Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o1mAK_jR4TKSJ7-4URHA_PiulcM.roa
File: o1mAK_jR4TKSJ7-4URHA_PiulcM.roa (raw, json)
Hash identifier: HX6lHWcHArqZOV8beuFjcWErbznctX1FeELMS/Hmrn8=
Subject key identifier: A3:59:80:2B:F8:D1:E1:32:92:27:BF:B8:51:11:C0:FC:F8:AE:95:C3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018955D2E45F47E410DAE3C1D2E87110AB36
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o1mAK_jR4TKSJ7-4URHA_PiulcM.roa
Signing time: Fri 14 Jul 2023 19:13:51 +0000
ROA not before: Fri 14 Jul 2023 19:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:55:d2:e4:5f:47:e4:10:da:e3:c1:d2:e8:71:10:ab:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 14 19:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a359802bf8d1e1329227bfb85111c0fcf8ae95c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a0:50:18:07:7c:16:12:3a:b1:7d:5f:1a:93:
65:02:f0:c3:af:85:2f:79:d2:a2:fa:bb:fb:6f:df:
75:e2:9b:00:43:8b:7c:1c:b2:26:89:5a:60:0a:ef:
4a:7d:17:47:ad:67:7a:f8:46:3f:a1:35:63:61:81:
b6:95:5d:ee:e1:d2:cc:c0:78:64:d7:e7:d3:70:a2:
29:56:0b:81:ba:25:27:2e:63:ee:5e:1b:94:8f:85:
99:c5:b5:5b:8a:85:b5:5a:48:2e:ab:f0:3d:ae:ed:
8e:c6:7b:32:4f:58:5e:69:b9:85:bd:13:86:8c:2e:
84:9f:cf:ae:f3:0e:8f:dc:74:42:6c:c3:5e:b5:7b:
fc:0c:5f:f0:54:fa:47:eb:cd:7e:e3:30:ad:12:5e:
bc:2a:f1:84:50:77:b9:c5:e9:21:a5:e2:cb:01:9a:
58:4a:1e:53:27:82:82:60:eb:25:ad:29:28:bf:be:
1b:6a:7f:57:dc:ca:95:98:f2:a8:a9:6a:52:f6:9d:
3c:c1:4f:2e:fb:c6:09:5b:dc:42:08:56:0b:ee:c1:
dd:f1:5a:f7:34:eb:d0:93:5a:34:cb:3d:ee:c8:26:
a0:5e:c0:d1:7c:e9:f4:28:b3:69:b4:d4:ad:4b:46:
6c:49:d2:69:78:41:96:aa:de:a1:b6:84:8a:b2:9f:
76:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:59:80:2B:F8:D1:E1:32:92:27:BF:B8:51:11:C0:FC:F8:AE:95:C3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o1mAK_jR4TKSJ7-4URHA_PiulcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:85:d3:11:5b:6e:b7:53:4d:f7:52:89:73:d9:8d:8e:bc:4e:
2a:f8:a7:f5:84:4b:ca:79:39:76:59:a8:71:01:e5:fd:cf:46:
a2:48:87:5e:15:72:f2:5d:5d:d7:d7:cd:1a:55:75:b0:94:ba:
4b:54:9f:6e:3c:32:82:9b:a8:c2:64:57:6d:c2:d3:77:24:bf:
ba:12:b9:af:43:33:98:7d:9b:bd:b1:54:18:d5:ea:2b:b7:54:
01:3f:e6:2c:ee:39:fe:96:0b:3e:ac:a3:32:7c:ca:e3:a6:65:
88:2f:65:b0:43:26:53:b8:32:0d:64:c3:8f:a9:25:43:02:a5:
cf:17:14:4a:3d:d8:67:00:ee:14:dc:41:89:d4:be:c7:aa:33:
d0:6d:88:9c:e2:4e:38:c7:b7:af:d1:e2:27:f8:dc:de:28:08:
00:44:5c:0f:5e:07:b2:36:d1:e3:bc:b8:b5:fc:0b:16:4b:16:
98:9c:ff:16:49:75:b9:c5:76:b7:f0:6c:53:f4:65:8f:36:54:
c1:b4:8d:80:63:46:f7:b1:58:b0:5d:35:04:c3:ed:81:4e:6d:
11:da:54:f3:db:67:a6:db:05:77:50:ba:7c:35:de:c6:0a:31:
1a:c1:bd:4d:8a:b0:af:99:8e:da:fa:25:c4:b1:aa:4b:6b:7d:
ca:75:de:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlV0uRfR+QQ2uPB0uhxEKs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE0MTkxMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzU5ODAyYmY4ZDFlMTMyOTIyN2JmYjg1MTExYzBmY2Y4YWU5NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6BQGAd8FhI6sX1fGpNlAvDDr4Uv
edKi+rv7b9914psAQ4t8HLImiVpgCu9KfRdHrWd6+EY/oTVjYYG2lV3u4dLMwHhk
1+fTcKIpVguBuiUnLmPuXhuUj4WZxbVbioW1Wkguq/A9ru2OxnsyT1heabmFvROG
jC6En8+u8w6P3HRCbMNetXv8DF/wVPpH681+4zCtEl68KvGEUHe5xekhpeLLAZpY
Sh5TJ4KCYOslrSkov74ban9X3MqVmPKoqWpS9p08wU8u+8YJW9xCCFYL7sHd8Vr3
NOvQk1o0yz3uyCagXsDRfOn0KLNptNStS0ZsSdJpeEGWqt6htoSKsp92oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKNZgCv40eEykie/uFERwPz4rpXDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbzFtQUtfalI0VEtTSjctNFVSSEFfUGl1bGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJiF0xFbbrdTTfdSiXPZ
jY68Tir4p/WES8p5OXZZqHEB5f3PRqJIh14VcvJdXdfXzRpVdbCUuktUn248MoKb
qMJkV23C03ckv7oSua9DM5h9m72xVBjV6iu3VAE/5izuOf6WCz6sozJ8yuOmZYgv
ZbBDJlO4Mg1kw4+pJUMCpc8XFEo92GcA7hTcQYnUvseqM9BtiJziTjjHt6/R4if4
3N4oCABEXA9eB7I20eO8uLX8CxZLFpic/xZJdbnFdrfwbFP0ZY82VMG0jYBjRvex
WLBdNQTD7YFObRHaVPPbZ6bbBXdQunw13sYKMRrBvU2KsK+Zjtr6JcSxqktrfcp1
3q8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:59:57 2025 by rpki-client