Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gO1GVmTGHcZe7_KlWVPTbt6RtyU.roa
File: gO1GVmTGHcZe7_KlWVPTbt6RtyU.roa (raw, json)
Hash identifier: 4dsFJdU+rMwRamuUkUBCQiIfqIoUWMhjVUh7URDqKaU=
Subject key identifier: 80:ED:46:56:64:C6:1D:C6:5E:EF:F2:A5:59:53:D3:6E:DE:91:B7:25
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185DC661B5E9025CA6D237FB108BB023C79
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gO1GVmTGHcZe7_KlWVPTbt6RtyU.roa
Signing time: Mon 23 Jan 2023 02:12:37 +0000
ROA not before: Mon 23 Jan 2023 02:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dc:66:1b:5e:90:25:ca:6d:23:7f:b1:08:bb:02:3c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 23 02:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ed465664c61dc65eeff2a55953d36ede91b725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:04:15:74:b3:17:80:bc:ae:c4:23:fc:41:77:
5e:14:b6:a5:55:b2:0a:6c:9f:28:c8:3c:c2:99:e9:
7a:c8:e8:76:ae:66:bd:69:00:70:73:16:9c:d9:e1:
d1:f8:7a:a5:2b:95:59:c3:e9:36:df:85:30:07:3f:
2d:7e:ed:e1:ab:01:51:cd:db:43:ad:dd:e2:fc:c7:
a5:d4:63:48:6c:c1:b0:30:a7:15:f9:d7:de:4b:e9:
60:9b:58:07:17:be:27:2e:52:aa:52:32:33:e1:59:
68:a2:b5:f9:5c:dc:51:0f:03:04:29:c3:54:09:82:
bf:df:e2:6e:29:da:ea:05:ae:36:1a:8a:de:c3:9c:
21:ec:d3:0a:b6:f2:f7:42:e7:e4:1a:5c:8f:7c:84:
ac:18:db:3f:23:8b:39:f5:d9:40:49:e1:b7:78:9a:
dd:f2:1f:a5:02:92:05:98:06:b9:fe:c4:c0:ce:17:
56:d6:ff:cc:38:ef:78:55:82:ca:ab:16:fb:6f:c1:
6a:48:ef:c3:bf:96:8c:2d:0d:fc:da:ba:7b:83:2e:
b7:14:9a:c4:e4:a8:5c:f9:64:4b:cf:0a:dc:45:bc:
c3:02:7b:27:c8:16:cf:4f:39:4a:22:6e:ab:d7:61:
4c:52:66:26:a0:06:46:19:d4:17:79:bd:24:a7:97:
65:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:ED:46:56:64:C6:1D:C6:5E:EF:F2:A5:59:53:D3:6E:DE:91:B7:25
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gO1GVmTGHcZe7_KlWVPTbt6RtyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:49:3b:85:25:3b:ee:f5:b6:1f:5e:d5:07:76:40:a9:b1:f6:
d9:8d:a1:2e:13:42:e8:6f:c7:2a:3d:f6:f8:dd:9e:1c:3d:31:
bf:41:c3:5c:4d:75:36:85:78:24:55:08:90:df:f1:f6:5b:8b:
0f:3a:df:24:47:b8:f2:46:1a:6a:6a:94:f8:06:09:60:cb:8f:
e8:f1:15:53:cc:cf:86:a2:da:4b:54:03:52:64:7a:ff:d8:cc:
96:0e:f8:b7:21:a6:57:f6:ce:3c:6b:b0:e6:90:18:6e:78:49:
0e:d6:4b:f2:f2:6d:86:f0:c3:b8:f3:e5:77:e8:89:20:ee:f0:
c2:ae:68:f3:af:b9:19:be:5b:bd:7d:fd:93:7e:1e:7c:68:4a:
69:5a:35:50:d1:30:80:3e:83:9a:6a:33:e3:b2:37:86:be:ff:
76:67:50:0f:16:c9:50:5c:a3:fd:fb:40:14:56:a7:40:63:b6:
62:c1:20:33:1a:b3:ed:4b:7e:06:38:63:af:c0:3d:28:52:69:
99:7a:8c:28:56:7f:96:fa:ea:c8:89:f4:95:26:ee:42:1a:2b:
be:ac:fd:ed:a7:24:38:18:7d:9b:c7:d1:a7:2e:10:45:b5:91:
39:a5:a8:d0:3b:b4:9c:3a:5b:5f:f8:53:ee:4d:81:35:9c:22:
b0:20:4c:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXcZhtekCXKbSN/sQi7Ajx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIzMDIxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGVkNDY1NjY0YzYxZGM2NWVlZmYyYTU1OTUzZDM2ZWRlOTFiNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAQVdLMXgLyuxCP8QXdeFLalVbIK
bJ8oyDzCmel6yOh2rma9aQBwcxac2eHR+HqlK5VZw+k234UwBz8tfu3hqwFRzdtD
rd3i/Mel1GNIbMGwMKcV+dfeS+lgm1gHF74nLlKqUjIz4VloorX5XNxRDwMEKcNU
CYK/3+JuKdrqBa42Gorew5wh7NMKtvL3QufkGlyPfISsGNs/I4s59dlASeG3eJrd
8h+lApIFmAa5/sTAzhdW1v/MOO94VYLKqxb7b8FqSO/Dv5aMLQ382rp7gy63FJrE
5Khc+WRLzwrcRbzDAnsnyBbPTzlKIm6r12FMUmYmoAZGGdQXeb0kp5dlewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIDtRlZkxh3GXu/ypVlT027ekbclMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ08xR1ZtVEdIY1plN19LbFdWUFRidDZSdHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNJO4UlO+71th9e1Qd2
QKmx9tmNoS4TQuhvxyo99vjdnhw9Mb9Bw1xNdTaFeCRVCJDf8fZbiw863yRHuPJG
GmpqlPgGCWDLj+jxFVPMz4ai2ktUA1Jkev/YzJYO+Lchplf2zjxrsOaQGG54SQ7W
S/LybYbww7jz5XfoiSDu8MKuaPOvuRm+W719/ZN+HnxoSmlaNVDRMIA+g5pqM+Oy
N4a+/3ZnUA8WyVBco/37QBRWp0BjtmLBIDMas+1LfgY4Y6/APShSaZl6jChWf5b6
6siJ9JUm7kIaK76s/e2nJDgYfZvH0acuEEW1kTmlqNA7tJw6W1/4U+5NgTWcIrAg
TGk=
-----END CERTIFICATE-----
Generated at Thu May 1 10:08:39 2025 by rpki-client