Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ealq6kygEyHJos4OMIN7grMNqr4.roa
File: ealq6kygEyHJos4OMIN7grMNqr4.roa (raw, json)
Hash identifier: EgRcoZp3eXFXoYMP9jxnrFwZdfFtJAvn3kaIjDIXl5I=
Subject key identifier: 79:A9:6A:EA:4C:A0:13:21:C9:A2:CE:0E:30:83:7B:82:B3:0D:AA:BE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01859AF13CEE88A1307A6A428554BED2B6E6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ealq6kygEyHJos4OMIN7grMNqr4.roa
Signing time: Tue 10 Jan 2023 09:09:39 +0000
ROA not before: Tue 10 Jan 2023 09:09:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:f1:3c:ee:88:a1:30:7a:6a:42:85:54:be:d2:b6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 10 09:09:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79a96aea4ca01321c9a2ce0e30837b82b30daabe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d5:b9:e8:9a:2c:e1:99:5a:2f:a1:70:a9:89:
28:c1:3d:55:2a:23:e2:99:64:12:62:e6:7c:46:93:
25:96:66:b8:92:c9:c1:58:b8:c6:ac:4b:bd:4d:72:
5c:07:62:8d:56:8e:64:87:e4:32:f4:5a:a4:89:79:
33:cc:ca:55:42:52:62:f5:5c:18:12:57:4b:5d:32:
1d:1f:11:f5:2c:50:8d:9f:5d:78:28:b6:cc:8f:d9:
90:6e:1d:26:6d:a9:d1:26:70:ef:4e:41:99:9a:33:
9f:bc:e2:bc:3e:7c:20:fe:43:57:87:24:fa:0b:65:
04:e8:5d:39:38:f6:e5:75:54:8d:b4:ff:d0:c9:18:
58:4a:e2:05:be:72:a1:81:9a:e1:6f:5c:9c:f9:e9:
4b:86:e2:6f:b2:19:dd:92:9c:53:17:2f:50:3a:3c:
db:47:9a:93:83:de:c0:5e:45:bf:7f:21:33:b1:c7:
45:df:ef:4b:7e:c7:33:45:98:8e:a5:3c:29:4e:14:
61:55:7e:65:42:17:cf:9c:00:a3:0a:28:df:55:ec:
57:d0:fa:43:ba:98:df:a7:a4:5d:d7:c6:19:8a:86:
bb:65:6b:a5:1a:37:84:ac:dd:38:b7:83:ac:c0:c9:
f6:97:77:2a:7f:09:04:c2:da:32:d7:f5:27:a8:96:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A9:6A:EA:4C:A0:13:21:C9:A2:CE:0E:30:83:7B:82:B3:0D:AA:BE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ealq6kygEyHJos4OMIN7grMNqr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:00:60:65:f8:60:d9:a6:35:5f:38:19:04:87:c9:0c:8d:c2:
54:c8:c7:22:b5:25:8b:2c:0e:91:bd:ae:6c:7b:04:71:0d:9d:
86:c9:87:2a:69:76:b3:dc:38:67:49:c3:98:9e:42:d4:50:06:
25:79:1f:9a:98:f1:0a:2a:5d:59:77:c6:67:26:0e:e5:d2:cb:
04:97:a6:ab:a2:9a:1b:af:60:53:e3:d5:27:96:cb:31:91:c6:
6b:13:72:c0:14:02:01:b1:ae:25:ce:c4:9d:3d:f7:b4:73:5c:
fd:e4:57:4a:00:e9:b4:f7:33:19:b7:6a:91:3e:43:ec:26:1b:
26:e6:f5:2a:ce:84:a4:87:06:54:7d:75:2f:e3:e8:72:a5:76:
58:05:3c:44:4b:4b:00:8d:65:c7:fc:11:ec:95:a9:ed:60:24:
db:44:e9:ec:fa:36:e3:60:2f:ee:5a:fd:bc:07:32:d0:c5:ac:
24:3c:ee:fc:34:de:de:1d:5d:a3:26:c9:4c:7a:0d:80:8c:cc:
92:1b:ef:af:e0:3a:7f:0d:e2:37:43:00:2c:2f:20:44:09:56:
d4:fa:6f:43:dd:4b:e5:5e:3e:92:a4:f4:03:e0:b6:86:76:3b:
e3:2c:0a:68:7f:9d:22:6f:30:26:be:b2:e5:d3:db:07:ef:70:
64:64:32:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWa8TzuiKEwempChVS+0rbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEwMDkwOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE5NmFlYTRjYTAxMzIxYzlhMmNlMGUzMDgzN2I4MmIzMGRhYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdW56Jos4ZlaL6FwqYkowT1VKiPi
mWQSYuZ8RpMllma4ksnBWLjGrEu9TXJcB2KNVo5kh+Qy9FqkiXkzzMpVQlJi9VwY
EldLXTIdHxH1LFCNn114KLbMj9mQbh0mbanRJnDvTkGZmjOfvOK8Pnwg/kNXhyT6
C2UE6F05OPbldVSNtP/QyRhYSuIFvnKhgZrhb1yc+elLhuJvshndkpxTFy9QOjzb
R5qTg97AXkW/fyEzscdF3+9LfsczRZiOpTwpThRhVX5lQhfPnACjCijfVexX0PpD
upjfp6Rd18YZioa7ZWulGjeErN04t4OswMn2l3cqfwkEwtoy1/UnqJb52wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHmpaupMoBMhyaLODjCDe4KzDaq+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZWFscTZreWdFeUhKb3M0T01JTjdnck1OcXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEYAYGX4YNmmNV84GQSH
yQyNwlTIxyK1JYssDpG9rmx7BHENnYbJhyppdrPcOGdJw5ieQtRQBiV5H5qY8Qoq
XVl3xmcmDuXSywSXpquimhuvYFPj1SeWyzGRxmsTcsAUAgGxriXOxJ0997RzXP3k
V0oA6bT3Mxm3apE+Q+wmGybm9SrOhKSHBlR9dS/j6HKldlgFPERLSwCNZcf8EeyV
qe1gJNtE6ez6NuNgL+5a/bwHMtDFrCQ87vw03t4dXaMmyUx6DYCMzJIb76/gOn8N
4jdDACwvIEQJVtT6b0PdS+VePpKk9APgtoZ2O+MsCmh/nSJvMCa+suXT2wfvcGRk
Mt8=
-----END CERTIFICATE-----
Generated at Thu May 1 13:24:08 2025 by rpki-client