Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o4DFNcOjEvB_QW9C10t9wMAX2uo.roa
File: o4DFNcOjEvB_QW9C10t9wMAX2uo.roa (raw, json)
Hash identifier: JbZtRRM7y0gkfcMEB2GYq/AeEGx3JKku6WUkT4/T4P4=
Subject key identifier: A3:80:C5:35:C3:A3:12:F0:7F:41:6F:42:D7:4B:7D:C0:C0:17:DA:EA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01840B68F2234854238EE672F2C495A83113
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o4DFNcOjEvB_QW9C10t9wMAX2uo.roa
Signing time: Mon 24 Oct 2022 19:12:17 +0000
ROA not before: Mon 24 Oct 2022 19:12:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0b:68:f2:23:48:54:23:8e:e6:72:f2:c4:95:a8:31:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 24 19:12:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a380c535c3a312f07f416f42d74b7dc0c017daea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c8:e2:50:e5:7a:43:16:46:6d:20:55:4b:70:
04:46:c1:86:96:d5:77:4d:26:7e:18:9b:f9:13:f3:
06:86:31:b1:0b:7b:52:12:fe:ea:97:53:38:13:e4:
22:78:63:a2:ce:0b:0a:a8:f5:fd:36:33:3d:f6:05:
25:4e:3b:6a:d6:ac:1c:a2:f0:a3:51:d9:8f:7f:a7:
73:ac:66:38:16:63:72:6f:91:67:3d:18:27:29:aa:
6b:65:96:6f:c4:d8:d5:8e:24:b8:d8:bf:85:ce:dc:
64:94:88:25:34:ca:f5:45:cd:54:5b:be:e5:eb:8e:
e3:6b:a7:d2:fb:c9:0c:c0:9b:fe:8e:57:f1:18:f2:
53:b5:cf:c9:63:6b:24:d2:d5:ef:6e:8b:86:49:f4:
fd:af:32:b3:f5:e8:57:03:de:8c:0d:5c:0a:fe:b0:
fd:98:d2:d6:0e:71:23:5a:dc:ef:e2:d5:8f:0f:0b:
70:1c:ef:1e:70:0d:86:44:c4:fa:dc:44:03:d6:69:
78:87:9e:b5:61:a7:b5:0e:af:fe:52:2d:6b:d2:33:
87:83:ae:4b:32:fd:94:38:c1:f7:9b:06:a0:62:e1:
9a:ef:a6:e8:57:62:90:4d:05:f9:68:da:00:22:4c:
d1:e0:c4:ff:d6:f0:52:69:8c:08:46:0f:52:fc:17:
b3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:80:C5:35:C3:A3:12:F0:7F:41:6F:42:D7:4B:7D:C0:C0:17:DA:EA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o4DFNcOjEvB_QW9C10t9wMAX2uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:27:9a:39:c5:aa:50:f5:99:41:af:85:48:f2:b8:46:56:36:
1f:d7:f1:d5:11:5f:67:19:61:34:b7:56:ec:5b:ac:0a:66:bc:
89:47:58:5c:dc:ae:8c:66:f6:61:5c:97:c0:d7:43:47:ef:28:
a5:a7:42:12:7d:10:68:3e:24:8c:b2:9b:1b:88:e8:e2:ac:71:
dd:07:e0:2b:59:a1:8c:0c:ba:3a:38:52:c7:7f:5a:f9:9f:40:
b3:49:f7:bb:17:cd:e5:dc:a1:99:bf:63:83:1c:81:02:31:a8:
be:5a:57:61:63:27:06:b2:66:fb:ec:e1:a5:42:89:ab:b8:43:
88:53:d4:ab:09:a9:6a:07:38:6d:d6:1f:ec:71:34:ce:3e:c0:
c3:08:68:72:b8:45:5a:73:da:66:e4:c0:30:ed:ab:27:17:42:
83:fa:57:c7:9d:b7:3f:e4:ad:7d:a9:ce:04:83:32:b1:3e:83:
3c:5e:29:d8:f9:ae:d5:eb:ee:4f:8c:53:fb:0d:b8:b0:07:e7:
d8:c9:ac:46:60:b4:71:1b:ff:f5:2e:c5:74:6f:12:25:e3:a8:
e0:7e:b4:90:2e:c1:6c:e7:b1:d6:a1:8a:49:5b:c6:19:54:8a:
ad:b7:32:58:21:4a:f6:9d:16:b3:4d:7a:53:a4:9a:de:3b:51:
6e:4b:08:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQLaPIjSFQjjuZy8sSVqDETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDI0MTkxMjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzgwYzUzNWMzYTMxMmYwN2Y0MTZmNDJkNzRiN2RjMGMwMTdkYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcjiUOV6QxZGbSBVS3AERsGGltV3
TSZ+GJv5E/MGhjGxC3tSEv7ql1M4E+QieGOizgsKqPX9NjM99gUlTjtq1qwcovCj
UdmPf6dzrGY4FmNyb5FnPRgnKaprZZZvxNjVjiS42L+FztxklIglNMr1Rc1UW77l
647ja6fS+8kMwJv+jlfxGPJTtc/JY2sk0tXvbouGSfT9rzKz9ehXA96MDVwK/rD9
mNLWDnEjWtzv4tWPDwtwHO8ecA2GRMT63EQD1ml4h561Yae1Dq/+Ui1r0jOHg65L
Mv2UOMH3mwagYuGa76boV2KQTQX5aNoAIkzR4MT/1vBSaYwIRg9S/BezQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKOAxTXDoxLwf0FvQtdLfcDAF9rqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbzRERk5jT2pFdkJfUVc5QzEwdDl3TUFYMnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGwnmjnFqlD1mUGvhUjy
uEZWNh/X8dURX2cZYTS3VuxbrApmvIlHWFzcroxm9mFcl8DXQ0fvKKWnQhJ9EGg+
JIyymxuI6OKscd0H4CtZoYwMujo4Usd/WvmfQLNJ97sXzeXcoZm/Y4McgQIxqL5a
V2FjJwayZvvs4aVCiau4Q4hT1KsJqWoHOG3WH+xxNM4+wMMIaHK4RVpz2mbkwDDt
qycXQoP6V8edtz/krX2pzgSDMrE+gzxeKdj5rtXr7k+MU/sNuLAH59jJrEZgtHEb
//UuxXRvEiXjqOB+tJAuwWznsdahiklbxhlUiq23MlghSvadFrNNelOkmt47UW5L
CGs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:58:43 2025 by rpki-client