Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oeVsGmKyM8yX_afgnG6-5QHpkhY.roa
File: oeVsGmKyM8yX_afgnG6-5QHpkhY.roa (raw, json)
Hash identifier: eY+diyL7ujZvmx9lvkF7t9/Mut8x182FhpVX+IQdkWU=
Subject key identifier: A1:E5:6C:1A:62:B2:33:CC:97:FD:A7:E0:9C:6E:BE:E5:01:E9:92:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189AE69F3DE5030077EFF45B845A7737CFA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oeVsGmKyM8yX_afgnG6-5QHpkhY.roa
Signing time: Tue 01 Aug 2023 00:05:26 +0000
ROA not before: Tue 01 Aug 2023 00:05:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:ae69:4620/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ae:69:f3:de:50:30:07:7e:ff:45:b8:45:a7:73:7c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 1 00:05:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1e56c1a62b233cc97fda7e09c6ebee501e99216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fc:4f:40:c1:cb:74:d3:f9:fc:2a:91:5e:d7:
21:f7:bf:f9:a8:65:57:7a:41:a0:fa:76:7d:13:4d:
8e:b9:66:c6:5b:69:4d:32:e4:af:35:89:fe:78:09:
65:48:fe:76:0e:70:83:be:69:0f:04:cc:b2:7d:44:
82:8b:db:7e:64:c1:5c:3f:0e:a0:76:0b:53:b6:1d:
a6:ec:a0:be:9e:9f:cc:b1:02:85:ea:1d:27:5c:a8:
c4:83:3c:c8:e6:f6:4e:65:65:56:fb:ca:1d:c3:b5:
11:da:24:4f:fd:88:4d:e5:f8:5b:5f:a4:a7:17:ed:
df:2a:5c:0e:8c:2b:fb:32:6e:f3:5f:da:a1:64:c7:
04:de:72:97:5c:88:6d:66:7a:73:f3:ee:e0:fb:3a:
f9:a0:ab:89:a9:a6:59:a0:ec:bd:20:d7:65:d5:81:
78:78:10:1c:af:4f:2b:13:de:b6:63:35:c9:c6:0c:
d1:10:42:b5:48:08:30:8f:33:d9:c8:d5:58:16:36:
e7:25:4a:e1:e7:fa:3e:ce:39:a4:18:5e:1f:0d:89:
e2:d8:14:8c:56:de:ba:dc:9d:0d:c6:8d:b2:06:c6:
40:74:07:19:d8:ad:1b:34:32:0c:6c:e4:9b:82:ce:
5b:b0:cf:e1:9e:b4:11:49:8d:4f:11:eb:20:0c:cd:
81:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E5:6C:1A:62:B2:33:CC:97:FD:A7:E0:9C:6E:BE:E5:01:E9:92:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oeVsGmKyM8yX_afgnG6-5QHpkhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:ab:d9:8e:f3:23:fe:1a:e3:9d:53:ec:86:e8:fe:23:a9:14:
7e:10:71:80:0d:22:5b:72:4a:4e:be:25:c4:03:86:ee:fa:33:
7f:7a:c0:65:3a:1f:76:7f:b6:96:81:e8:dd:42:36:c3:6d:51:
8a:dc:f3:b1:e9:05:27:2f:ba:9a:ef:ec:0a:2b:ac:7e:c7:d8:
93:d3:b1:1a:32:4f:ca:93:43:84:1f:9b:21:c8:52:c2:f2:a4:
ba:5f:71:92:d7:0f:fe:fc:fa:c2:dd:96:a2:e5:e8:09:22:0a:
a1:70:26:9d:e6:33:71:11:25:94:8c:17:2f:86:3e:b0:d2:ac:
a2:06:da:8e:32:c0:dd:21:7d:3f:18:39:a9:cb:27:88:1d:bc:
4a:9a:a5:e7:21:00:e9:24:1e:c4:e0:45:3e:23:70:a8:04:04:
1e:a4:96:89:5f:d4:cf:9b:32:80:b0:4e:22:0e:7a:ad:d9:70:
5a:ef:76:ac:94:55:6a:bd:3e:0d:ed:2f:90:fd:22:94:ea:d2:
32:61:a4:63:2e:f6:a5:68:07:bb:ae:49:a9:95:45:45:3a:42:
1e:e3:a1:01:7f:7e:75:3a:f6:4e:c5:51:40:3a:a6:cb:37:bb:
62:4d:92:69:a5:e8:79:d0:65:23:58:eb:fb:a6:21:49:3f:c5:
6d:3b:9b:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmuafPeUDAHfv9FuEWnc3z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAxMDAwNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWU1NmMxYTYyYjIzM2NjOTdmZGE3ZTA5YzZlYmVlNTAxZTk5MjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvxPQMHLdNP5/CqRXtch97/5qGVX
ekGg+nZ9E02OuWbGW2lNMuSvNYn+eAllSP52DnCDvmkPBMyyfUSCi9t+ZMFcPw6g
dgtTth2m7KC+np/MsQKF6h0nXKjEgzzI5vZOZWVW+8odw7UR2iRP/YhN5fhbX6Sn
F+3fKlwOjCv7Mm7zX9qhZMcE3nKXXIhtZnpz8+7g+zr5oKuJqaZZoOy9INdl1YF4
eBAcr08rE962YzXJxgzREEK1SAgwjzPZyNVYFjbnJUrh5/o+zjmkGF4fDYni2BSM
Vt663J0Nxo2yBsZAdAcZ2K0bNDIMbOSbgs5bsM/hnrQRSY1PEesgDM2BtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKHlbBpisjPMl/2n4JxuvuUB6ZIWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb2VWc0dtS3lNOHlYX2FmZ25HNi01UUhwa2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACKr2Y7zI/4a451T7Ibo
/iOpFH4QcYANIltySk6+JcQDhu76M396wGU6H3Z/tpaB6N1CNsNtUYrc87HpBScv
uprv7AorrH7H2JPTsRoyT8qTQ4QfmyHIUsLypLpfcZLXD/78+sLdlqLl6AkiCqFw
Jp3mM3ERJZSMFy+GPrDSrKIG2o4ywN0hfT8YOanLJ4gdvEqapechAOkkHsTgRT4j
cKgEBB6klolf1M+bMoCwTiIOeq3ZcFrvdqyUVWq9Pg3tL5D9IpTq0jJhpGMu9qVo
B7uuSamVRUU6Qh7joQF/fnU69k7FUUA6pss3u2JNkmml6HnQZSNY6/umIUk/xW07
mwo=
-----END CERTIFICATE-----
Generated at Fri May 2 18:40:43 2025 by rpki-client