Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oajTgVnk_FgX_9yRsdKTgA0amH8.roa
File: oajTgVnk_FgX_9yRsdKTgA0amH8.roa (raw, json)
Hash identifier: QXLHNo7E6x034Uxccp7td3wDp4iU+vDH+t8bl6DvbxI=
Subject key identifier: A1:A8:D3:81:59:E4:FC:58:17:FF:DC:91:B1:D2:93:80:0D:1A:98:7F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01852631C9B7FB3981C41D702AFE54BC7C86
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oajTgVnk_FgX_9yRsdKTgA0amH8.roa
Signing time: Sun 18 Dec 2022 17:04:35 +0000
ROA not before: Sun 18 Dec 2022 17:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:2631:57b3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:26:31:c9:b7:fb:39:81:c4:1d:70:2a:fe:54:bc:7c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 17:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1a8d38159e4fc5817ffdc91b1d293800d1a987f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:46:c2:43:20:c4:9c:05:a3:df:90:8d:95:e1:
7a:a3:c2:be:29:68:7a:c2:f1:7c:a6:49:21:bc:c1:
fb:74:54:4a:e9:20:27:67:10:c3:87:f3:8f:32:5e:
71:de:b1:17:39:c6:25:b5:76:5f:2f:f4:82:f4:57:
87:ae:a2:c2:21:0a:28:70:c1:05:46:a5:80:5a:b7:
53:0a:14:a8:59:9d:a4:4c:ba:26:4a:96:db:80:78:
2b:7a:5e:2f:50:49:95:62:4f:a1:c7:d8:25:a9:39:
10:6b:15:a6:75:d3:02:3e:84:45:f5:e8:a3:5a:91:
25:42:bc:aa:04:32:7e:03:81:40:37:c7:5d:03:27:
78:8e:b6:78:3e:d2:72:8d:9d:39:b7:54:19:54:aa:
b7:4a:d4:1c:44:22:eb:e8:0a:30:cd:80:04:15:64:
c0:ee:4b:2d:8a:7c:40:52:b6:81:01:ae:1e:f0:51:
17:b6:d7:95:78:2f:da:dd:8c:2e:e2:ab:b7:30:16:
45:88:bd:fa:50:65:b7:e5:2f:53:b1:d3:7a:30:ba:
f3:cc:77:63:5c:7d:db:ca:a5:2b:b5:af:60:d5:1d:
ff:ec:26:a5:3a:60:35:f3:b6:02:f7:23:95:99:4a:
86:6c:b5:68:5f:c4:95:58:77:2f:b0:9f:7f:d7:29:
0f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A8:D3:81:59:E4:FC:58:17:FF:DC:91:B1:D2:93:80:0D:1A:98:7F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oajTgVnk_FgX_9yRsdKTgA0amH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:cc:80:25:92:fd:d0:24:ed:ae:f4:93:43:a7:a2:e9:3d:be:
a7:d5:ee:47:b0:49:33:9a:79:2c:1d:1f:70:58:fa:0b:c7:2c:
60:81:c8:28:be:4c:70:55:4f:cb:c7:2a:31:9e:cd:98:2c:fe:
9e:ea:74:0a:23:82:6e:94:20:6c:4b:3c:a8:7f:5b:f0:52:91:
99:d3:4d:4c:ee:98:6e:75:4f:b4:02:84:6e:ce:76:4f:4c:6a:
74:03:21:90:b7:bc:e1:a7:da:f4:aa:8b:51:93:e4:e6:ab:b9:
79:b4:71:49:06:2c:b1:ee:96:bc:e4:e5:00:fe:91:cb:bf:21:
66:56:e8:b4:20:3a:09:eb:80:fd:aa:41:db:e0:49:4f:c1:6b:
97:c1:ed:78:b8:a0:2f:e8:23:e7:26:b7:62:6a:ec:67:34:5c:
ea:5f:dc:71:ae:e1:42:0f:69:c8:1b:9f:f4:e9:fa:f7:26:21:
58:0a:3c:6e:16:bf:1a:5d:7b:ee:04:31:e8:5d:5e:96:59:09:
eb:77:bb:ee:68:05:d1:7b:21:e8:fe:d6:59:a3:85:f9:4d:10:
06:78:9b:5f:e7:40:74:74:15:ba:91:bc:cf:d6:9c:93:9e:48:
2b:a2:09:53:d7:1b:46:4b:d2:51:2a:25:c3:94:90:56:ba:4c:
5e:0b:7e:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUmMcm3+zmBxB1wKv5UvHyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MTcwNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWE4ZDM4MTU5ZTRmYzU4MTdmZmRjOTFiMWQyOTM4MDBkMWE5ODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokbCQyDEnAWj35CNleF6o8K+KWh6
wvF8pkkhvMH7dFRK6SAnZxDDh/OPMl5x3rEXOcYltXZfL/SC9FeHrqLCIQoocMEF
RqWAWrdTChSoWZ2kTLomSpbbgHgrel4vUEmVYk+hx9glqTkQaxWmddMCPoRF9eij
WpElQryqBDJ+A4FAN8ddAyd4jrZ4PtJyjZ05t1QZVKq3StQcRCLr6AowzYAEFWTA
7kstinxAUraBAa4e8FEXtteVeC/a3Ywu4qu3MBZFiL36UGW35S9TsdN6MLrzzHdj
XH3byqUrta9g1R3/7CalOmA187YC9yOVmUqGbLVoX8SVWHcvsJ9/1ykP2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKGo04FZ5PxYF//ckbHSk4ANGph/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb2FqVGdWbmtfRmdYXzl5UnNkS1RnQTBhbUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvMgCWS/dAk7a70k0On
ouk9vqfV7kewSTOaeSwdH3BY+gvHLGCByCi+THBVT8vHKjGezZgs/p7qdAojgm6U
IGxLPKh/W/BSkZnTTUzumG51T7QChG7Odk9ManQDIZC3vOGn2vSqi1GT5OaruXm0
cUkGLLHulrzk5QD+kcu/IWZW6LQgOgnrgP2qQdvgSU/Ba5fB7Xi4oC/oI+cmt2Jq
7Gc0XOpf3HGu4UIPacgbn/Tp+vcmIVgKPG4Wvxpde+4EMehdXpZZCet3u+5oBdF7
Iej+1lmjhflNEAZ4m1/nQHR0FbqRvM/WnJOeSCuiCVPXG0ZL0lEqJcOUkFa6TF4L
fkQ=
-----END CERTIFICATE-----
Generated at Fri May 2 17:32:55 2025 by rpki-client