Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OxxKY2b4Uh7MQuOD5S3YrRTFR6A.roa
File: OxxKY2b4Uh7MQuOD5S3YrRTFR6A.roa (raw, json)
Hash identifier: zJmsUj52aXF1GfsT2EWdLfMJEawPes+/XrQeh532rPg=
Subject key identifier: 3B:1C:4A:63:66:F8:52:1E:CC:42:E3:83:E5:2D:D8:AD:14:C5:47:A0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864B8AC455C1564809BE9668190D810E18
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OxxKY2b4Uh7MQuOD5S3YrRTFR6A.roa
Signing time: Mon 13 Feb 2023 16:10:30 +0000
ROA not before: Mon 13 Feb 2023 16:10:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4b:8a:c4:55:c1:56:48:09:be:96:68:19:0d:81:0e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 13 16:10:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b1c4a6366f8521ecc42e383e52dd8ad14c547a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:8e:fc:67:f9:c9:08:91:16:b6:ee:dc:e7:
9d:c2:de:71:46:71:e8:e7:f0:9c:bf:89:60:bf:56:
27:f8:88:cb:98:65:f2:e4:32:dc:8d:32:e1:88:9b:
eb:53:df:0a:df:a7:0b:ea:54:99:a0:cc:ef:fc:36:
e3:1d:70:98:41:a6:58:5e:43:bc:91:34:59:30:52:
6a:aa:7e:2f:d6:8f:fd:31:ae:cb:de:ac:b4:ea:4c:
0c:00:02:b7:3e:11:39:73:4a:21:4d:93:b5:63:ca:
e7:ad:22:16:23:3f:bd:61:41:1d:ec:33:db:67:0d:
06:02:34:d5:76:d9:f9:28:00:fd:b9:83:a0:ec:57:
eb:9e:ee:fb:d0:8a:3a:67:e7:f7:fc:e7:22:3f:fa:
44:37:99:bf:6a:7d:cc:0b:70:b2:15:16:3f:c0:e7:
d3:ae:a1:0c:25:2f:41:05:41:ac:a9:c7:cf:bc:5e:
d5:a6:7d:32:38:54:8a:ca:5b:d4:98:e8:e2:31:97:
96:2d:74:6c:76:b7:e2:70:6c:cc:46:49:12:5d:2c:
bd:de:6c:30:c1:04:f8:3a:d3:c5:78:93:2c:53:cc:
59:68:df:bb:6e:85:a3:09:4b:b1:b8:fc:b6:86:12:
0a:f2:8a:9b:d9:1c:99:95:b1:e8:9a:18:d1:36:18:
13:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:1C:4A:63:66:F8:52:1E:CC:42:E3:83:E5:2D:D8:AD:14:C5:47:A0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OxxKY2b4Uh7MQuOD5S3YrRTFR6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:b1:be:c3:db:94:5b:3e:f3:31:68:1b:0a:a1:bd:e6:73:09:
6d:5d:ef:6a:4e:af:b7:7e:36:89:04:70:83:cf:a4:34:b0:79:
d2:00:e3:a7:9b:19:4e:97:66:08:b8:8e:df:b2:fa:ab:8f:a3:
4e:01:ff:f9:cd:ae:ac:05:d8:57:40:c1:a4:8f:42:78:79:52:
31:d0:7f:83:f1:08:65:38:34:d8:60:28:27:06:36:48:59:17:
2e:ab:d7:59:84:f4:69:72:07:26:27:76:75:f9:56:2d:ba:f7:
13:2b:2b:fb:40:35:a8:19:c6:0d:d7:89:0b:dc:9f:39:7e:42:
3f:8f:5d:b5:9a:f3:6d:83:8b:3c:16:f2:9d:0a:d2:22:3f:e5:
74:93:d6:58:9e:b9:01:90:ac:7a:1b:5c:18:e6:fe:cd:0c:26:
64:13:47:95:eb:8f:ea:88:7f:a4:2c:c6:dd:89:8d:10:c0:23:
d5:eb:b2:c7:58:fd:5a:76:bd:38:22:59:81:3a:78:29:a1:e1:
e7:87:a7:13:12:6c:46:39:03:ad:9c:98:4f:7f:51:53:e9:df:
31:fb:68:15:9e:7b:7c:ca:20:ff:e1:c7:f6:4a:53:f9:9b:c9:
db:e8:08:df:1e:46:94:80:e4:18:c1:90:cc:3a:f4:9f:32:23:
dc:85:45:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZLisRVwVZICb6WaBkNgQ4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEzMTYxMDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjFjNGE2MzY2Zjg1MjFlY2M0MmUzODNlNTJkZDhhZDE0YzU0N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQSO/Gf5yQiRFrbu3Oedwt5xRnHo
5/Ccv4lgv1Yn+IjLmGXy5DLcjTLhiJvrU98K36cL6lSZoMzv/DbjHXCYQaZYXkO8
kTRZMFJqqn4v1o/9Ma7L3qy06kwMAAK3PhE5c0ohTZO1Y8rnrSIWIz+9YUEd7DPb
Zw0GAjTVdtn5KAD9uYOg7Ffrnu770Io6Z+f3/OciP/pEN5m/an3MC3CyFRY/wOfT
rqEMJS9BBUGsqcfPvF7Vpn0yOFSKylvUmOjiMZeWLXRsdrficGzMRkkSXSy93mww
wQT4OtPFeJMsU8xZaN+7boWjCUuxuPy2hhIK8oqb2RyZlbHomhjRNhgTywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDscSmNm+FIezELjg+Ut2K0UxUegMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT3h4S1kyYjRVaDdNUXVPRDVTM1lyUlRGUjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAuxvsPblFs+8zFoGwqh
veZzCW1d72pOr7d+NokEcIPPpDSwedIA46ebGU6XZgi4jt+y+quPo04B//nNrqwF
2FdAwaSPQnh5UjHQf4PxCGU4NNhgKCcGNkhZFy6r11mE9GlyByYndnX5Vi269xMr
K/tANagZxg3XiQvcnzl+Qj+PXbWa822DizwW8p0K0iI/5XST1lieuQGQrHobXBjm
/s0MJmQTR5Xrj+qIf6Qsxt2JjRDAI9XrssdY/Vp2vTgiWYE6eCmh4eeHpxMSbEY5
A62cmE9/UVPp3zH7aBWee3zKIP/hx/ZKU/mbydvoCN8eRpSA5BjBkMw69J8yI9yF
RQA=
-----END CERTIFICATE-----
Generated at Fri May 2 22:49:28 2025 by rpki-client