Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OwkT5k9hCZ2J1DRpDyL1TFUjCzw.roa
File: OwkT5k9hCZ2J1DRpDyL1TFUjCzw.roa (raw, json)
Hash identifier: JkY+mMjti8d5at5K89/rVSy/h2Hh8Kpm3Pikn5LRhQc=
Subject key identifier: 3B:09:13:E6:4F:61:09:9D:89:D4:34:69:0F:22:F5:4C:55:23:0B:3C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018618E5AA15D05D3B044E9298865112614E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OwkT5k9hCZ2J1DRpDyL1TFUjCzw.roa
Signing time: Fri 03 Feb 2023 20:09:09 +0000
ROA not before: Fri 03 Feb 2023 20:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:e5:aa:15:d0:5d:3b:04:4e:92:98:86:51:12:61:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 3 20:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b0913e64f61099d89d434690f22f54c55230b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:73:fd:28:13:d3:a4:2d:67:87:59:9e:09:5a:
30:74:25:56:d4:c4:07:09:f9:fc:ff:5c:a6:19:47:
b4:a8:a1:ac:7e:ba:da:6e:91:3d:3e:fb:9c:9c:88:
4d:dc:e5:34:ed:8c:83:70:37:3d:4a:f6:66:d8:27:
20:a0:d8:1c:1d:c9:96:26:fe:59:85:4c:36:99:c8:
89:79:e9:f1:54:a0:55:25:9e:92:04:2b:59:cc:41:
57:38:1d:b2:f0:b3:05:7b:a6:d4:bb:0f:07:60:05:
1b:e2:73:f7:91:87:f6:5d:d2:98:f3:c1:50:66:47:
ee:b7:7a:8d:20:ee:40:a2:6b:51:39:5f:4b:55:a1:
5d:74:c7:26:f3:76:22:d7:e4:c7:7b:86:3d:f9:39:
65:db:34:40:57:cb:90:dd:c1:4e:c5:56:50:42:16:
80:aa:96:87:44:0e:36:6d:18:82:73:a1:19:66:a6:
17:78:dd:f0:cc:8c:db:c2:53:41:e4:cc:9a:3a:73:
7d:ca:d8:73:7d:47:bf:8b:93:c0:75:ec:64:7e:1f:
86:e4:b4:7c:32:46:e2:a9:4c:ff:3b:12:9c:0b:b6:
c1:4d:75:b7:2e:38:f8:3c:a4:67:71:c4:d5:e3:73:
b0:70:9a:dc:69:05:b6:ae:17:18:d9:e3:ec:39:db:
5c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:09:13:E6:4F:61:09:9D:89:D4:34:69:0F:22:F5:4C:55:23:0B:3C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OwkT5k9hCZ2J1DRpDyL1TFUjCzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:2c:81:b8:ad:48:96:56:cf:d0:a9:7b:87:60:22:d5:65:69:
2a:28:7a:1b:b6:b1:8e:a7:b8:27:0b:d5:d6:3f:3b:20:53:d1:
83:ff:69:d6:93:62:91:d4:51:fd:87:60:e2:b6:03:c3:dd:13:
36:e9:0c:38:e4:ec:ae:91:3a:69:7a:6a:7a:f2:e9:44:9e:bc:
ad:18:ee:3b:19:4e:6c:68:bf:1e:ec:55:4b:3f:cb:cd:9c:0e:
75:36:24:d9:c7:f7:49:94:37:89:5c:ed:f5:e6:65:fd:bb:f1:
6f:76:1c:2f:f1:8e:20:30:02:31:16:37:1d:74:fd:a4:f1:1b:
6f:5f:14:aa:9a:8c:60:c7:b8:f0:a7:9b:a7:34:b6:ed:e8:d1:
32:fb:cf:da:07:d0:97:4b:4c:7e:ca:42:d3:49:1e:f4:fe:49:
df:09:ed:93:bc:31:ea:a6:d6:3b:4c:18:53:92:a4:48:20:2c:
3c:9a:92:fe:76:ad:45:1f:45:a2:9f:a2:ea:32:b1:0e:b5:e8:
09:0a:f3:f9:62:a3:74:b7:b0:5c:2c:14:4a:0d:b0:24:ea:88:
18:73:92:8f:c6:b2:a5:13:02:ef:13:0f:41:19:21:b7:d1:f1:
0b:a6:cb:3e:12:d4:67:ce:48:7a:42:76:3f:a3:41:30:72:19:
38:7d:af:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYY5aoV0F07BE6SmIZREmFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAzMjAwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA5MTNlNjRmNjEwOTlkODlkNDM0NjkwZjIyZjU0YzU1MjMwYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHP9KBPTpC1nh1meCVowdCVW1MQH
Cfn8/1ymGUe0qKGsfrrabpE9PvucnIhN3OU07YyDcDc9SvZm2CcgoNgcHcmWJv5Z
hUw2mciJeenxVKBVJZ6SBCtZzEFXOB2y8LMFe6bUuw8HYAUb4nP3kYf2XdKY88FQ
Zkfut3qNIO5AomtROV9LVaFddMcm83Yi1+THe4Y9+Tll2zRAV8uQ3cFOxVZQQhaA
qpaHRA42bRiCc6EZZqYXeN3wzIzbwlNB5MyaOnN9ythzfUe/i5PAdexkfh+G5LR8
MkbiqUz/OxKcC7bBTXW3Ljj4PKRnccTV43OwcJrcaQW2rhcY2ePsOdtcSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDsJE+ZPYQmdidQ0aQ8i9UxVIws8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT3drVDVrOWhDWjJKMURScER5TDFURlVqQ3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJEsgbitSJZWz9Cpe4dg
ItVlaSooehu2sY6nuCcL1dY/OyBT0YP/adaTYpHUUf2HYOK2A8PdEzbpDDjk7K6R
Oml6anry6USevK0Y7jsZTmxovx7sVUs/y82cDnU2JNnH90mUN4lc7fXmZf278W92
HC/xjiAwAjEWNx10/aTxG29fFKqajGDHuPCnm6c0tu3o0TL7z9oH0JdLTH7KQtNJ
HvT+Sd8J7ZO8Meqm1jtMGFOSpEggLDyakv52rUUfRaKfouoysQ616AkK8/lio3S3
sFwsFEoNsCTqiBhzko/GsqUTAu8TD0EZIbfR8Qumyz4S1GfOSHpCdj+jQTByGTh9
r0k=
-----END CERTIFICATE-----
Generated at Thu May 1 03:55:36 2025 by rpki-client