Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/egYJXRUFXfFs5bTb527vLsdc8CU.roa
File: egYJXRUFXfFs5bTb527vLsdc8CU.roa (raw, json)
Hash identifier: LuykTewnhzkB3aVayMRmyT3zQkDRT7zJmXpc2JcvPUY=
Subject key identifier: 7A:06:09:5D:15:05:5D:F1:6C:E5:B4:DB:E7:6E:EF:2E:C7:5C:F0:25
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186827B276782D0635895F416FC432A7A34
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/egYJXRUFXfFs5bTb527vLsdc8CU.roa
Signing time: Fri 24 Feb 2023 08:12:33 +0000
ROA not before: Fri 24 Feb 2023 08:12:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:7b:27:67:82:d0:63:58:95:f4:16:fc:43:2a:7a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 08:12:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a06095d15055df16ce5b4dbe76eef2ec75cf025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:2b:d6:75:18:43:e2:32:e6:de:13:f2:ec:
f3:fb:ab:5f:c1:fb:2f:5b:6c:2b:78:7f:ba:81:9b:
b1:3c:40:d7:38:f3:8a:a3:43:d5:dd:35:8b:0a:6a:
11:cd:81:e1:04:a2:7e:0b:48:f8:c1:5f:07:20:83:
08:25:41:41:9c:82:2a:c2:95:5c:50:28:5f:9e:4c:
fa:83:52:08:d1:f3:97:e6:f2:51:98:11:5e:0d:30:
e0:f5:5c:42:57:aa:e5:e9:0d:e9:0f:fd:f0:23:1b:
36:d9:5f:be:08:b9:80:85:b8:38:64:89:f2:da:5e:
13:61:49:66:2f:99:16:f0:55:e5:dc:1a:97:96:12:
68:3b:02:99:3b:76:c9:bb:0a:7d:86:a8:ab:29:b3:
1e:dd:9c:23:0e:29:e7:af:38:06:9f:de:6c:27:04:
fd:ed:75:3a:0c:9f:37:b5:db:54:c5:d3:be:64:9b:
f1:38:4f:7a:82:c4:6f:d1:1f:10:6d:cc:05:fe:01:
6b:77:95:36:11:31:76:0e:c1:4d:a9:b4:da:e7:11:
06:e0:bf:3a:09:79:54:50:d2:32:b4:54:15:47:3c:
6e:64:6d:fd:bd:8b:c2:ca:e8:80:fb:42:35:ed:43:
52:ed:9b:b9:eb:18:a0:30:9d:97:44:22:a4:8e:9b:
cf:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:06:09:5D:15:05:5D:F1:6C:E5:B4:DB:E7:6E:EF:2E:C7:5C:F0:25
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/egYJXRUFXfFs5bTb527vLsdc8CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:b1:c8:be:df:9f:2b:60:e9:a2:db:9f:98:86:28:19:5c:c9:
c7:b3:7a:2c:51:6c:b8:e7:e0:af:3a:c9:6d:97:11:cb:94:99:
7e:44:1b:d1:f7:03:26:a2:7e:62:df:92:fc:38:ab:82:84:20:
55:e6:8c:1b:74:f9:4a:2d:ce:33:47:ee:d8:cc:5f:71:e9:d9:
ce:76:85:67:be:72:91:6b:f3:77:d8:70:40:2f:22:25:7f:dd:
c9:d5:e9:47:27:0e:cd:d5:ef:bd:21:43:79:35:9b:4b:92:7e:
6e:05:b7:ad:eb:58:fb:9c:42:a3:3f:c3:65:33:bd:de:b0:81:
03:06:05:ca:1e:6f:56:f5:aa:e9:27:c7:7a:10:a7:79:9f:de:
7c:92:6a:bb:0f:d2:a5:be:b3:c7:01:fa:22:0d:eb:8d:4e:f2:
f6:09:06:f0:de:98:e7:ac:6c:c6:05:3c:13:51:26:86:50:44:
09:67:f7:8b:52:3d:f8:27:d5:57:96:3e:b2:7f:fb:92:8d:e9:
22:a3:d5:3c:7b:b8:f3:69:37:77:cd:2d:cb:64:0b:5f:18:a8:
1c:d8:d4:c1:eb:6d:62:88:c3:40:dc:2d:78:a3:b5:f0:5c:6b:
33:77:80:85:88:0b:65:d2:00:66:da:a6:4a:fc:06:97:ea:6e:
49:be:8f:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaCeydngtBjWJX0FvxDKno0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MDgxMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTA2MDk1ZDE1MDU1ZGYxNmNlNWI0ZGJlNzZlZWYyZWM3NWNmMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosUr1nUYQ+Iy5t4T8uzz+6tfwfsv
W2wreH+6gZuxPEDXOPOKo0PV3TWLCmoRzYHhBKJ+C0j4wV8HIIMIJUFBnIIqwpVc
UChfnkz6g1II0fOX5vJRmBFeDTDg9VxCV6rl6Q3pD/3wIxs22V++CLmAhbg4ZIny
2l4TYUlmL5kW8FXl3BqXlhJoOwKZO3bJuwp9hqirKbMe3ZwjDinnrzgGn95sJwT9
7XU6DJ83tdtUxdO+ZJvxOE96gsRv0R8QbcwF/gFrd5U2ETF2DsFNqbTa5xEG4L86
CXlUUNIytFQVRzxuZG39vYvCyuiA+0I17UNS7Zu56xigMJ2XRCKkjpvPewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHoGCV0VBV3xbOW02+du7y7HXPAlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZWdZSlhSVUZYZkZzNWJUYjUyN3ZMc2RjOENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEOxyL7fnytg6aLbn5iG
KBlcycezeixRbLjn4K86yW2XEcuUmX5EG9H3AyaifmLfkvw4q4KEIFXmjBt0+Uot
zjNH7tjMX3Hp2c52hWe+cpFr83fYcEAvIiV/3cnV6UcnDs3V770hQ3k1m0uSfm4F
t63rWPucQqM/w2Uzvd6wgQMGBcoeb1b1quknx3oQp3mf3nySarsP0qW+s8cB+iIN
641O8vYJBvDemOesbMYFPBNRJoZQRAln94tSPfgn1VeWPrJ/+5KN6SKj1Tx7uPNp
N3fNLctkC18YqBzY1MHrbWKIw0DcLXijtfBcazN3gIWIC2XSAGbapkr8Bpfqbkm+
jyU=
-----END CERTIFICATE-----
Generated at Thu May 1 12:29:40 2025 by rpki-client