Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h5iUkOk-ZsOaKQ0feuvEqFJPgeY.roa
File: h5iUkOk-ZsOaKQ0feuvEqFJPgeY.roa (raw, json)
Hash identifier: uqP2a5nbeDziGe48vkJ8QQU+dEK3/xLJcLZCrQbVQWc=
Subject key identifier: 87:98:94:90:E9:3E:66:C3:9A:29:0D:1F:7A:EB:C4:A8:52:4F:81:E6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187650F6D852BCB88D2560E85F4F5775B5B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h5iUkOk-ZsOaKQ0feuvEqFJPgeY.roa
Signing time: Sun 09 Apr 2023 08:08:42 +0000
ROA not before: Sun 09 Apr 2023 08:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:65:0f:6d:85:2b:cb:88:d2:56:0e:85:f4:f5:77:5b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 9 08:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87989490e93e66c39a290d1f7aebc4a8524f81e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6f:82:68:c7:26:53:2c:35:c0:6a:d5:cd:98:
a6:ee:3b:ba:ba:7c:88:3c:35:51:ef:e1:5b:95:ef:
2c:22:14:8d:34:8a:73:ae:0d:5c:1e:b8:45:69:34:
e8:f6:dd:d0:7c:59:e2:14:fa:a0:7b:e9:38:3a:c2:
20:5a:bf:a1:90:7c:6a:02:99:cd:c1:0a:0e:b6:b4:
ca:51:c5:c6:37:eb:bc:f0:d5:be:69:ac:c6:72:a9:
ea:88:39:81:52:62:bf:db:58:57:05:bd:2b:f7:27:
68:a5:11:21:c8:a1:2b:ab:88:98:ec:27:dd:d6:5f:
b7:66:94:8e:53:e7:9a:77:b4:00:40:69:2d:73:c7:
f9:22:7e:8c:84:62:92:b9:c9:7f:e7:d4:98:cc:9d:
f0:97:90:c2:08:f3:24:cd:a1:b8:97:6f:e2:67:3f:
36:d5:66:6d:d5:b2:10:e7:09:2d:2e:d1:da:b5:f2:
25:2d:b4:39:bf:ee:6f:e7:08:23:74:94:6a:d6:e4:
d8:a0:59:1f:ad:af:bb:95:cc:b1:37:15:f2:12:1b:
27:45:ea:fe:2b:1c:f8:ce:37:42:6a:7e:31:09:23:
56:1f:e4:f4:d2:75:aa:cb:29:85:e1:0e:7b:42:52:
2a:ca:6e:d5:17:29:e7:ac:df:f8:4d:11:5e:87:4d:
a4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:98:94:90:E9:3E:66:C3:9A:29:0D:1F:7A:EB:C4:A8:52:4F:81:E6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h5iUkOk-ZsOaKQ0feuvEqFJPgeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:18:77:47:d7:d9:16:51:c9:84:a7:3e:6f:cd:f0:0a:52:de:
fc:e3:62:a4:eb:4d:fb:63:f8:0c:9b:80:e9:6a:d3:97:d9:cc:
3a:8a:13:f3:f4:d9:2b:c7:26:75:09:cc:b8:4f:2e:5f:57:aa:
13:12:34:5c:5a:f2:d6:02:15:20:c8:88:23:e8:63:dc:ae:ec:
8f:0e:d1:8a:b5:4e:c6:a3:e0:7a:bb:af:44:da:16:d2:bb:e5:
b2:62:7f:99:20:62:49:c0:69:a8:5a:70:0e:fe:01:59:cb:cd:
67:51:71:8f:2f:7b:f1:63:3e:d4:4a:d6:98:b8:9c:d3:6a:71:
b4:f8:d3:34:2a:f2:4e:50:28:26:2f:2d:69:b5:fb:f5:64:21:
05:11:b8:3c:0e:96:51:08:af:f2:df:aa:ca:fd:38:d3:e7:c4:
01:32:01:71:0a:e8:52:18:e9:6b:9f:c4:0a:4c:d2:38:0a:b9:
a1:43:cc:0c:f5:b4:98:c3:98:28:73:54:f6:9c:62:ab:67:cd:
55:fe:e1:2d:46:3c:3b:48:d2:43:a6:ae:08:67:ce:c9:52:6e:
8a:c4:ff:b7:3b:bd:17:2f:ef:e4:51:4b:70:61:28:f2:21:7a:
59:4c:e5:bc:a5:53:56:1f:56:c3:f3:d2:16:b8:ee:4c:11:6c:
2e:d9:25:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdlD22FK8uI0lYOhfT1d1tbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA5MDgwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk4OTQ5MGU5M2U2NmMzOWEyOTBkMWY3YWViYzRhODUyNGY4MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG+CaMcmUyw1wGrVzZim7ju6unyI
PDVR7+Fble8sIhSNNIpzrg1cHrhFaTTo9t3QfFniFPqge+k4OsIgWr+hkHxqApnN
wQoOtrTKUcXGN+u88NW+aazGcqnqiDmBUmK/21hXBb0r9ydopREhyKErq4iY7Cfd
1l+3ZpSOU+ead7QAQGktc8f5In6MhGKSucl/59SYzJ3wl5DCCPMkzaG4l2/iZz82
1WZt1bIQ5wktLtHatfIlLbQ5v+5v5wgjdJRq1uTYoFkfra+7lcyxNxXyEhsnRer+
Kxz4zjdCan4xCSNWH+T00nWqyymF4Q57QlIqym7VFynnrN/4TRFeh02kSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIeYlJDpPmbDmikNH3rrxKhST4HmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaDVpVWtPay1ac09hS1EwZmV1dkVxRkpQZ2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEIYd0fX2RZRyYSnPm/N
8ApS3vzjYqTrTftj+AybgOlq05fZzDqKE/P02SvHJnUJzLhPLl9XqhMSNFxa8tYC
FSDIiCPoY9yu7I8O0Yq1Tsaj4Hq7r0TaFtK75bJif5kgYknAaahacA7+AVnLzWdR
cY8ve/FjPtRK1pi4nNNqcbT40zQq8k5QKCYvLWm1+/VkIQURuDwOllEIr/Lfqsr9
ONPnxAEyAXEK6FIY6WufxApM0jgKuaFDzAz1tJjDmChzVPacYqtnzVX+4S1GPDtI
0kOmrghnzslSborE/7c7vRcv7+RRS3BhKPIhellM5bylU1YfVsPz0ha47kwRbC7Z
JUI=
-----END CERTIFICATE-----
Generated at Sat May 3 22:00:14 2025 by rpki-client