Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/eMRz9OiATdAXWq1zo46mUeefOsA.roa
File: eMRz9OiATdAXWq1zo46mUeefOsA.roa (raw, json)
Hash identifier: Sosr5Uc3OO1dFfP+5ze+Iuve4Gg6umBKvy0zzpE3k+4=
Subject key identifier: 78:C4:73:F4:E8:80:4D:D0:17:5A:AD:73:A3:8E:A6:51:E7:9F:3A:C0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018625C7640F5BBBE34E4D4AC6ACBCED5A1D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/eMRz9OiATdAXWq1zo46mUeefOsA.roa
Signing time: Mon 06 Feb 2023 08:11:09 +0000
ROA not before: Mon 06 Feb 2023 08:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:c7:64:0f:5b:bb:e3:4e:4d:4a:c6:ac:bc:ed:5a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 6 08:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78c473f4e8804dd0175aad73a38ea651e79f3ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:7b:9f:97:ce:6a:89:35:17:32:a0:f0:d9:
1a:4d:a9:67:f7:b1:28:b5:bd:80:25:c8:ac:f8:9a:
a0:f4:03:d1:17:95:3a:cf:c5:90:40:17:56:00:89:
fe:d0:56:61:8d:f0:2a:48:32:32:d7:97:e0:ce:cc:
73:04:34:ad:17:27:f3:f8:b2:18:6c:16:41:62:a6:
b3:7a:5a:a3:67:34:9b:06:8c:99:cd:7f:c9:06:d1:
13:a9:0e:7a:fe:9a:67:9b:a4:56:7b:95:67:10:0d:
ca:5f:a6:a1:90:7e:fe:4b:c9:2b:de:4c:46:fd:cb:
87:19:3d:af:28:21:f1:2d:c9:6f:b5:97:7c:d5:d6:
5b:4b:7b:ea:ed:c9:ef:04:43:e1:20:0b:38:ee:7b:
c9:0b:49:7c:4a:23:34:c9:09:f9:03:b3:44:51:5b:
e9:6a:29:38:62:58:12:99:3c:02:63:94:8b:d4:20:
33:6b:e5:28:3f:5a:c7:db:b1:8c:bb:e9:92:19:94:
61:95:cf:6c:0e:cf:15:12:ae:e8:54:80:f6:00:85:
18:99:0e:1e:af:d4:e2:cd:a3:00:98:15:b4:b3:c8:
5b:6d:9f:fb:b0:15:d0:f8:c4:78:29:af:d1:65:d6:
87:ab:fe:a4:92:6b:7c:9a:f2:60:e9:5b:fd:be:b7:
d4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C4:73:F4:E8:80:4D:D0:17:5A:AD:73:A3:8E:A6:51:E7:9F:3A:C0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/eMRz9OiATdAXWq1zo46mUeefOsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:82:62:dd:b5:9a:c2:e2:da:5c:cf:a6:e1:1d:61:96:d3:8f:
bb:51:4d:ca:aa:1c:93:60:b3:ed:31:bc:c7:24:99:5e:e7:2c:
74:e2:10:54:ab:e5:ca:56:5a:e2:fa:cf:a3:43:93:6e:c3:97:
b4:3c:af:e9:1a:b8:7d:26:43:80:91:de:df:1f:4b:19:53:31:
fe:72:d7:19:e0:4c:38:eb:d3:4c:c3:e4:a8:f8:fa:16:c3:d3:
1b:24:dc:c8:3e:75:b0:57:a2:9d:71:a1:ff:e3:77:5d:d1:d1:
9b:85:4f:6a:40:69:7d:c3:d3:5d:12:a2:7e:78:12:c7:05:94:
ea:76:ca:fd:84:69:bc:4b:7d:d3:8a:64:fb:23:24:40:bb:37:
c7:b1:a1:96:15:f5:da:a5:ca:85:d5:82:fe:0e:61:e3:a6:89:
77:f6:bc:61:ce:7e:19:f3:71:8f:8e:6c:8c:e2:62:26:ef:f0:
35:66:b7:ea:a1:87:dd:9d:c5:0c:84:4e:e2:ab:38:e1:8b:3e:
25:f2:d8:3c:c9:49:18:36:76:81:31:2e:3b:f0:8a:68:63:5d:
37:a8:30:69:3a:8c:a7:6a:af:02:57:9a:25:41:9e:82:58:fd:
50:72:5f:a7:49:f5:f8:64:15:f2:49:ec:81:97:84:d4:f0:73:
cf:bd:f9:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYlx2QPW7vjTk1Kxqy87VodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA2MDgxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGM0NzNmNGU4ODA0ZGQwMTc1YWFkNzNhMzhlYTY1MWU3OWYzYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBN7n5fOaok1FzKg8NkaTaln97Eo
tb2AJcis+Jqg9APRF5U6z8WQQBdWAIn+0FZhjfAqSDIy15fgzsxzBDStFyfz+LIY
bBZBYqazelqjZzSbBoyZzX/JBtETqQ56/ppnm6RWe5VnEA3KX6ahkH7+S8kr3kxG
/cuHGT2vKCHxLclvtZd81dZbS3vq7cnvBEPhIAs47nvJC0l8SiM0yQn5A7NEUVvp
aik4YlgSmTwCY5SL1CAza+UoP1rH27GMu+mSGZRhlc9sDs8VEq7oVID2AIUYmQ4e
r9TizaMAmBW0s8hbbZ/7sBXQ+MR4Ka/RZdaHq/6kkmt8mvJg6Vv9vrfUWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHjEc/TogE3QF1qtc6OOplHnnzrAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZU1SejlPaUFUZEFYV3Exem80Nm1VZWVmT3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKeCYt21msLi2lzPpuEd
YZbTj7tRTcqqHJNgs+0xvMckmV7nLHTiEFSr5cpWWuL6z6NDk27Dl7Q8r+kauH0m
Q4CR3t8fSxlTMf5y1xngTDjr00zD5Kj4+hbD0xsk3Mg+dbBXop1xof/jd13R0ZuF
T2pAaX3D010Son54EscFlOp2yv2EabxLfdOKZPsjJEC7N8exoZYV9dqlyoXVgv4O
YeOmiXf2vGHOfhnzcY+ObIziYibv8DVmt+qhh92dxQyETuKrOOGLPiXy2DzJSRg2
doExLjvwimhjXTeoMGk6jKdqrwJXmiVBnoJY/VByX6dJ9fhkFfJJ7IGXhNTwc8+9
+bQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:36:49 2025 by rpki-client