Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dnOG1Dr0tPEUHHnHEmwEpeWmZoI.roa
File: dnOG1Dr0tPEUHHnHEmwEpeWmZoI.roa (raw, json)
Hash identifier: IJ5z7Myq/RpTvF/6okeWswQQijlp7iHLwVHCtRja7vw=
Subject key identifier: 76:73:86:D4:3A:F4:B4:F1:14:1C:79:C7:12:6C:04:A5:E5:A6:66:82
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018629A5152BA2AD608A33E7F1AE789AFDAF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dnOG1Dr0tPEUHHnHEmwEpeWmZoI.roa
Signing time: Tue 07 Feb 2023 02:12:09 +0000
ROA not before: Tue 07 Feb 2023 02:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:29:a5:15:2b:a2:ad:60:8a:33:e7:f1:ae:78:9a:fd:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 7 02:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=767386d43af4b4f1141c79c7126c04a5e5a66682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d9:0a:83:cb:16:b0:c9:06:a0:12:dc:f6:a1:
b3:35:27:36:1d:79:b9:62:b9:bd:19:7d:e3:f2:e6:
3a:2a:d1:29:1c:89:11:7f:a1:a5:d5:7e:f8:ab:48:
79:a7:89:c4:16:23:8c:d2:4a:08:da:33:5d:36:e9:
d1:da:05:27:a8:30:4a:73:ca:07:69:96:77:b2:4a:
4f:bf:01:11:b8:90:6a:4f:ed:41:b6:91:2d:33:86:
a4:0f:44:e6:8e:16:18:4f:42:e7:ea:77:56:ec:ba:
01:e1:4f:02:e8:7d:0f:c5:6f:33:e5:e0:f7:40:78:
a0:df:21:db:10:7b:30:25:80:f7:03:c0:ed:c2:2b:
ef:a4:ca:67:15:10:3f:7a:b8:f6:d9:9e:9f:72:9d:
2f:41:36:02:7f:a4:2e:29:20:a5:32:67:27:6c:9f:
5f:93:3c:3b:80:88:f8:09:13:15:16:d2:22:d0:c0:
e6:5e:fe:f1:cb:bb:48:ab:b0:6b:c4:0d:75:7c:ee:
7d:a7:d3:ca:18:e9:4b:64:bd:32:84:6f:72:e6:11:
f6:68:10:9c:78:26:22:42:57:9f:83:93:7e:17:5b:
23:93:72:0b:dd:23:b7:70:28:eb:95:d3:15:50:82:
8f:7d:e0:f7:e7:9b:97:fe:0d:dd:31:68:c4:f8:71:
65:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:73:86:D4:3A:F4:B4:F1:14:1C:79:C7:12:6C:04:A5:E5:A6:66:82
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dnOG1Dr0tPEUHHnHEmwEpeWmZoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:07:c4:ac:f3:cb:ef:2b:b6:1a:a2:ad:bb:33:52:de:bd:11:
d8:db:49:b9:b9:3e:b7:27:7a:44:bf:a4:52:ab:53:70:da:da:
ce:1e:0b:81:9f:59:fe:84:87:8c:f4:97:53:c9:c4:8e:c4:4e:
cf:5b:93:1f:db:71:5c:7d:60:20:f8:a2:be:a1:ac:db:f6:b7:
11:73:2b:a2:4a:46:ee:d5:4d:11:ae:36:ce:77:15:1e:9c:92:
12:d8:92:81:f1:d0:1c:85:17:c4:72:5d:1a:d0:8e:1a:8b:35:
57:a7:a8:e3:76:0c:b0:9f:4d:ff:bb:75:c8:27:0a:fe:b6:e4:
5e:79:4e:11:68:05:4a:0c:8a:3f:32:3e:03:94:17:b1:2c:33:
30:e5:a0:6c:54:7c:61:57:e6:bf:48:23:da:60:f5:d9:77:99:
ea:56:c1:3b:27:38:83:e0:42:3d:18:92:2f:dd:21:1d:98:07:
97:04:fa:6a:6a:1c:bc:36:b3:12:23:00:19:c0:ef:d5:e5:c8:
d5:d6:c0:11:90:e2:67:9e:cb:56:ea:51:69:f1:94:d6:1a:e1:
18:e3:5f:95:06:db:1f:0b:2c:98:bd:e1:2c:d4:18:27:e0:ec:
d9:73:13:c0:c2:77:69:2b:99:40:fb:fd:64:46:5d:53:46:55:
7d:57:a7:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYppRUroq1gijPn8a54mv2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA3MDIxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjczODZkNDNhZjRiNGYxMTQxYzc5YzcxMjZjMDRhNWU1YTY2NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidkKg8sWsMkGoBLc9qGzNSc2HXm5
Yrm9GX3j8uY6KtEpHIkRf6Gl1X74q0h5p4nEFiOM0koI2jNdNunR2gUnqDBKc8oH
aZZ3skpPvwERuJBqT+1BtpEtM4akD0TmjhYYT0Ln6ndW7LoB4U8C6H0PxW8z5eD3
QHig3yHbEHswJYD3A8DtwivvpMpnFRA/erj22Z6fcp0vQTYCf6QuKSClMmcnbJ9f
kzw7gIj4CRMVFtIi0MDmXv7xy7tIq7BrxA11fO59p9PKGOlLZL0yhG9y5hH2aBCc
eCYiQlefg5N+F1sjk3IL3SO3cCjrldMVUIKPfeD355uX/g3dMWjE+HFlNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHZzhtQ69LTxFBx5xxJsBKXlpmaCMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZG5PRzFEcjB0UEVVSEhuSEVtd0VwZVdtWm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFgHxKzzy+8rthqirbsz
Ut69EdjbSbm5PrcnekS/pFKrU3Da2s4eC4GfWf6Eh4z0l1PJxI7ETs9bkx/bcVx9
YCD4or6hrNv2txFzK6JKRu7VTRGuNs53FR6ckhLYkoHx0ByFF8RyXRrQjhqLNVen
qON2DLCfTf+7dcgnCv625F55ThFoBUoMij8yPgOUF7EsMzDloGxUfGFX5r9II9pg
9dl3mepWwTsnOIPgQj0Yki/dIR2YB5cE+mpqHLw2sxIjABnA79XlyNXWwBGQ4mee
y1bqUWnxlNYa4RjjX5UG2x8LLJi94SzUGCfg7NlzE8DCd2krmUD7/WRGXVNGVX1X
p4E=
-----END CERTIFICATE-----
Generated at Sat May 3 14:37:36 2025 by rpki-client