Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o0UXUbUzGp0nBdsCLCcMbnrXIIQ.roa
File: o0UXUbUzGp0nBdsCLCcMbnrXIIQ.roa (raw, json)
Hash identifier: HQzmeSPxywVQWRBsCxxVp+8TEGpGZt/Hw0QliSzknIU=
Subject key identifier: A3:45:17:51:B5:33:1A:9D:27:05:DB:02:2C:27:0C:6E:7A:D7:20:84
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01847BA5A699E24D5FBBB495132DA8FE15CF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o0UXUbUzGp0nBdsCLCcMbnrXIIQ.roa
Signing time: Tue 15 Nov 2022 14:16:04 +0000
ROA not before: Tue 15 Nov 2022 14:16:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
2001:67c:64:ffff:0:184:75cf:c8d9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:a5:a6:99:e2:4d:5f:bb:b4:95:13:2d:a8:fe:15:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 15 14:16:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3451751b5331a9d2705db022c270c6e7ad72084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f2:e5:10:3d:ae:c8:cd:de:fc:ef:e6:9c:68:
4e:7a:1a:64:69:c1:1c:16:ad:62:36:43:f1:a6:dd:
5f:72:f6:1e:cf:61:aa:45:1d:e6:e7:ce:9c:50:92:
62:1b:84:34:70:44:e3:6b:bc:ea:8c:6c:69:2a:49:
92:52:d9:37:9d:d3:05:73:68:73:be:8c:5f:14:1d:
27:56:af:63:dd:c3:c1:f8:7b:5c:71:ba:81:6d:2b:
6e:c2:38:66:63:58:d7:5f:a0:ce:35:35:b4:94:1e:
0d:3e:1b:fb:f6:56:47:7e:95:46:56:86:74:eb:ad:
79:99:f4:10:b2:9b:82:7b:ba:51:08:c7:84:96:27:
98:fe:45:fb:35:f9:a8:f3:e3:6d:80:c7:a6:e1:d3:
a6:2e:a8:9d:f1:39:d9:a7:5c:e0:95:f0:f6:21:4c:
8d:2d:75:b7:b1:a4:a7:51:31:52:f4:53:e4:50:b5:
ed:a0:93:97:b4:e3:66:cf:d3:1f:3a:19:e1:bf:75:
72:a8:d9:a2:22:ae:5d:03:86:de:f0:85:71:33:cf:
2f:93:89:7f:58:90:23:3b:53:07:b0:23:62:e3:34:
a9:61:82:40:c0:26:b0:4f:47:c2:e4:eb:8e:bb:db:
31:5f:00:3e:55:f3:be:f4:1b:80:ac:c7:cc:ad:9c:
88:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:45:17:51:B5:33:1A:9D:27:05:DB:02:2C:27:0C:6E:7A:D7:20:84
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o0UXUbUzGp0nBdsCLCcMbnrXIIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:6b:17:d4:b0:ce:81:c3:c4:4f:da:c7:00:15:b2:9f:6f:17:
3b:29:76:11:c7:42:3c:1f:a4:2c:56:a2:f7:36:d6:82:80:9c:
12:92:42:1b:df:28:df:a8:37:52:df:69:62:4c:b1:f8:95:40:
95:f5:8f:e1:9a:3c:60:0d:fe:d5:c7:1f:08:44:45:47:bf:d5:
52:4b:34:fd:2f:03:92:97:3f:63:a8:76:4f:a9:94:dd:13:e7:
b6:a1:76:90:66:7b:f0:44:68:4b:f0:ab:9e:1a:75:ad:19:1c:
2f:d2:e5:b3:9b:36:6a:89:cc:a3:67:62:93:9d:33:1d:08:20:
27:04:03:c4:bd:24:67:90:cf:d2:d6:6b:0b:fe:4b:a4:df:14:
93:01:3c:1e:5c:89:7b:f4:77:a2:f2:5b:20:bd:b6:99:ed:34:
d0:ce:2b:c0:85:8c:a8:82:b3:ea:a6:8f:65:45:bd:4c:f5:f8:
64:ab:0f:b7:61:3f:36:e3:45:ba:80:65:b2:49:2a:67:6f:5e:
a0:10:6a:54:1b:da:bf:00:21:bc:9b:fb:bb:24:00:32:5b:91:
52:de:99:6e:5e:46:e5:3b:18:46:45:9b:52:01:11:0a:31:89:
d3:8e:5c:3e:a0:9e:c1:a2:77:88:20:b8:78:62:1b:b0:bb:63:
9e:38:fe:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYR7paaZ4k1fu7SVEy2o/hXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTE1MTQxNjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ1MTc1MWI1MzMxYTlkMjcwNWRiMDIyYzI3MGM2ZTdhZDcyMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvLlED2uyM3e/O/mnGhOehpkacEc
Fq1iNkPxpt1fcvYez2GqRR3m586cUJJiG4Q0cETja7zqjGxpKkmSUtk3ndMFc2hz
voxfFB0nVq9j3cPB+HtccbqBbStuwjhmY1jXX6DONTW0lB4NPhv79lZHfpVGVoZ0
6615mfQQspuCe7pRCMeElieY/kX7Nfmo8+NtgMem4dOmLqid8TnZp1zglfD2IUyN
LXW3saSnUTFS9FPkULXtoJOXtONmz9MfOhnhv3VyqNmiIq5dA4be8IVxM88vk4l/
WJAjO1MHsCNi4zSpYYJAwCawT0fC5OuOu9sxXwA+VfO+9BuArMfMrZyIwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKNFF1G1MxqdJwXbAiwnDG561yCEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbzBVWFViVXpHcDBuQmRzQ0xDY01ibnJYSUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGtrF9SwzoHDxE/axwAV
sp9vFzspdhHHQjwfpCxWovc21oKAnBKSQhvfKN+oN1LfaWJMsfiVQJX1j+GaPGAN
/tXHHwhERUe/1VJLNP0vA5KXP2Oodk+plN0T57ahdpBme/BEaEvwq54ada0ZHC/S
5bObNmqJzKNnYpOdMx0IICcEA8S9JGeQz9LWawv+S6TfFJMBPB5ciXv0d6LyWyC9
tpntNNDOK8CFjKiCs+qmj2VFvUz1+GSrD7dhPzbjRbqAZbJJKmdvXqAQalQb2r8A
Ibyb+7skADJbkVLemW5eRuU7GEZFm1IBEQoxidOOXD6gnsGid4gguHhiG7C7Y544
/hE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:25 2025 by rpki-client