Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/eF80Jhj7PBPfJvLbjqFe5nbSGD8.roa
File: eF80Jhj7PBPfJvLbjqFe5nbSGD8.roa (raw, json)
Hash identifier: Y8ET9QO5uOCxgcLj6Oww89A+Qn6oWOHcQzE4QdYY0Ow=
Subject key identifier: 78:5F:34:26:18:FB:3C:13:DF:26:F2:DB:8E:A1:5E:E6:76:D2:18:3F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A23C929E0ABB1DD27850E5E68049050DB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/eF80Jhj7PBPfJvLbjqFe5nbSGD8.roa
Signing time: Wed 23 Aug 2023 19:05:00 +0000
ROA not before: Wed 23 Aug 2023 19:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:18a:23c8:7121/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:c9:29:e0:ab:b1:dd:27:85:0e:5e:68:04:90:50:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 23 19:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=785f342618fb3c13df26f2db8ea15ee676d2183f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:00:61:56:96:5d:50:08:7c:cc:98:f4:97:59:
98:6a:86:4b:e6:5a:05:25:a9:3c:57:dc:c7:c3:21:
54:de:fb:2d:0c:24:77:28:52:da:96:f4:c6:81:82:
a8:7f:bc:89:9a:6e:81:eb:fb:ed:dc:24:22:fd:22:
d4:4f:24:87:6b:65:6d:53:01:9d:d6:73:0a:e0:9e:
6a:4c:05:a3:d7:83:56:53:3d:55:76:26:67:88:6a:
88:e7:9e:f4:97:23:4f:23:c5:1e:d0:f2:ee:06:d3:
71:19:f1:64:80:2a:17:27:1f:7a:be:0e:2b:b5:91:
1a:f0:a3:6d:16:55:8b:49:be:74:d5:db:63:07:a4:
ba:16:02:b8:92:db:f2:3b:62:6c:a4:1c:51:f0:53:
4f:a2:85:2e:d2:0d:30:a1:52:0e:cc:82:fc:1b:54:
b1:9b:12:19:a1:ea:b6:a0:9e:a4:af:98:1f:b9:37:
81:36:3a:aa:d6:a6:fd:80:e9:6c:ca:2b:c1:2f:86:
c9:bc:f7:eb:a2:1b:05:1e:82:14:b9:5f:3e:88:b1:
c9:50:cc:4a:35:20:f7:55:41:e0:97:b9:c8:6f:34:
b4:ad:5d:fd:48:3b:8d:89:1c:18:66:23:90:8a:6c:
f2:ed:fc:92:56:9f:cc:9a:3c:c4:c9:1c:fc:f5:37:
a6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5F:34:26:18:FB:3C:13:DF:26:F2:DB:8E:A1:5E:E6:76:D2:18:3F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/eF80Jhj7PBPfJvLbjqFe5nbSGD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:ad:91:fe:cc:b9:77:df:3d:af:df:fd:5e:62:6c:90:5c:72:
ab:ff:ac:72:d9:86:50:35:1c:f0:f2:95:c3:22:bd:82:e5:28:
3e:42:11:b2:98:6a:fb:98:e7:f8:e4:bd:95:b2:17:47:61:f9:
d3:68:7c:84:57:af:01:86:57:34:5c:8b:ce:fe:db:c9:50:be:
ff:9b:cb:97:05:1e:ad:b6:19:ff:30:49:72:69:f6:3a:bd:92:
48:9d:db:e6:36:b4:ea:25:4a:51:06:89:ee:71:c1:1e:ac:e8:
d1:4c:ec:9a:19:60:a0:c6:8f:3c:17:e6:26:34:cb:4e:ce:3c:
0f:ed:d8:8b:d9:2e:4e:23:77:91:04:b0:0e:35:6d:af:b1:81:
8f:e8:3a:58:35:33:e0:d1:39:b2:69:8e:d5:1f:d1:27:6d:42:
f0:98:ca:5a:06:a5:1d:2b:81:2d:9d:14:d7:91:60:84:be:ee:
67:1a:91:e7:22:b2:8e:c0:e0:8a:54:47:ab:56:58:06:28:9a:
e0:7e:c2:3a:f8:12:35:75:e6:9c:c2:e2:e6:3d:55:60:1e:05:
08:cc:1a:39:b1:34:2c:3a:39:f3:4f:62:44:ab:54:02:56:67:
3a:f8:49:20:30:45:1d:9f:64:3a:b3:05:b8:3e:49:f4:6c:9b:
f6:3f:8b:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYojySngq7HdJ4UOXmgEkFDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIzMTkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODVmMzQyNjE4ZmIzYzEzZGYyNmYyZGI4ZWExNWVlNjc2ZDIxODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwBhVpZdUAh8zJj0l1mYaoZL5loF
Jak8V9zHwyFU3vstDCR3KFLalvTGgYKof7yJmm6B6/vt3CQi/SLUTySHa2VtUwGd
1nMK4J5qTAWj14NWUz1VdiZniGqI5570lyNPI8Ue0PLuBtNxGfFkgCoXJx96vg4r
tZEa8KNtFlWLSb501dtjB6S6FgK4ktvyO2JspBxR8FNPooUu0g0woVIOzIL8G1Sx
mxIZoeq2oJ6kr5gfuTeBNjqq1qb9gOlsyivBL4bJvPfrohsFHoIUuV8+iLHJUMxK
NSD3VUHgl7nIbzS0rV39SDuNiRwYZiOQimzy7fySVp/MmjzEyRz89TemNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHhfNCYY+zwT3yby246hXuZ20hg/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZUY4MEpoajdQQlBmSnZMYmpxRmU1bmJTR0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABWtkf7MuXffPa/f/V5i
bJBccqv/rHLZhlA1HPDylcMivYLlKD5CEbKYavuY5/jkvZWyF0dh+dNofIRXrwGG
VzRci87+28lQvv+by5cFHq22Gf8wSXJp9jq9kkid2+Y2tOolSlEGie5xwR6s6NFM
7JoZYKDGjzwX5iY0y07OPA/t2IvZLk4jd5EEsA41ba+xgY/oOlg1M+DRObJpjtUf
0SdtQvCYyloGpR0rgS2dFNeRYIS+7mcakeciso7A4IpUR6tWWAYomuB+wjr4EjV1
5pzC4uY9VWAeBQjMGjmxNCw6OfNPYkSrVAJWZzr4SSAwRR2fZDqzBbg+SfRsm/Y/
i8A=
-----END CERTIFICATE-----
Generated at Thu May 1 18:03:45 2025 by rpki-client