Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_T5kXowc842Eas6OvvzwjSiVrfE.roa
File: _T5kXowc842Eas6OvvzwjSiVrfE.roa (raw, json)
Hash identifier: EfltWm5Mx0qQ62UPzgjA7e5Dt7hjtQyqIH+mTKhujCQ=
Subject key identifier: FD:3E:64:5E:8C:1C:F3:8D:84:6A:CE:8E:BE:FC:F0:8D:28:95:AD:F1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3206C62331A438B76AA11AC391FE8663
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_T5kXowc842Eas6OvvzwjSiVrfE.roa
Signing time: Sat 26 Aug 2023 13:26:59 +0000
ROA not before: Sat 26 Aug 2023 13:26:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:32:06:c6:23:31:a4:38:b7:6a:a1:1a:c3:91:fe:86:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 13:26:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd3e645e8c1cf38d846ace8ebefcf08d2895adf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6b:fc:00:8c:d0:b8:8e:67:f0:3b:fd:41:60:
de:3e:e6:9a:47:e1:c2:cb:4a:54:12:54:7e:13:38:
b0:c7:b1:e5:83:67:a5:1e:e7:a4:8e:1b:99:c8:23:
82:4a:2f:eb:96:db:b2:5d:de:69:5b:93:a8:1f:e2:
ef:cf:e6:8e:ce:d1:41:b5:52:c9:da:1c:02:21:9b:
09:d0:0c:82:81:59:4a:5a:d0:f1:02:01:9f:88:12:
ca:08:6f:1c:d2:da:1e:6b:83:d6:57:e6:26:b4:3c:
1f:96:5d:a6:7c:04:9d:7e:ac:4e:80:02:34:29:6d:
30:24:c7:ac:f4:6e:8c:d6:9b:7b:c4:0e:3b:e0:93:
83:5e:8c:9a:57:99:4b:1b:99:b0:b7:8f:26:2d:f6:
7a:3d:ae:87:d2:c2:9b:fc:16:bf:d8:5f:44:4e:37:
83:21:42:a8:b1:76:c0:6d:f6:33:66:a7:61:13:8f:
46:e9:44:03:25:07:84:00:27:43:d4:0e:b3:4e:6a:
10:f1:ee:35:fd:1b:76:57:7f:02:33:7a:47:53:c1:
1f:b0:51:f8:90:32:f1:8d:e3:d8:ed:7b:d0:a6:bc:
d1:b9:99:b3:68:a5:62:a6:0e:27:45:75:09:ec:88:
f7:7f:90:9a:27:9f:b7:f1:ec:3a:7a:1c:fb:4c:fd:
36:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3E:64:5E:8C:1C:F3:8D:84:6A:CE:8E:BE:FC:F0:8D:28:95:AD:F1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_T5kXowc842Eas6OvvzwjSiVrfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:fd:5f:bb:72:c1:75:1a:c0:76:a0:87:8e:4e:0c:4a:11:50:
38:9f:2a:97:1a:24:91:ad:11:e5:12:e0:bd:79:59:2f:ee:71:
15:2d:a6:4d:79:fc:e9:be:17:5e:23:14:73:91:1d:f4:93:83:
a8:2f:b3:9c:65:38:01:07:46:5b:d1:88:d0:e0:ac:f7:1a:55:
14:cf:57:a1:89:d3:62:48:a3:0e:bc:55:01:d1:22:07:cf:38:
1a:9a:ba:3d:94:ac:4d:c3:c7:2f:f1:7d:22:7d:b1:43:d2:e0:
df:ed:c7:dc:d3:53:69:d6:b3:7a:bd:05:1a:77:e7:d1:e3:45:
62:4b:4a:fa:81:bb:90:a1:1c:e9:dc:ca:20:d8:c8:6f:fd:3c:
2e:ab:1c:97:5b:e6:99:cd:20:0c:f5:2c:19:be:7f:f5:bd:16:
14:1c:86:a7:f9:a9:17:a6:2a:03:35:cc:66:9a:31:e4:1a:72:
55:3d:42:5d:c8:29:80:da:32:48:90:a9:15:f7:73:94:78:0d:
47:92:33:7c:78:82:1f:f7:07:ff:36:03:7d:62:e0:8a:df:c4:
1f:29:49:22:92:d1:80:35:57:61:4d:07:0d:93:6a:85:2f:00:
6e:d2:0e:98:2d:e5:e3:26:dc:6d:14:64:e7:f6:9d:8a:d8:58:
b2:7a:26:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoyBsYjMaQ4t2qhGsOR/oZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI2MTMyNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNlNjQ1ZThjMWNmMzhkODQ2YWNlOGViZWZjZjA4ZDI4OTVhZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGv8AIzQuI5n8Dv9QWDePuaaR+HC
y0pUElR+Eziwx7Hlg2elHuekjhuZyCOCSi/rltuyXd5pW5OoH+Lvz+aOztFBtVLJ
2hwCIZsJ0AyCgVlKWtDxAgGfiBLKCG8c0toea4PWV+YmtDwfll2mfASdfqxOgAI0
KW0wJMes9G6M1pt7xA474JODXoyaV5lLG5mwt48mLfZ6Pa6H0sKb/Ba/2F9ETjeD
IUKosXbAbfYzZqdhE49G6UQDJQeEACdD1A6zTmoQ8e41/Rt2V38CM3pHU8EfsFH4
kDLxjePY7XvQprzRuZmzaKVipg4nRXUJ7Ij3f5CaJ5+38ew6ehz7TP026wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP0+ZF6MHPONhGrOjr788I0ola3xMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX1Q1a1hvd2M4NDJFYXM2T3Z2endqU2lWcmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACb9X7tywXUawHagh45O
DEoRUDifKpcaJJGtEeUS4L15WS/ucRUtpk15/Om+F14jFHORHfSTg6gvs5xlOAEH
RlvRiNDgrPcaVRTPV6GJ02JIow68VQHRIgfPOBqauj2UrE3Dxy/xfSJ9sUPS4N/t
x9zTU2nWs3q9BRp359HjRWJLSvqBu5ChHOncyiDYyG/9PC6rHJdb5pnNIAz1LBm+
f/W9FhQchqf5qRemKgM1zGaaMeQaclU9Ql3IKYDaMkiQqRX3c5R4DUeSM3x4gh/3
B/82A31i4IrfxB8pSSKS0YA1V2FNBw2TaoUvAG7SDpgt5eMm3G0UZOf2nYrYWLJ6
Jt8=
-----END CERTIFICATE-----
Generated at Thu May 1 11:12:56 2025 by rpki-client