Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dMOkwEVQ0DHk1XQ3gZuBa3I6l6s.roa
File: dMOkwEVQ0DHk1XQ3gZuBa3I6l6s.roa (raw, json)
Hash identifier: Myfmj+DJXt5bn2qITuJhQHMME5tYriuB/AlZNkqzN7o=
Subject key identifier: 74:C3:A4:C0:45:50:D0:31:E4:D5:74:37:81:9B:81:6B:72:3A:97:AB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868AD1DE47F04C7FE7CCF0A64EB201858F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dMOkwEVQ0DHk1XQ3gZuBa3I6l6s.roa
Signing time: Sat 25 Feb 2023 23:04:15 +0000
ROA not before: Sat 25 Feb 2023 23:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:186:8ad1:c949/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8a:d1:de:47:f0:4c:7f:e7:cc:f0:a6:4e:b2:01:85:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 23:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74c3a4c04550d031e4d57437819b816b723a97ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e1:a1:fd:28:0e:cd:8d:5f:30:22:23:c2:d5:
72:af:88:27:54:d6:ba:1e:87:28:2f:89:1f:1e:c2:
e7:9d:9f:70:bb:0a:14:7d:ff:d1:90:31:89:95:e4:
80:3e:be:bf:3d:c0:50:70:e9:be:bf:e1:fe:ba:47:
12:95:27:c7:2e:f4:d9:5c:6d:ad:36:30:1a:63:b2:
97:34:8d:ca:8c:84:0f:2f:b3:0a:45:b9:af:89:fa:
1d:e8:dc:7b:af:51:d8:d2:f7:75:44:bf:f9:b9:b9:
ed:ad:93:ce:58:f8:11:a6:9d:ef:d0:8c:62:95:4e:
0a:c1:50:e3:dd:29:09:b1:81:96:6d:69:8e:1d:5b:
90:cb:99:6c:fe:33:6d:24:20:f7:d6:b1:4c:c1:fa:
45:2e:b2:03:ba:b4:68:79:47:04:b4:e1:0f:fb:0d:
64:b0:7b:44:2f:b4:e8:b3:e5:dc:a3:4d:8c:cd:59:
9d:18:af:6c:9e:ba:ab:96:da:2f:e3:52:ec:8a:d1:
72:d9:54:c9:65:a3:f1:2e:71:30:87:85:8d:79:e1:
16:c1:42:d7:5e:44:8c:80:01:dc:8e:33:54:f0:d3:
69:09:58:f3:3f:02:05:2f:16:a0:c2:99:55:af:fc:
b0:e4:06:07:71:cd:53:10:15:5f:85:8d:ad:63:cc:
99:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C3:A4:C0:45:50:D0:31:E4:D5:74:37:81:9B:81:6B:72:3A:97:AB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dMOkwEVQ0DHk1XQ3gZuBa3I6l6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:b2:9f:3f:95:3c:3a:cc:f7:ac:6f:22:3e:41:f9:de:fc:31:
e1:77:a3:39:63:78:b7:c0:4a:15:68:9e:b9:b0:86:db:93:70:
99:c2:23:4c:a5:18:e8:07:c5:51:bb:33:ec:50:7d:7c:40:e3:
4d:ac:c1:b0:86:ad:52:27:6a:46:3f:cc:94:17:f1:30:8d:20:
c2:47:55:d5:6e:f6:0d:73:eb:1a:7d:6a:4b:46:36:9a:e1:92:
cd:b0:91:3b:82:2e:2c:a3:41:ec:f6:3b:50:c9:fb:8b:a5:a5:
78:29:94:71:79:7b:5f:ae:26:03:4d:e0:77:56:af:8b:fa:9e:
70:0e:05:02:df:16:8b:29:21:9d:fb:b3:a7:df:bd:67:14:6f:
95:ab:af:46:78:37:33:29:40:0c:ff:d1:2b:9b:8e:5c:b1:05:
62:9a:8c:20:a8:fe:5d:fe:1e:5c:88:ca:c1:46:ff:47:2a:be:
9b:cb:5c:b4:a4:c1:a3:ab:a0:cb:52:21:40:1b:1e:ab:23:10:
d8:0f:59:26:6a:fc:89:46:1c:44:7a:0b:d3:e8:12:50:9b:a4:
d0:9a:d2:18:f9:bd:65:fa:af:86:a5:3a:ec:af:7d:43:8d:c4:
ea:01:4f:5f:84:b3:f4:45:c8:6f:7a:34:46:cc:9b:b0:0c:62:
69:40:2b:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaK0d5H8Ex/58zwpk6yAYWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MjMwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGMzYTRjMDQ1NTBkMDMxZTRkNTc0Mzc4MTliODE2YjcyM2E5N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeGh/SgOzY1fMCIjwtVyr4gnVNa6
HocoL4kfHsLnnZ9wuwoUff/RkDGJleSAPr6/PcBQcOm+v+H+ukcSlSfHLvTZXG2t
NjAaY7KXNI3KjIQPL7MKRbmvifod6Nx7r1HY0vd1RL/5ubntrZPOWPgRpp3v0Ixi
lU4KwVDj3SkJsYGWbWmOHVuQy5ls/jNtJCD31rFMwfpFLrIDurRoeUcEtOEP+w1k
sHtEL7Tos+Xco02MzVmdGK9snrqrltov41LsitFy2VTJZaPxLnEwh4WNeeEWwULX
XkSMgAHcjjNU8NNpCVjzPwIFLxagwplVr/yw5AYHcc1TEBVfhY2tY8yZLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHTDpMBFUNAx5NV0N4GbgWtyOperMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZE1Pa3dFVlEwREhrMVhRM2dadUJhM0k2bDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABSynz+VPDrM96xvIj5B
+d78MeF3ozljeLfAShVonrmwhtuTcJnCI0ylGOgHxVG7M+xQfXxA402swbCGrVIn
akY/zJQX8TCNIMJHVdVu9g1z6xp9aktGNprhks2wkTuCLiyjQez2O1DJ+4ulpXgp
lHF5e1+uJgNN4HdWr4v6nnAOBQLfFospIZ37s6ffvWcUb5Wrr0Z4NzMpQAz/0Sub
jlyxBWKajCCo/l3+HlyIysFG/0cqvpvLXLSkwaOroMtSIUAbHqsjENgPWSZq/IlG
HER6C9PoElCbpNCa0hj5vWX6r4alOuyvfUONxOoBT1+Es/RFyG96NEbMm7AMYmlA
K+M=
-----END CERTIFICATE-----
Generated at Sun May 4 19:13:52 2025 by rpki-client