Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oM0QUIssC7cbuPkuWASCa3xorHk.roa
File: oM0QUIssC7cbuPkuWASCa3xorHk.roa (raw, json)
Hash identifier: AKOH+c7FRgb0ROGoJMOsf9W0Ss7vlj5d55/7ugGGxv8=
Subject key identifier: A0:CD:10:50:8B:2C:0B:B7:1B:B8:F9:2E:58:04:82:6B:7C:68:AC:79
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A239D3675EC906DCD28138F5337CD7E73
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oM0QUIssC7cbuPkuWASCa3xorHk.roa
Signing time: Wed 23 Aug 2023 18:17:00 +0000
ROA not before: Wed 23 Aug 2023 18:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:9d:36:75:ec:90:6d:cd:28:13:8f:53:37:cd:7e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 23 18:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0cd10508b2c0bb71bb8f92e5804826b7c68ac79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:95:ef:7c:37:78:15:5e:2e:83:6b:16:94:37:
ed:c8:6d:76:5c:c9:26:b0:26:b4:8b:12:f7:a6:9b:
09:51:32:15:9f:82:d5:83:25:2b:48:32:00:01:07:
f2:7d:9d:2b:69:17:a3:d5:e0:00:ff:8b:29:bd:e4:
de:1a:87:1f:c3:d3:c8:cc:b3:ee:0b:97:06:29:4b:
db:ca:bc:8c:29:53:10:3c:78:d5:98:c0:84:70:b3:
52:41:ca:cb:c9:4d:d5:e2:4b:49:f8:56:53:49:70:
cf:71:d5:17:4a:cd:dc:db:ba:54:c8:ac:f3:40:e2:
f4:f3:99:39:f6:8e:01:12:ef:3b:71:14:be:3a:4a:
70:33:e0:77:64:ca:01:c8:e4:ae:e8:4f:c7:4f:94:
92:75:da:41:44:b4:4b:55:0d:a3:b0:84:e8:8f:2e:
ff:94:a1:f9:d3:1d:3f:0c:0f:73:de:3c:fe:da:65:
24:18:24:19:44:a4:f3:df:0d:00:9c:a3:ed:cd:6e:
77:6f:6a:e8:fb:8f:17:39:fb:d0:7a:a5:2b:fb:8e:
46:31:e9:89:e8:e9:5a:88:e7:74:38:fd:34:af:5b:
91:8e:62:a5:3c:cf:e8:84:2b:00:1f:8c:4b:d2:b2:
36:f4:3b:38:4c:35:78:ec:f5:7d:48:e5:e8:a1:55:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CD:10:50:8B:2C:0B:B7:1B:B8:F9:2E:58:04:82:6B:7C:68:AC:79
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oM0QUIssC7cbuPkuWASCa3xorHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:69:b9:b9:d5:43:1f:2c:4c:d5:02:30:10:32:b8:07:ea:fe:
ed:26:70:88:59:fc:06:4b:64:fb:84:65:90:65:93:45:b2:7e:
f6:ba:6e:e4:aa:63:c6:24:08:e5:60:2f:a6:b6:de:a0:50:f6:
a9:ac:8e:d2:d3:98:bd:39:33:2b:d0:69:b7:56:fc:87:53:01:
d7:86:98:61:31:b9:2d:70:f7:7d:62:9c:bc:89:b3:dc:54:59:
da:f5:6e:24:b7:63:e7:dd:ef:e1:5a:d9:58:6e:0c:12:20:a2:
ee:35:94:2a:c5:f6:a4:8b:e5:e4:8e:b0:a0:48:97:21:09:32:
32:3e:ce:21:16:20:df:80:f1:10:b1:12:eb:6f:3d:8c:bd:5d:
21:16:72:a0:b6:ab:5d:21:a0:67:21:14:dd:8d:fc:42:36:d8:
6e:a7:55:cc:8e:c8:a7:d8:0f:ab:e6:30:1c:79:a8:82:5c:25:
42:8c:7f:44:63:f2:64:ea:48:a4:eb:3e:0b:8a:c3:c6:04:12:
ed:a2:a7:d5:4d:fb:25:67:46:86:3e:00:14:eb:04:93:2f:a6:
33:21:b4:51:b2:04:57:72:47:21:35:e6:b2:ff:d0:e0:be:6c:
69:3a:be:c3:ec:f0:a2:6b:53:a7:9c:74:e9:57:32:9d:bb:ed:
6b:b3:c5:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYojnTZ17JBtzSgTj1M3zX5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIzMTgxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGNkMTA1MDhiMmMwYmI3MWJiOGY5MmU1ODA0ODI2YjdjNjhhYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5XvfDd4FV4ug2sWlDftyG12XMkm
sCa0ixL3ppsJUTIVn4LVgyUrSDIAAQfyfZ0raRej1eAA/4spveTeGocfw9PIzLPu
C5cGKUvbyryMKVMQPHjVmMCEcLNSQcrLyU3V4ktJ+FZTSXDPcdUXSs3c27pUyKzz
QOL085k59o4BEu87cRS+OkpwM+B3ZMoByOSu6E/HT5SSddpBRLRLVQ2jsITojy7/
lKH50x0/DA9z3jz+2mUkGCQZRKTz3w0AnKPtzW53b2ro+48XOfvQeqUr+45GMemJ
6OlaiOd0OP00r1uRjmKlPM/ohCsAH4xL0rI29Ds4TDV47PV9SOXooVUExwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKDNEFCLLAu3G7j5LlgEgmt8aKx5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb00wUVVJc3NDN2NidVBrdVdBU0NhM3hvckhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1pubnVQx8sTNUCMBAy
uAfq/u0mcIhZ/AZLZPuEZZBlk0Wyfva6buSqY8YkCOVgL6a23qBQ9qmsjtLTmL05
MyvQabdW/IdTAdeGmGExuS1w931inLyJs9xUWdr1biS3Y+fd7+Fa2VhuDBIgou41
lCrF9qSL5eSOsKBIlyEJMjI+ziEWIN+A8RCxEutvPYy9XSEWcqC2q10hoGchFN2N
/EI22G6nVcyOyKfYD6vmMBx5qIJcJUKMf0Rj8mTqSKTrPguKw8YEEu2ip9VN+yVn
RoY+ABTrBJMvpjMhtFGyBFdyRyE15rL/0OC+bGk6vsPs8KJrU6ecdOlXMp277Wuz
xa8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:24:47 2025 by rpki-client