Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/di8OCoJt1p3oOLVuj_9eEjQtKnQ.roa
File: di8OCoJt1p3oOLVuj_9eEjQtKnQ.roa (raw, json)
Hash identifier: z1jlOyAO9F7hlyAcVR1N6rx7MI2ANqvMhMr4u/y8K00=
Subject key identifier: 76:2F:0E:0A:82:6D:D6:9D:E8:38:B5:6E:8F:FF:5E:12:34:2D:2A:74
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185BB21580D9544C3F85AFEF628FC2726F4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/di8OCoJt1p3oOLVuj_9eEjQtKnQ.roa
Signing time: Mon 16 Jan 2023 15:10:02 +0000
ROA not before: Mon 16 Jan 2023 15:10:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:ba40:6692/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bb:21:58:0d:95:44:c3:f8:5a:fe:f6:28:fc:27:26:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 16 15:10:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=762f0e0a826dd69de838b56e8fff5e12342d2a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fd:63:4b:05:93:c6:48:d5:dd:4b:d5:c8:6a:
c4:63:14:51:e0:8d:0e:4f:3a:a8:c7:b2:f3:48:ae:
34:ae:84:b1:1e:0c:e0:2f:0c:b5:07:93:9d:f3:c6:
24:35:5c:6e:4a:96:0c:ca:96:72:37:ad:d5:a2:0d:
24:26:96:f1:2d:6f:46:36:09:b3:6f:73:b5:82:bd:
d3:8f:27:cf:50:2c:73:51:d7:98:b2:f3:0b:3f:a4:
b8:89:c3:02:e3:56:e6:c1:1d:4d:69:ca:d0:0b:1b:
ff:61:01:2a:21:ff:72:9e:82:38:da:9e:aa:10:51:
62:75:18:f7:fc:af:e7:dc:a6:5d:2c:f2:b6:45:73:
f4:f9:c4:8e:a6:a3:99:27:7a:3a:72:50:b5:40:0c:
98:84:61:56:80:ce:1c:68:81:03:dd:bd:eb:3e:20:
9a:df:32:06:67:cd:47:2a:4e:ff:6d:dc:d5:ea:fc:
d4:e3:b9:75:d5:4b:1f:d0:48:ff:3b:9a:12:c9:b2:
f9:45:58:2c:e2:11:67:8b:ce:69:8e:75:35:3b:99:
74:86:6a:69:42:27:c5:00:f4:66:54:4d:98:75:0b:
a3:a0:8b:55:df:77:cb:37:35:97:09:25:8e:9a:81:
43:2b:1e:08:ac:53:63:3d:96:39:1d:c2:12:0e:ec:
af:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:2F:0E:0A:82:6D:D6:9D:E8:38:B5:6E:8F:FF:5E:12:34:2D:2A:74
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/di8OCoJt1p3oOLVuj_9eEjQtKnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:8c:93:b3:73:40:d5:8f:8d:88:7f:67:ae:55:73:68:74:48:
b5:1e:b9:d0:a0:e8:ce:2a:bc:d4:7f:2c:99:88:03:ef:99:ff:
77:bc:08:85:c7:ab:e2:45:23:9c:55:48:1b:83:da:25:5e:be:
3c:57:6b:16:ff:d6:4d:bd:5b:4a:aa:46:25:21:32:07:60:0b:
a6:58:fb:b4:4d:63:60:d3:14:7b:c4:36:c4:62:bb:89:71:42:
a3:4f:8e:35:80:c6:97:4e:ca:7a:8a:67:a6:e3:03:3b:42:f4:
39:57:f3:b0:6f:1f:e0:d2:1f:98:aa:09:57:fb:8d:89:05:64:
7a:d0:57:e6:ae:8b:d2:94:8d:6f:0f:d8:9c:40:6d:ef:6f:2d:
1d:2e:be:45:da:be:45:36:6c:b4:2a:f7:da:21:36:a0:de:86:
8b:58:f3:67:9f:fe:1b:48:38:c3:71:67:4e:89:43:c5:c1:a5:
bc:74:40:ee:a8:e4:0b:97:21:2c:dd:2b:7a:0a:24:a0:a2:cf:
86:78:2e:93:c9:12:dc:69:03:0c:08:52:fc:9e:2e:4f:d8:3b:
e3:e4:7e:32:49:d5:83:12:b9:a0:e7:f6:93:30:eb:e2:de:f6:
28:53:7e:43:12:22:ca:a1:d5:3c:d1:7f:c7:1c:82:b9:29:0a:
65:06:94:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYW7IVgNlUTD+Fr+9ij8Jyb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE2MTUxMDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjJmMGUwYTgyNmRkNjlkZTgzOGI1NmU4ZmZmNWUxMjM0MmQyYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/1jSwWTxkjV3UvVyGrEYxRR4I0O
Tzqox7LzSK40roSxHgzgLwy1B5Od88YkNVxuSpYMypZyN63Vog0kJpbxLW9GNgmz
b3O1gr3TjyfPUCxzUdeYsvMLP6S4icMC41bmwR1NacrQCxv/YQEqIf9ynoI42p6q
EFFidRj3/K/n3KZdLPK2RXP0+cSOpqOZJ3o6clC1QAyYhGFWgM4caIED3b3rPiCa
3zIGZ81HKk7/bdzV6vzU47l11Usf0Ej/O5oSybL5RVgs4hFni85pjnU1O5l0hmpp
QifFAPRmVE2YdQujoItV33fLNzWXCSWOmoFDKx4IrFNjPZY5HcISDuyvFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHYvDgqCbdad6Di1bo//XhI0LSp0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZGk4T0NvSnQxcDNvT0xWdWpfOWVFalF0S25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABOMk7NzQNWPjYh/Z65V
c2h0SLUeudCg6M4qvNR/LJmIA++Z/3e8CIXHq+JFI5xVSBuD2iVevjxXaxb/1k29
W0qqRiUhMgdgC6ZY+7RNY2DTFHvENsRiu4lxQqNPjjWAxpdOynqKZ6bjAztC9DlX
87BvH+DSH5iqCVf7jYkFZHrQV+aui9KUjW8P2JxAbe9vLR0uvkXavkU2bLQq99oh
NqDehotY82ef/htIOMNxZ06JQ8XBpbx0QO6o5AuXISzdK3oKJKCiz4Z4LpPJEtxp
AwwIUvyeLk/YO+PkfjJJ1YMSuaDn9pMw6+Le9ihTfkMSIsqh1TzRf8ccgrkpCmUG
lDo=
-----END CERTIFICATE-----
Generated at Thu May 1 11:16:47 2025 by rpki-client