Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/em3w7mnL0Las3Dgy95SlIwzqQaQ.roa
File: em3w7mnL0Las3Dgy95SlIwzqQaQ.roa (raw, json)
Hash identifier: jSE5w4QG2j03wrf9Vr8jfhEETVoyfy6oNtHh7fKIOCE=
Subject key identifier: 7A:6D:F0:EE:69:CB:D0:B6:AC:DC:38:32:F7:94:A5:23:0C:EA:41:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868957C2591906CF68927AD5C921717A9B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/em3w7mnL0Las3Dgy95SlIwzqQaQ.roa
Signing time: Sat 25 Feb 2023 16:11:15 +0000
ROA not before: Sat 25 Feb 2023 16:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:57:c2:59:19:06:cf:68:92:7a:d5:c9:21:71:7a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 16:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a6df0ee69cbd0b6acdc3832f794a5230cea41a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7a:7e:50:60:f6:79:5e:ad:97:06:96:af:95:
97:d2:f4:f8:e1:6d:76:a5:53:74:39:51:8d:49:bf:
43:bc:da:81:fc:fd:43:73:4a:59:2b:a2:6b:72:a0:
7e:05:e3:ce:17:00:21:76:91:65:7f:87:28:ac:51:
5d:ac:b6:91:33:52:d5:66:66:98:18:dd:c7:e7:27:
0b:b5:14:eb:f2:72:99:7b:5f:c0:fe:5d:b2:d1:cd:
bf:ff:1f:fd:62:e5:64:c6:f3:1c:53:a5:4d:bb:5b:
f6:d5:81:6a:3e:0d:43:c0:ab:4a:29:9d:63:e8:38:
43:a6:0f:05:da:57:9b:29:b8:0f:db:0c:21:6c:76:
b4:05:3f:5d:0f:60:f2:ef:a8:d7:b3:56:01:08:08:
cc:6f:46:bc:6c:81:dd:38:d3:05:cd:6f:85:3d:ed:
0e:18:e5:9e:b4:cb:30:16:d7:d3:5e:a2:b4:db:3d:
13:d8:e4:31:c7:fc:a3:61:1d:7e:2e:14:40:77:1b:
bf:48:4a:7c:42:54:52:a4:fe:da:d9:ed:b1:04:5d:
bd:23:b1:19:ae:85:bb:77:e5:0e:1e:b8:d9:73:96:
94:ba:41:67:0e:7e:9e:f8:94:0f:4b:44:09:97:6d:
c4:87:6b:7a:b4:56:0c:ca:c3:8f:16:49:a7:15:83:
21:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6D:F0:EE:69:CB:D0:B6:AC:DC:38:32:F7:94:A5:23:0C:EA:41:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/em3w7mnL0Las3Dgy95SlIwzqQaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:35:0f:90:a0:85:9a:6c:30:19:0c:f2:5a:9a:ff:c6:29:63:
39:2e:a1:1a:ac:6a:b2:f4:77:88:34:63:8d:8f:e0:98:8a:ef:
e8:fe:cc:e2:a1:c7:0b:a5:54:59:28:6e:6f:8e:a1:1f:b0:c2:
b9:20:43:ba:44:b0:9f:4c:7d:d5:8a:03:70:f6:19:42:1e:2a:
9c:7b:ef:79:7e:7d:a1:8c:e5:da:e0:86:c1:f5:13:a4:b9:13:
2b:66:38:27:ea:7f:56:e6:27:d0:83:61:38:b5:d0:1f:03:f4:
fe:7d:cc:15:eb:93:5d:54:0a:34:56:ee:e8:41:4b:26:71:b8:
c8:99:6a:81:bb:f7:30:f0:4b:54:de:f6:41:99:13:29:28:e5:
93:b3:d6:4c:92:1a:b2:46:0f:44:6b:99:3a:ac:bc:17:13:e9:
ae:1d:b3:66:b7:83:e4:0a:a2:50:6a:47:56:11:76:10:ef:c0:
e1:3a:b9:d0:a1:58:5a:45:b0:81:6c:f9:14:f9:b2:70:eb:2e:
d1:c1:cd:ab:75:02:a7:83:0b:38:7b:ae:33:9b:a4:10:c6:60:
9c:b5:c9:fd:9b:0b:12:11:fb:ed:a7:f1:fe:b0:1a:27:e0:67:
35:f4:a0:75:2f:b2:e7:56:0c:f8:cb:df:2d:73:bf:47:73:fa:
46:9e:34:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaJV8JZGQbPaJJ61ckhcXqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTYxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTZkZjBlZTY5Y2JkMGI2YWNkYzM4MzJmNzk0YTUyMzBjZWE0MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3p+UGD2eV6tlwaWr5WX0vT44W12
pVN0OVGNSb9DvNqB/P1Dc0pZK6JrcqB+BePOFwAhdpFlf4corFFdrLaRM1LVZmaY
GN3H5ycLtRTr8nKZe1/A/l2y0c2//x/9YuVkxvMcU6VNu1v21YFqPg1DwKtKKZ1j
6DhDpg8F2lebKbgP2wwhbHa0BT9dD2Dy76jXs1YBCAjMb0a8bIHdONMFzW+FPe0O
GOWetMswFtfTXqK02z0T2OQxx/yjYR1+LhRAdxu/SEp8QlRSpP7a2e2xBF29I7EZ
roW7d+UOHrjZc5aUukFnDn6e+JQPS0QJl23Eh2t6tFYMysOPFkmnFYMhOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHpt8O5py9C2rNw4MveUpSMM6kGkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZW0zdzdtbkwwTGFzM0RneTk1U2xJd3pxUWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKw1D5CghZpsMBkM8lqa
/8YpYzkuoRqsarL0d4g0Y42P4JiK7+j+zOKhxwulVFkobm+OoR+wwrkgQ7pEsJ9M
fdWKA3D2GUIeKpx773l+faGM5drghsH1E6S5EytmOCfqf1bmJ9CDYTi10B8D9P59
zBXrk11UCjRW7uhBSyZxuMiZaoG79zDwS1Te9kGZEyko5ZOz1kySGrJGD0RrmTqs
vBcT6a4ds2a3g+QKolBqR1YRdhDvwOE6udChWFpFsIFs+RT5snDrLtHBzat1AqeD
Czh7rjObpBDGYJy1yf2bCxIR++2n8f6wGifgZzX0oHUvsudWDPjL3y1zv0dz+kae
NBI=
-----END CERTIFICATE-----
Generated at Thu May 1 10:36:58 2025 by rpki-client