Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oOQupCXCieyL-ScXVfzePk6hL-M.roa
File: oOQupCXCieyL-ScXVfzePk6hL-M.roa (raw, json)
Hash identifier: 5T9EERgQcZQkQmdxxPJeaZpHJIaZGkrJ123fdREc18k=
Subject key identifier: A0:E4:2E:A4:25:C2:89:EC:8B:F9:27:17:55:FC:DE:3E:4E:A1:2F:E3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01899E56AB65FA16C7F01A2AD6ED201CF52E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oOQupCXCieyL-ScXVfzePk6hL-M.roa
Signing time: Fri 28 Jul 2023 21:10:27 +0000
ROA not before: Fri 28 Jul 2023 21:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9e:56:ab:65:fa:16:c7:f0:1a:2a:d6:ed:20:1c:f5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 28 21:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0e42ea425c289ec8bf9271755fcde3e4ea12fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:28:02:a4:5c:4a:b1:7b:e5:7c:7b:1f:7b:0a:
5e:f6:42:d2:8b:22:94:cc:c3:b9:95:a2:23:2a:97:
23:50:e5:0d:0a:eb:2a:ad:e9:aa:28:b7:80:0a:87:
88:0b:13:9a:ec:0c:bf:a1:23:30:9a:01:fe:40:5e:
06:f7:52:e4:6d:b9:4a:f7:e8:58:c0:f6:94:bc:ad:
4d:36:e2:59:17:ca:dd:dd:c5:3c:98:02:1c:7d:16:
67:ed:07:4b:e4:26:e2:c7:1c:72:e0:1d:70:fc:75:
3b:be:dc:11:43:e1:6e:27:c5:47:30:01:53:b7:46:
8a:2f:9e:06:d8:8f:60:b3:e7:5c:46:01:a0:a1:1f:
4a:7a:16:52:74:c7:70:25:aa:4e:07:2d:c5:3c:45:
49:55:60:4c:28:30:c4:af:85:4f:a8:3e:4c:7b:e6:
f7:39:4b:cb:f7:6f:dd:d0:be:14:59:0a:b8:4a:20:
55:dd:8e:58:32:5f:ee:aa:ff:36:0f:8b:c8:ce:3b:
51:7a:c3:4c:bd:87:5f:81:7a:21:ea:8c:f2:75:06:
b2:72:13:63:a8:32:b5:3c:22:e2:2e:1a:b6:bc:77:
11:1c:c8:34:0f:c0:91:4e:ce:bc:98:b2:e7:d6:d4:
28:1e:30:44:60:fe:23:13:8c:ad:40:7c:cd:8d:ca:
24:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E4:2E:A4:25:C2:89:EC:8B:F9:27:17:55:FC:DE:3E:4E:A1:2F:E3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oOQupCXCieyL-ScXVfzePk6hL-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:8e:bc:4e:59:f8:13:cc:3a:81:3a:85:4f:dd:98:f3:88:89:
53:b5:36:07:66:7f:bb:39:17:3d:de:91:f0:11:37:75:80:8c:
22:bf:c3:d4:41:2c:38:69:2b:32:8b:75:e2:cc:30:07:4a:3a:
66:de:a9:2d:7a:7f:e9:f2:b7:ad:58:d3:2f:eb:4a:d8:6b:b7:
ce:e1:5a:e6:ff:46:2a:ee:60:32:bd:f2:24:0e:b8:a5:c9:60:
a1:17:21:5f:bb:7a:2a:4d:43:07:a9:8c:13:bc:6e:9a:83:9d:
19:9a:ea:dc:53:ca:9c:b6:f0:98:12:4c:7b:69:a7:f7:d5:28:
ad:32:06:cd:2f:8e:f2:b2:05:cf:92:0f:d5:43:4c:f2:35:26:
89:57:ae:d4:f0:5f:ec:f3:4f:db:bb:06:ef:30:0e:4d:30:15:
82:61:a6:ac:2d:da:54:ab:53:89:98:0d:81:d3:08:72:34:cc:
0e:9a:78:92:34:2b:fc:1f:19:02:30:7b:15:1d:53:ea:f0:b9:
89:7a:81:44:c4:2d:1a:e1:87:72:10:8e:5e:11:d4:b3:43:66:
3a:82:99:57:31:c2:ae:e7:e9:1a:b7:be:ea:c6:08:52:d3:f1:
89:d9:1f:50:84:8e:27:e3:fe:5e:4c:31:2d:60:4e:d3:4e:7d:
37:4b:c9:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmeVqtl+hbH8Boq1u0gHPUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI4MjExMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGU0MmVhNDI1YzI4OWVjOGJmOTI3MTc1NWZjZGUzZTRlYTEyZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSgCpFxKsXvlfHsfewpe9kLSiyKU
zMO5laIjKpcjUOUNCusqremqKLeACoeICxOa7Ay/oSMwmgH+QF4G91LkbblK9+hY
wPaUvK1NNuJZF8rd3cU8mAIcfRZn7QdL5Cbixxxy4B1w/HU7vtwRQ+FuJ8VHMAFT
t0aKL54G2I9gs+dcRgGgoR9KehZSdMdwJapOBy3FPEVJVWBMKDDEr4VPqD5Me+b3
OUvL92/d0L4UWQq4SiBV3Y5YMl/uqv82D4vIzjtResNMvYdfgXoh6ozydQaychNj
qDK1PCLiLhq2vHcRHMg0D8CRTs68mLLn1tQoHjBEYP4jE4ytQHzNjcokcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKDkLqQlwonsi/knF1X83j5OoS/jMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb09RdXBDWENpZXlMLVNjWFZmemVQazZoTC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKWOvE5Z+BPMOoE6hU/d
mPOIiVO1Ngdmf7s5Fz3ekfARN3WAjCK/w9RBLDhpKzKLdeLMMAdKOmbeqS16f+ny
t61Y0y/rSthrt87hWub/RiruYDK98iQOuKXJYKEXIV+7eipNQwepjBO8bpqDnRma
6txTypy28JgSTHtpp/fVKK0yBs0vjvKyBc+SD9VDTPI1JolXrtTwX+zzT9u7Bu8w
Dk0wFYJhpqwt2lSrU4mYDYHTCHI0zA6aeJI0K/wfGQIwexUdU+rwuYl6gUTELRrh
h3IQjl4R1LNDZjqCmVcxwq7n6Rq3vurGCFLT8YnZH1CEjifj/l5MMS1gTtNOfTdL
yTI=
-----END CERTIFICATE-----
Generated at Sun May 4 12:41:08 2025 by rpki-client