Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oXiBPlgos9UAT02u1Wbwc5grV9k.roa
File: oXiBPlgos9UAT02u1Wbwc5grV9k.roa (raw, json)
Hash identifier: vXdBo8S37woIfyWpNuL4Ve1P+H7uEo/pXygEdfbfjkk=
Subject key identifier: A1:78:81:3E:58:28:B3:D5:00:4F:4D:AE:D5:66:F0:73:98:2B:57:D9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018679E68B3D4AB462643EDB6030E354D6DF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oXiBPlgos9UAT02u1Wbwc5grV9k.roa
Signing time: Wed 22 Feb 2023 16:13:17 +0000
ROA not before: Wed 22 Feb 2023 16:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:e6:8b:3d:4a:b4:62:64:3e:db:60:30:e3:54:d6:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 16:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a178813e5828b3d5004f4daed566f073982b57d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:49:62:64:94:37:65:5b:f5:8c:75:00:ea:
6d:a9:7e:6b:80:3d:27:e7:76:85:f1:43:f7:da:00:
7c:eb:0e:0c:40:84:36:fb:65:70:92:8f:be:d3:45:
d1:92:42:5d:53:c0:91:71:3b:9a:3c:4f:5f:2c:6b:
1e:72:de:74:18:73:0d:f8:99:8f:8b:79:6b:8b:a9:
ce:94:f5:bf:4b:81:45:41:c3:a9:14:bb:97:64:78:
27:c0:6c:a6:a1:67:79:18:e6:1b:a1:63:de:5b:28:
bb:1c:fd:0f:ae:9c:54:f3:29:b4:44:30:e2:66:bb:
75:4c:74:96:8d:16:1b:c1:0f:07:7b:21:39:60:83:
f7:12:55:3c:c9:2e:12:7f:77:fc:07:40:9e:f5:c5:
ec:fe:51:6f:eb:87:18:cf:aa:17:b2:cb:4b:2b:39:
11:c6:e0:d3:06:19:37:12:37:e7:c5:be:18:03:fa:
c5:62:b7:bc:57:9b:f1:33:85:1d:b1:6f:cd:44:f8:
e1:51:0e:06:52:0d:3a:50:ed:9a:ff:2b:35:c2:11:
6e:06:c3:3b:cb:bb:61:9f:4a:e8:7e:ed:fe:d8:0d:
a9:95:47:45:bc:ab:12:ad:44:2f:fb:03:5f:a6:c8:
79:68:d5:06:71:16:01:11:09:a9:7e:ac:0f:bc:dc:
cc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:78:81:3E:58:28:B3:D5:00:4F:4D:AE:D5:66:F0:73:98:2B:57:D9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oXiBPlgos9UAT02u1Wbwc5grV9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:49:27:5d:65:26:58:43:76:15:2e:03:78:07:93:76:1f:0a:
d1:0d:d9:1e:c1:ad:a6:5b:95:02:ca:7c:12:67:68:95:da:a3:
04:88:4a:f4:85:18:9b:a3:91:35:13:f6:68:88:d4:1b:ff:37:
77:d9:1b:93:00:dc:14:f8:2f:7d:22:4b:df:b9:56:b5:6c:66:
12:96:43:2b:84:c9:f7:1c:46:cc:e1:69:83:cc:d9:18:2a:43:
be:48:bf:f0:e8:04:2b:0b:0b:2e:52:f3:ed:63:d4:87:65:23:
21:f6:2b:06:e4:e2:bc:3c:8c:0a:0e:d0:51:d5:99:93:b4:a3:
66:0b:aa:90:7b:68:aa:1d:fc:70:7b:b5:83:67:a4:86:2f:77:
2a:b5:bf:9d:7d:fe:e5:8e:b0:37:01:59:d7:77:ac:94:13:b0:
e7:e0:06:ec:2e:1a:c3:7c:5d:7f:3c:b2:ae:4e:e6:2d:be:e7:
f5:a3:6e:b6:94:c7:f2:10:73:8c:40:8e:32:c0:a4:21:49:32:
a4:50:01:25:17:f0:81:74:5b:b1:d5:99:a4:4a:15:3a:3b:12:
5b:a6:63:f9:30:a1:77:75:b1:d6:9c:d9:ab:34:4b:4a:c7:bb:
09:5a:e2:d4:6c:63:25:da:37:63:2e:e0:b1:51:b8:92:d9:7e:
12:07:b2:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ55os9SrRiZD7bYDDjVNbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMTYxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc4ODEzZTU4MjhiM2Q1MDA0ZjRkYWVkNTY2ZjA3Mzk4MmI1N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfFJYmSUN2Vb9Yx1AOptqX5rgD0n
53aF8UP32gB86w4MQIQ2+2Vwko++00XRkkJdU8CRcTuaPE9fLGsect50GHMN+JmP
i3lri6nOlPW/S4FFQcOpFLuXZHgnwGymoWd5GOYboWPeWyi7HP0PrpxU8ym0RDDi
Zrt1THSWjRYbwQ8HeyE5YIP3ElU8yS4Sf3f8B0Ce9cXs/lFv64cYz6oXsstLKzkR
xuDTBhk3Ejfnxb4YA/rFYre8V5vxM4UdsW/NRPjhUQ4GUg06UO2a/ys1whFuBsM7
y7thn0rofu3+2A2plUdFvKsSrUQv+wNfpsh5aNUGcRYBEQmpfqwPvNzMOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKF4gT5YKLPVAE9NrtVm8HOYK1fZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb1hpQlBsZ29zOVVBVDAydTFXYndjNWdyVjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACRJJ11lJlhDdhUuA3gH
k3YfCtEN2R7BraZblQLKfBJnaJXaowSISvSFGJujkTUT9miI1Bv/N3fZG5MA3BT4
L30iS9+5VrVsZhKWQyuEyfccRszhaYPM2RgqQ75Iv/DoBCsLCy5S8+1j1IdlIyH2
Kwbk4rw8jAoO0FHVmZO0o2YLqpB7aKod/HB7tYNnpIYvdyq1v519/uWOsDcBWdd3
rJQTsOfgBuwuGsN8XX88sq5O5i2+5/WjbraUx/IQc4xAjjLApCFJMqRQASUX8IF0
W7HVmaRKFTo7ElumY/kwoXd1sdac2as0S0rHuwla4tRsYyXaN2Mu4LFRuJLZfhIH
suc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:44 2025 by rpki-client