Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OkqmHJoaxIzZb4gw7INQaCErmzU.roa
File: OkqmHJoaxIzZb4gw7INQaCErmzU.roa (raw, json)
Hash identifier: G1o6TFVD8nO5fuytmrTRF6nGlbAPnwdc2NSElk9cyQE=
Subject key identifier: 3A:4A:A6:1C:9A:1A:C4:8C:D9:6F:88:30:EC:83:50:68:21:2B:9B:35
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 9047AC26
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OkqmHJoaxIzZb4gw7INQaCErmzU.roa
Signing time: Mon 27 Jun 2022 13:14:40 +0000
ROA not before: Mon 27 Jun 2022 13:14:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2420616230 (0x9047ac26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 27 13:14:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a4aa61c9a1ac48cd96f8830ec835068212b9b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a8:bc:bc:7c:66:81:43:79:cb:ab:65:45:c1:
76:b7:99:b6:cc:82:38:b2:7d:1d:9f:da:c4:d5:8c:
ac:da:5a:ff:df:00:10:79:a1:93:1e:2f:ee:0f:0c:
8e:9f:07:a4:b6:2c:a1:42:27:5f:a6:d5:57:64:f2:
52:6d:a6:4b:ed:85:1c:a5:da:9d:4f:a8:b5:5d:5a:
fa:e2:2b:71:5a:26:b9:e0:b7:6e:a3:1f:3d:9f:7b:
ec:55:a4:27:aa:51:30:05:13:9f:88:7b:01:2f:be:
3b:3a:97:a9:06:6f:be:85:bc:4d:58:68:db:68:15:
05:f2:8f:83:be:f0:48:ac:60:02:6e:4d:db:e9:01:
a5:e7:bb:ef:f5:25:94:55:0d:8d:17:db:db:90:15:
a7:2d:ff:a7:18:98:f8:f5:2c:d4:23:ad:db:1b:fa:
be:0f:84:9d:e0:38:a2:ea:95:ff:2c:75:5e:4c:69:
0a:0b:2e:33:f6:9e:af:c9:08:c2:61:c1:2e:5f:e8:
da:ce:de:67:e8:a0:88:ee:60:1a:e0:d0:cf:18:c7:
a0:f2:7f:d0:e2:11:6a:2b:d0:56:cc:05:3e:b7:3c:
7f:03:f6:cc:2d:23:27:20:e3:a2:36:73:08:b2:8b:
21:c0:e4:b1:21:d1:76:15:d7:87:5e:75:ab:69:84:
10:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4A:A6:1C:9A:1A:C4:8C:D9:6F:88:30:EC:83:50:68:21:2B:9B:35
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OkqmHJoaxIzZb4gw7INQaCErmzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:27:8f:d5:50:91:b2:25:a0:f9:a5:d5:e9:a8:52:ab:d1:c1:
9b:63:91:97:47:f0:e1:b1:41:d9:e2:f0:02:0b:a0:69:49:38:
2b:6d:49:a7:81:fe:8a:db:4f:6c:f5:63:82:4e:eb:63:2a:83:
f3:97:4e:e7:82:dc:61:ee:6c:a0:8e:12:4a:10:28:16:a8:3e:
a5:31:9a:12:72:1a:d6:24:89:87:31:34:b0:ce:08:49:40:e6:
ca:34:72:ad:a1:aa:6d:7d:a0:0a:20:47:0f:06:7c:50:11:c2:
93:3b:10:d1:90:ee:14:34:e4:88:fe:fb:70:87:6f:34:a6:3c:
cc:a1:8a:aa:a1:56:26:24:56:82:97:cd:e0:1d:10:69:60:75:
1f:78:83:11:88:4a:27:bb:4d:8a:21:3a:f5:15:54:ea:b8:24:
37:85:1c:b5:77:db:c5:61:04:e0:9e:7f:48:5a:e0:86:d8:92:
c7:0d:4d:f3:19:3c:e6:e4:c2:2d:9a:e9:56:45:ae:75:8c:5a:
66:4e:9c:bc:c1:76:05:55:3a:91:d7:c1:6f:f7:54:e8:08:50:
18:8b:de:35:59:3d:bf:4d:f3:7b:d2:5f:ad:8e:0e:56:fe:75:
74:0a:d1:3b:c8:6d:fd:17:13:1a:93:a9:eb:c2:e6:eb:4f:41:
67:9d:37:34
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJBHrCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MjcxMzE0NDBaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDNhNGFhNjFjOWEx
YWM0OGNkOTZmODgzMGVjODM1MDY4MjEyYjliMzUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUqLy8fGaBQ3nLq2VFwXa3mbbMgjiyfR2f2sTVjKzaWv/f
ABB5oZMeL+4PDI6fB6S2LKFCJ1+m1Vdk8lJtpkvthRyl2p1PqLVdWvriK3FaJrng
t26jHz2fe+xVpCeqUTAFE5+IewEvvjs6l6kGb76FvE1YaNtoFQXyj4O+8EisYAJu
TdvpAaXnu+/1JZRVDY0X29uQFact/6cYmPj1LNQjrdsb+r4PhJ3gOKLqlf8sdV5M
aQoLLjP2nq/JCMJhwS5f6NrO3mfooIjuYBrg0M8Yx6Dyf9DiEWor0FbMBT63PH8D
9swtIycg46I2cwiyiyHA5LEh0XYV14dedatphBBHAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUOkqmHJoaxIzZb4gw7INQaCErmzUwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9Pa3FtSEpvYXhJelpiNGd3N0lOUWFDRXJtelUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAkieP1VCRsiWg+aXV6ahSq9HBm2ORl0fw4bFB
2eLwAgugaUk4K21Jp4H+ittPbPVjgk7rYyqD85dO54LcYe5soI4SShAoFqg+pTGa
EnIa1iSJhzE0sM4ISUDmyjRyraGqbX2gCiBHDwZ8UBHCkzsQ0ZDuFDTkiP77cIdv
NKY8zKGKqqFWJiRWgpfN4B0QaWB1H3iDEYhKJ7tNiiE69RVU6rgkN4UctXfbxWEE
4J5/SFrghtiSxw1N8xk85uTCLZrpVkWudYxaZk6cvMF2BVU6kdfBb/dU6AhQGIve
NVk9v03ze9JfrY4OVv51dArRO8ht/RcTGpOp68Lm609BZ503NA==
-----END CERTIFICATE-----
Generated at Mon May 5 18:43:25 2025 by rpki-client