQB1skCsYowG6WDSrB1LctLaoUewI0MII8XRA9atchGqKKD/xh19
hxI=
-----END CERTIFICATE-----
Generated at Thu May 1 23:02:04 2025 by rpki-client