Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jSyTwLhEHg6haNWp69z8mRW_XUo.roa
File: jSyTwLhEHg6haNWp69z8mRW_XUo.roa (raw, json)
Hash identifier: HwXSvtZCXELwJMxJ0xo1fD2wGJ/L9HkjRZeVKv/ytHA=
Subject key identifier: 8D:2C:93:C0:B8:44:1E:0E:A1:68:D5:A9:EB:DC:FC:99:15:BF:5D:4A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A25FD218779911EC8F6EC1555017B68C5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jSyTwLhEHg6haNWp69z8mRW_XUo.roa
Signing time: Thu 24 Aug 2023 05:21:00 +0000
ROA not before: Thu 24 Aug 2023 05:21:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:25:fd:21:87:79:91:1e:c8:f6:ec:15:55:01:7b:68:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 05:21:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d2c93c0b8441e0ea168d5a9ebdcfc9915bf5d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:65:1a:d9:02:99:36:28:05:0a:6e:8a:16:2c:
79:1d:fa:64:ae:2d:69:79:8f:91:40:0f:7c:d9:14:
b2:6b:71:22:b0:6f:6f:ba:06:94:58:4b:13:2c:8e:
37:b2:6f:75:3d:be:0c:dc:23:91:db:4a:67:92:11:
6e:f5:f1:e4:d5:d8:3f:55:34:be:11:4b:f9:fd:8f:
d2:46:04:48:8a:23:90:6b:8a:f1:35:d4:c1:e9:79:
05:b5:10:01:7e:f7:23:33:06:ee:35:03:15:0a:16:
5a:91:e0:c8:9b:a5:99:fe:70:04:d1:0b:04:92:79:
2b:b0:3f:10:38:f8:5b:35:47:94:96:74:ee:a2:4e:
0c:19:c1:05:a8:63:7c:ba:ac:a9:fb:9f:9e:be:97:
6d:32:e3:74:4f:14:3d:77:b8:e4:9f:70:94:6e:75:
c7:23:87:76:87:d5:ff:c4:ff:3a:5a:e1:03:cf:31:
69:71:f3:dc:24:a9:ce:bc:9e:7b:40:21:7d:b5:4c:
5b:7b:19:0a:08:4d:d2:c4:37:63:3c:98:30:ba:21:
c9:71:59:fa:0c:49:c8:6a:16:89:07:01:92:28:ed:
8a:bc:2a:92:05:c9:4a:3e:bd:5a:3b:33:b0:d3:f6:
62:15:7d:0b:20:2d:0d:13:c6:30:fb:e4:45:ce:6a:
c8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2C:93:C0:B8:44:1E:0E:A1:68:D5:A9:EB:DC:FC:99:15:BF:5D:4A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jSyTwLhEHg6haNWp69z8mRW_XUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:4b:fa:f3:74:d2:e6:7f:53:d7:5d:3b:ee:a4:34:52:25:3d:
e5:93:7f:e9:f8:f6:f3:9a:27:31:01:0b:d9:4e:8b:f8:d3:a6:
80:db:89:30:e9:b0:dc:16:d6:04:92:4b:35:f1:ad:26:55:5b:
fd:b6:51:1c:f1:06:53:c3:51:68:bd:58:77:0a:07:43:c6:e3:
07:84:a2:a3:c0:37:6a:f5:96:53:0c:07:d7:b8:3b:58:3d:a3:
e8:a0:6b:af:a6:61:d0:74:95:b5:dd:63:ac:fe:e7:d0:44:94:
58:dc:71:09:2f:61:f9:e1:1a:84:6a:81:2c:8a:2f:06:72:61:
86:de:8a:43:67:b0:db:fa:a1:8f:39:e7:76:7c:bb:96:5b:8d:
10:c4:08:df:8c:80:06:62:5f:79:3d:65:90:ab:86:de:95:bf:
86:3e:52:74:eb:e1:6c:31:22:15:c8:1d:88:f2:22:df:78:78:
7f:68:e7:d8:f0:b1:16:3b:57:e4:9d:99:49:ac:1d:63:ad:f9:
be:14:ce:f6:3e:b0:73:c5:8f:a7:0a:c0:30:9e:46:f5:5e:60:
28:b1:5f:d8:c3:47:37:fb:51:f5:97:31:71:ca:fc:28:a8:0b:
36:b4:80:0e:22:0e:47:6e:d1:ef:da:66:f0:17:2d:71:82:db:
e1:f4:13:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYol/SGHeZEeyPbsFVUBe2jFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MDUyMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJjOTNjMGI4NDQxZTBlYTE2OGQ1YTllYmRjZmM5OTE1YmY1ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2Ua2QKZNigFCm6KFix5Hfpkri1p
eY+RQA982RSya3EisG9vugaUWEsTLI43sm91Pb4M3COR20pnkhFu9fHk1dg/VTS+
EUv5/Y/SRgRIiiOQa4rxNdTB6XkFtRABfvcjMwbuNQMVChZakeDIm6WZ/nAE0QsE
knkrsD8QOPhbNUeUlnTuok4MGcEFqGN8uqyp+5+evpdtMuN0TxQ9d7jkn3CUbnXH
I4d2h9X/xP86WuEDzzFpcfPcJKnOvJ57QCF9tUxbexkKCE3SxDdjPJgwuiHJcVn6
DEnIahaJBwGSKO2KvCqSBclKPr1aOzOw0/ZiFX0LIC0NE8Yw++RFzmrIvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI0sk8C4RB4OoWjVqevc/JkVv11KMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvalN5VHdMaEVIZzZoYU5XcDY5ejhtUldfWFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJRL+vN00uZ/U9ddO+6k
NFIlPeWTf+n49vOaJzEBC9lOi/jTpoDbiTDpsNwW1gSSSzXxrSZVW/22URzxBlPD
UWi9WHcKB0PG4weEoqPAN2r1llMMB9e4O1g9o+iga6+mYdB0lbXdY6z+59BElFjc
cQkvYfnhGoRqgSyKLwZyYYbeikNnsNv6oY8553Z8u5ZbjRDECN+MgAZiX3k9ZZCr
ht6Vv4Y+UnTr4WwxIhXIHYjyIt94eH9o59jwsRY7V+SdmUmsHWOt+b4UzvY+sHPF
j6cKwDCeRvVeYCixX9jDRzf7UfWXMXHK/CioCza0gA4iDkdu0e/aZvAXLXGC2+H0
E+Q=
-----END CERTIFICATE-----
Generated at Thu May 1 16:37:24 2025 by rpki-client