Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OwujmqSTNrUsU6ubPOGbSts8K2k.roa
File: OwujmqSTNrUsU6ubPOGbSts8K2k.roa (raw, json)
Hash identifier: lmg9mHS/vKl2WYZfOqaIBxhqIE548qEjQew+Xi0GkMY=
Subject key identifier: 3B:0B:A3:9A:A4:93:36:B5:2C:53:AB:9B:3C:E1:9B:4A:DB:3C:2B:69
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186A165CF732070FD2DCED69B53F5CBE1E4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OwujmqSTNrUsU6ubPOGbSts8K2k.roa
Signing time: Thu 02 Mar 2023 08:17:29 +0000
ROA not before: Thu 02 Mar 2023 08:17:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:65:cf:73:20:70:fd:2d:ce:d6:9b:53:f5:cb:e1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 2 08:17:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b0ba39aa49336b52c53ab9b3ce19b4adb3c2b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:64:49:67:23:e3:77:b6:b7:3e:54:95:d4:22:
2d:86:f2:67:b0:8b:63:cd:41:ff:fe:3b:0e:f2:91:
06:e3:50:64:00:99:45:d6:63:de:c6:49:4b:c0:b2:
49:fe:94:1e:dc:98:60:74:f1:f5:76:df:29:d3:4d:
6e:d3:98:9b:a6:73:d9:e6:a8:78:a6:0a:33:e1:44:
1a:19:98:f3:84:74:66:1b:89:fa:99:11:06:1a:c3:
94:68:c2:1f:6e:63:d1:33:05:92:ba:6f:f3:ae:4a:
9a:03:2a:c9:10:18:80:d7:41:96:29:ff:ce:bd:7b:
bf:18:ae:33:f0:2f:65:75:cf:66:82:9c:5e:8f:7f:
96:e3:ef:b3:f4:0d:dc:2b:8e:b4:f5:c1:b4:37:ac:
cb:31:2b:8a:71:39:8c:46:3f:5d:bb:d9:2c:cc:01:
15:16:1e:a7:95:5f:f2:6a:13:b0:f0:5f:4a:84:14:
20:59:5b:f4:80:0e:78:1a:25:54:3f:35:10:35:cd:
aa:e1:50:b8:b6:06:74:16:10:81:36:48:6f:6c:c4:
25:75:c0:12:ec:fa:06:98:62:28:14:99:a2:c1:a0:
aa:41:bb:5e:e6:75:28:92:34:44:eb:e1:73:9b:b3:
db:59:d9:28:21:7a:dd:7c:9d:1e:12:9e:e2:ab:d7:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0B:A3:9A:A4:93:36:B5:2C:53:AB:9B:3C:E1:9B:4A:DB:3C:2B:69
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OwujmqSTNrUsU6ubPOGbSts8K2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:54:47:e1:10:60:e8:5d:3d:ce:d6:22:b1:3d:09:36:1b:81:
87:ee:ea:24:32:70:53:db:5e:47:28:ec:dd:a9:c5:65:9d:7e:
a6:ec:e9:c0:9f:07:ba:5e:d0:b1:2b:e0:43:16:57:ba:9c:49:
22:7e:83:ba:a3:66:77:6f:bc:dd:96:5c:52:08:b1:4e:91:67:
e5:58:cd:24:89:17:ff:1a:f3:a3:10:1f:ae:34:ee:80:d0:e1:
a1:5d:8e:2f:2d:7f:b7:a6:1e:d4:fa:63:c2:c0:52:19:05:4c:
e1:5b:fd:13:a2:09:f2:85:22:66:78:dd:47:99:64:2a:81:f8:
eb:8b:ab:ea:d4:84:71:c2:99:1b:d3:b1:7e:2a:24:83:69:e0:
3a:db:c3:bf:db:cd:a2:0d:4c:8d:74:bc:f2:6b:d8:e0:e6:15:
77:8e:db:6d:e8:63:4e:36:d1:bf:87:c5:14:56:c5:64:be:52:
50:30:7f:9f:30:1b:fc:7e:35:5d:31:f0:98:44:e0:15:3a:f3:
86:1b:20:08:12:c2:5e:b6:db:df:3e:22:14:bd:19:2d:c8:82:
dd:cf:49:4a:11:9b:e5:eb:f8:f4:85:61:f3:70:31:55:d3:b9:
c4:04:83:ed:47:8d:67:19:d6:c1:a1:f9:8a:5d:83:0b:f2:2b:
d1:67:ae:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYahZc9zIHD9Lc7Wm1P1y+HkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAyMDgxNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjBiYTM5YWE0OTMzNmI1MmM1M2FiOWIzY2UxOWI0YWRiM2MyYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2RJZyPjd7a3PlSV1CIthvJnsItj
zUH//jsO8pEG41BkAJlF1mPexklLwLJJ/pQe3JhgdPH1dt8p001u05ibpnPZ5qh4
pgoz4UQaGZjzhHRmG4n6mREGGsOUaMIfbmPRMwWSum/zrkqaAyrJEBiA10GWKf/O
vXu/GK4z8C9ldc9mgpxej3+W4++z9A3cK4609cG0N6zLMSuKcTmMRj9du9kszAEV
Fh6nlV/yahOw8F9KhBQgWVv0gA54GiVUPzUQNc2q4VC4tgZ0FhCBNkhvbMQldcAS
7PoGmGIoFJmiwaCqQbte5nUokjRE6+Fzm7PbWdkoIXrdfJ0eEp7iq9fWMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDsLo5qkkza1LFOrmzzhm0rbPCtpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT3d1am1xU1ROclVzVTZ1YlBPR2JTdHM4SzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEhUR+EQYOhdPc7WIrE9
CTYbgYfu6iQycFPbXkco7N2pxWWdfqbs6cCfB7pe0LEr4EMWV7qcSSJ+g7qjZndv
vN2WXFIIsU6RZ+VYzSSJF/8a86MQH6407oDQ4aFdji8tf7emHtT6Y8LAUhkFTOFb
/ROiCfKFImZ43UeZZCqB+OuLq+rUhHHCmRvTsX4qJINp4Drbw7/bzaINTI10vPJr
2ODmFXeO223oY0420b+HxRRWxWS+UlAwf58wG/x+NV0x8JhE4BU684YbIAgSwl62
298+IhS9GS3Igt3PSUoRm+Xr+PSFYfNwMVXTucQEg+1HjWcZ1sGh+YpdgwvyK9Fn
rkY=
-----END CERTIFICATE-----
Generated at Thu May 1 04:27:45 2025 by rpki-client