Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o8kYIp_YGCGtPmpsbk_KKvw4-rg.roa
File: o8kYIp_YGCGtPmpsbk_KKvw4-rg.roa (raw, json)
Hash identifier: 9QHUZh5xb5bSmpbuAd1DgENZEGz21YzeUdyXkxXfCdk=
Subject key identifier: A3:C9:18:22:9F:D8:18:21:AD:3E:6A:6C:6E:4F:CA:2A:FC:38:FA:B8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185120BADD080A97D8B0D38FE82AAEA9605
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o8kYIp_YGCGtPmpsbk_KKvw4-rg.roa
Signing time: Wed 14 Dec 2022 19:10:33 +0000
ROA not before: Wed 14 Dec 2022 19:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:12:0b:ad:d0:80:a9:7d:8b:0d:38:fe:82:aa:ea:96:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 14 19:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3c918229fd81821ad3e6a6c6e4fca2afc38fab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e3:43:47:09:66:7d:a3:2e:22:aa:f1:58:b0:
16:9f:e8:c4:9a:6c:97:f4:ba:d2:6d:1b:85:37:46:
cc:35:3d:4d:77:fb:47:0b:e9:85:8e:ca:a5:3b:43:
54:af:e8:56:d3:6a:da:4a:ab:ad:d1:d3:d1:07:69:
17:49:ff:e3:e0:33:d0:9e:b9:68:5b:28:4a:fa:90:
77:8e:bc:17:1b:c6:a6:fe:dd:4c:d1:0b:23:b2:b9:
66:c1:93:43:c1:17:11:88:30:c9:58:59:4b:8d:8b:
0e:41:40:2a:35:6e:64:ad:f8:a1:44:c1:77:e7:00:
89:7b:e6:06:99:0c:31:45:42:06:86:81:65:3a:fe:
99:67:d7:7d:84:e8:2c:a6:84:4f:e0:0a:08:23:4e:
6b:72:19:26:84:8c:3a:cf:9c:f7:29:38:8a:b1:fb:
7a:19:92:da:ba:ea:a3:19:20:72:07:b3:03:cd:89:
86:24:72:cf:ab:29:ad:24:78:0c:46:56:8c:ef:5a:
09:56:c8:5e:d3:79:bb:c2:71:48:6a:4c:6f:e7:ae:
29:cb:ad:f2:0d:5a:9b:0c:dc:3b:4a:50:9a:d0:f1:
ec:9b:ed:6f:0e:da:c9:cc:a8:89:c6:8d:b8:0f:93:
c7:ed:10:23:ff:42:73:02:5a:a3:94:d2:4e:b8:f2:
22:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C9:18:22:9F:D8:18:21:AD:3E:6A:6C:6E:4F:CA:2A:FC:38:FA:B8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o8kYIp_YGCGtPmpsbk_KKvw4-rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:dd:5d:bf:b4:b7:87:c9:d8:34:a3:94:d9:64:a3:c3:15:11:
64:90:ce:a4:3d:91:0a:c9:3b:a1:09:39:67:ea:d5:92:9b:4e:
0f:21:67:bc:a7:4b:70:01:04:cb:01:36:ab:38:c2:b5:23:88:
62:8c:54:2a:d5:0d:58:5c:b6:1a:a0:5b:0c:62:21:09:26:b5:
92:d8:cf:da:93:93:aa:7d:77:b9:d0:28:77:c0:69:72:fc:60:
ed:ae:e7:22:64:41:b1:33:62:99:ea:0c:b3:03:fc:e8:56:38:
34:30:16:a3:af:56:4e:1d:e2:fb:0a:fa:b6:9d:43:02:25:c9:
57:dc:6f:22:d9:3d:07:6b:34:61:13:78:cf:1c:a2:cf:a5:6f:
7a:df:ba:80:2e:52:d6:2e:9c:81:d8:72:f5:77:d0:8d:f4:4d:
e3:5e:10:69:07:f7:8a:d2:c9:29:8a:8c:0f:58:bc:46:f1:b2:
ef:5d:29:69:0b:da:d1:3f:1e:4d:6b:13:87:a8:89:66:70:9b:
07:b0:2b:ef:f5:eb:59:89:81:ff:b0:06:ca:36:37:03:a7:14:
7c:c8:47:78:75:1f:4d:79:e3:7d:3c:0d:25:e9:fa:67:03:0c:
8f:bd:2b:a7:51:5d:ed:39:f6:9a:25:a6:7f:2d:e7:87:6e:2e:
29:be:80:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUSC63QgKl9iw04/oKq6pYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE0MTkxMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M5MTgyMjlmZDgxODIxYWQzZTZhNmM2ZTRmY2EyYWZjMzhmYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeNDRwlmfaMuIqrxWLAWn+jEmmyX
9LrSbRuFN0bMNT1Nd/tHC+mFjsqlO0NUr+hW02raSqut0dPRB2kXSf/j4DPQnrlo
WyhK+pB3jrwXG8am/t1M0QsjsrlmwZNDwRcRiDDJWFlLjYsOQUAqNW5krfihRMF3
5wCJe+YGmQwxRUIGhoFlOv6ZZ9d9hOgspoRP4AoII05rchkmhIw6z5z3KTiKsft6
GZLauuqjGSByB7MDzYmGJHLPqymtJHgMRlaM71oJVshe03m7wnFIakxv564py63y
DVqbDNw7SlCa0PHsm+1vDtrJzKiJxo24D5PH7RAj/0JzAlqjlNJOuPIiiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKPJGCKf2BghrT5qbG5Pyir8OPq4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbzhrWUlwX1lHQ0d0UG1wc2JrX0tLdnc0LXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGzdXb+0t4fJ2DSjlNlk
o8MVEWSQzqQ9kQrJO6EJOWfq1ZKbTg8hZ7ynS3ABBMsBNqs4wrUjiGKMVCrVDVhc
thqgWwxiIQkmtZLYz9qTk6p9d7nQKHfAaXL8YO2u5yJkQbEzYpnqDLMD/OhWODQw
FqOvVk4d4vsK+radQwIlyVfcbyLZPQdrNGETeM8cos+lb3rfuoAuUtYunIHYcvV3
0I30TeNeEGkH94rSySmKjA9YvEbxsu9dKWkL2tE/Hk1rE4eoiWZwmwewK+/161mJ
gf+wBso2NwOnFHzIR3h1H0154308DSXp+mcDDI+9K6dRXe059polpn8t54duLim+
gK4=
-----END CERTIFICATE-----
Generated at Thu May 1 07:10:00 2025 by rpki-client