Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jeVq7FocVsxHzjPKWBoNlPLosfQ.roa
File: jeVq7FocVsxHzjPKWBoNlPLosfQ.roa (raw, json)
Hash identifier: 8Pxz7m6/PtX/Le/gzgGxqahTbjUWAmNbqwjExJ4m1As=
Subject key identifier: 8D:E5:6A:EC:5A:1C:56:CC:47:CE:33:CA:58:1A:0D:94:F2:E8:B1:F4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01865EA722D59C3053F69C23E27D20C20AC9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jeVq7FocVsxHzjPKWBoNlPLosfQ.roa
Signing time: Fri 17 Feb 2023 09:14:17 +0000
ROA not before: Fri 17 Feb 2023 09:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5e:a7:22:d5:9c:30:53:f6:9c:23:e2:7d:20:c2:0a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 09:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8de56aec5a1c56cc47ce33ca581a0d94f2e8b1f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ce:b4:00:70:cb:77:74:6f:ae:2f:a5:b5:09:
e1:66:86:62:00:76:e6:10:e5:97:22:ea:6a:61:2b:
95:12:69:b8:7a:ef:1d:7a:5c:f4:b6:e3:ec:d6:f0:
fb:20:b0:5b:c0:e0:6a:98:6d:86:c8:61:50:b4:6a:
df:ff:27:39:fa:e6:de:3d:04:d7:e8:9b:06:d2:12:
25:c4:79:b9:f2:73:08:51:c7:26:77:c3:03:61:c4:
ec:f7:17:98:91:3e:38:fd:cb:56:64:98:fa:cb:37:
a9:86:eb:aa:e9:58:c7:75:ea:36:f4:f1:9e:fa:2f:
30:72:95:f7:59:b4:ba:28:29:a5:98:80:ff:58:bc:
31:d8:14:e7:8c:68:ba:ad:b9:9c:28:16:1b:51:6b:
63:8b:b7:9d:1b:e2:dd:48:8f:f5:3a:f9:94:a7:64:
b9:a3:4d:51:7d:46:d7:ac:f9:cb:2e:81:e7:0b:bf:
78:e3:cb:0b:0c:4c:e3:74:32:8d:29:40:b6:0f:26:
c2:76:ff:2e:88:f7:22:07:42:f5:7c:e9:83:e2:5a:
c3:57:b0:b2:54:29:4d:1b:dc:0e:6a:ab:15:52:ca:
fb:70:e3:66:44:74:ca:d1:28:d7:4f:9d:b2:8d:78:
4f:16:6c:7b:b7:3b:c4:69:78:e6:8b:6b:6e:9f:b6:
b2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E5:6A:EC:5A:1C:56:CC:47:CE:33:CA:58:1A:0D:94:F2:E8:B1:F4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jeVq7FocVsxHzjPKWBoNlPLosfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:08:cd:19:1f:a1:67:86:52:27:1b:ca:fc:9b:55:07:69:85:
70:93:a5:13:56:9c:e6:d9:5c:d1:ac:7a:0b:0f:fa:90:2c:93:
64:c8:c3:99:0f:16:2b:4f:0f:e0:a4:ad:a6:ca:81:62:a8:27:
1f:d2:cc:81:f6:c2:6b:8f:56:a0:ec:73:00:77:29:8d:a0:df:
72:a5:0b:23:2d:d7:cd:bf:71:50:dd:46:f9:c7:dd:6b:05:60:
da:ac:00:b6:2c:76:21:6c:04:5c:04:cd:d2:b0:9d:14:93:8e:
2f:42:4e:b6:7d:31:d1:52:ef:4d:b8:f0:b6:19:34:43:22:dc:
4a:ee:5f:73:bb:30:17:f8:29:a3:f4:03:e1:63:60:87:2c:22:
5a:74:ae:66:db:33:ba:0f:11:2e:35:2b:e9:3b:0c:15:ca:c5:
e4:b9:0d:22:b1:23:08:04:0e:6a:a5:e7:59:db:ac:77:86:d5:
d0:7e:a8:da:e1:43:81:50:db:10:ad:2c:f9:85:03:4a:91:6f:
2a:cc:bd:3b:2c:49:a9:d2:f2:85:21:73:ba:0e:42:e1:17:7e:
bc:bc:9d:a0:13:78:c5:4b:00:8e:83:ed:c4:bb:33:31:f0:79:
21:a8:ee:36:b5:cb:4c:05:b6:71:ea:a2:3f:d3:eb:09:76:a1:
f9:1b:5e:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZepyLVnDBT9pwj4n0gwgrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE3MDkxNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGU1NmFlYzVhMWM1NmNjNDdjZTMzY2E1ODFhMGQ5NGYyZThiMWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM60AHDLd3Rvri+ltQnhZoZiAHbm
EOWXIupqYSuVEmm4eu8delz0tuPs1vD7ILBbwOBqmG2GyGFQtGrf/yc5+ubePQTX
6JsG0hIlxHm58nMIUccmd8MDYcTs9xeYkT44/ctWZJj6yzephuuq6VjHdeo29PGe
+i8wcpX3WbS6KCmlmID/WLwx2BTnjGi6rbmcKBYbUWtji7edG+LdSI/1OvmUp2S5
o01RfUbXrPnLLoHnC79448sLDEzjdDKNKUC2DybCdv8uiPciB0L1fOmD4lrDV7Cy
VClNG9wOaqsVUsr7cONmRHTK0SjXT52yjXhPFmx7tzvEaXjmi2tun7ayKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI3lauxaHFbMR84zylgaDZTy6LH0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvamVWcTdGb2NWc3hIempQS1dCb05sUExvc2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgIzRkfoWeGUicbyvyb
VQdphXCTpRNWnObZXNGsegsP+pAsk2TIw5kPFitPD+CkrabKgWKoJx/SzIH2wmuP
VqDscwB3KY2g33KlCyMt182/cVDdRvnH3WsFYNqsALYsdiFsBFwEzdKwnRSTji9C
TrZ9MdFS70248LYZNEMi3EruX3O7MBf4KaP0A+FjYIcsIlp0rmbbM7oPES41K+k7
DBXKxeS5DSKxIwgEDmql51nbrHeG1dB+qNrhQ4FQ2xCtLPmFA0qRbyrMvTssSanS
8oUhc7oOQuEXfry8naATeMVLAI6D7cS7MzHweSGo7ja1y0wFtnHqoj/T6wl2ofkb
Xlg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:13:21 2025 by rpki-client