Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jJU3KBiHxMb1enqosHJ9AN4JGlk.roa
File: jJU3KBiHxMb1enqosHJ9AN4JGlk.roa (raw, json)
Hash identifier: kOsQXuPhC+oUq1V7WiuTzkCQHc9Mk/lNPdyroj80aOE=
Subject key identifier: 8C:95:37:28:18:87:C4:C6:F5:7A:7A:A8:B0:72:7D:00:DE:09:1A:59
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856B1785DA88D0350305FD4C58DB677740
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jJU3KBiHxMb1enqosHJ9AN4JGlk.roa
Signing time: Sun 01 Jan 2023 02:09:41 +0000
ROA not before: Sun 01 Jan 2023 02:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:17:85:da:88:d0:35:03:05:fd:4c:58:db:67:77:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 02:09:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c9537281887c4c6f57a7aa8b0727d00de091a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fd:5d:4e:7a:5d:4b:37:3b:26:57:23:c3:2d:
0a:26:db:a8:c6:1c:03:52:f9:25:99:79:11:78:a1:
05:5c:fd:05:6c:8d:22:ee:50:cb:af:9d:4b:87:cb:
d0:2a:9a:03:59:2a:cd:14:b3:cf:69:8a:e7:a4:95:
2b:6a:bb:00:2a:98:91:e5:eb:88:ca:3b:b3:9f:35:
9a:a8:de:77:42:03:55:01:93:ab:92:8f:ac:3f:09:
36:3b:6c:cd:2a:7f:7c:c9:54:59:f5:d0:46:5f:39:
45:af:61:e8:c9:38:f9:fd:95:20:a3:8c:9b:b3:14:
f7:2c:5f:cb:88:9e:ca:cb:d4:d9:40:a4:01:e6:ac:
52:e9:3e:dc:4c:81:3a:18:16:d5:e6:13:14:b4:18:
ae:55:34:ec:04:8a:45:c0:73:44:70:aa:de:96:24:
00:60:06:5e:55:8d:72:ce:cf:f6:31:20:d0:b0:fc:
03:0b:04:b7:3d:0c:01:e1:fa:a6:e8:74:09:14:01:
bf:1b:39:c1:d1:58:b2:1d:b2:b5:9e:f0:ab:23:29:
aa:fc:ee:c2:76:12:4d:15:ad:df:ea:bb:e3:97:4c:
5e:af:93:07:0f:1f:04:de:54:b7:85:b8:bd:60:96:
98:8c:0b:c6:9a:51:0e:03:24:38:1b:74:11:42:62:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:95:37:28:18:87:C4:C6:F5:7A:7A:A8:B0:72:7D:00:DE:09:1A:59
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jJU3KBiHxMb1enqosHJ9AN4JGlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:26:da:e8:81:88:89:ef:c0:15:70:0f:05:59:2e:2e:30:b6:
44:90:66:0d:ca:8a:2b:80:fa:01:ac:48:51:ed:c1:f4:33:b0:
5d:94:14:03:e7:24:dc:6c:63:d6:7e:80:db:eb:68:4a:7b:88:
ca:a4:55:d9:19:fe:f0:09:0b:31:3f:d5:ba:7f:5a:be:4e:16:
49:c4:03:5e:01:2d:e6:b1:2e:58:e3:64:37:c0:7d:59:11:be:
79:f0:71:ad:52:32:01:f9:a5:ca:30:06:ad:cc:10:4a:c2:4c:
da:f7:04:84:b1:dc:13:56:2e:96:d7:22:50:9a:61:0d:9a:33:
dd:5e:4b:79:7c:78:b9:af:93:bf:73:34:ba:37:57:8b:0c:8b:
8d:38:98:94:aa:c7:9d:52:56:9d:b3:73:14:21:56:cd:3e:23:
a8:e3:77:9b:60:82:59:c1:cb:d3:2e:43:a5:2c:6b:f8:1c:32:
22:0e:a1:1d:64:be:8b:f9:b4:8e:b7:83:d8:a6:58:33:72:20:
19:ed:bf:1d:d0:7d:7a:d4:8b:9e:6a:30:37:59:89:01:51:8f:
92:49:68:cc:82:0d:08:11:3f:bb:76:7f:6e:2d:7d:0d:78:ee:
bc:1c:61:36:f7:b7:dd:29:9c:54:91:0a:e2:e7:ad:ab:26:90:
c5:03:19:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrF4XaiNA1AwX9TFjbZ3dAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMDIwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzk1MzcyODE4ODdjNGM2ZjU3YTdhYThiMDcyN2QwMGRlMDkxYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf1dTnpdSzc7Jlcjwy0KJtuoxhwD
UvklmXkReKEFXP0FbI0i7lDLr51Lh8vQKpoDWSrNFLPPaYrnpJUrarsAKpiR5euI
yjuznzWaqN53QgNVAZOrko+sPwk2O2zNKn98yVRZ9dBGXzlFr2HoyTj5/ZUgo4yb
sxT3LF/LiJ7Ky9TZQKQB5qxS6T7cTIE6GBbV5hMUtBiuVTTsBIpFwHNEcKreliQA
YAZeVY1yzs/2MSDQsPwDCwS3PQwB4fqm6HQJFAG/GznB0ViyHbK1nvCrIymq/O7C
dhJNFa3f6rvjl0xer5MHDx8E3lS3hbi9YJaYjAvGmlEOAyQ4G3QRQmItUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIyVNygYh8TG9Xp6qLByfQDeCRpZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvakpVM0tCaUh4TWIxZW5xb3NISjlBTjRKR2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMm2uiBiInvwBVwDwVZ
Li4wtkSQZg3KiiuA+gGsSFHtwfQzsF2UFAPnJNxsY9Z+gNvraEp7iMqkVdkZ/vAJ
CzE/1bp/Wr5OFknEA14BLeaxLljjZDfAfVkRvnnwca1SMgH5pcowBq3MEErCTNr3
BISx3BNWLpbXIlCaYQ2aM91eS3l8eLmvk79zNLo3V4sMi404mJSqx51SVp2zcxQh
Vs0+I6jjd5tgglnBy9MuQ6Usa/gcMiIOoR1kvov5tI63g9imWDNyIBntvx3QfXrU
i55qMDdZiQFRj5JJaMyCDQgRP7t2f24tfQ147rwcYTb3t90pnFSRCuLnrasmkMUD
GUE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:02:19 2025 by rpki-client