Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ohYoB7Dk8BBD7m9FbKHt35EGmwQ.roa
File: ohYoB7Dk8BBD7m9FbKHt35EGmwQ.roa (raw, json)
Hash identifier: Sn6sDExmfctqPwIuWZkfiaDQmKMO+hYCg6izFNnrYXI=
Subject key identifier: A2:16:28:07:B0:E4:F0:10:43:EE:6F:45:6C:A1:ED:DF:91:06:9B:04
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D46D94DD4C6A89A3EF255C0F81F4623F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ohYoB7Dk8BBD7m9FbKHt35EGmwQ.roa
Signing time: Tue 08 Aug 2023 09:14:58 +0000
ROA not before: Tue 08 Aug 2023 09:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:6d:94:dd:4c:6a:89:a3:ef:25:5c:0f:81:f4:62:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 8 09:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2162807b0e4f01043ee6f456ca1eddf91069b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:fc:20:f8:8b:f0:d8:e9:51:da:6b:5c:7a:
8c:dd:7e:a4:62:56:48:56:9a:bf:db:e8:82:c1:09:
41:75:18:57:d8:fb:b6:c2:2d:d2:2f:5c:b6:f0:75:
54:e7:e8:d6:1a:93:bf:0d:18:d8:08:3f:11:c7:7d:
f7:71:91:f4:07:30:58:66:77:00:35:98:b2:e7:b8:
b0:59:1a:a7:f4:b5:a3:f6:69:e6:70:aa:9c:2a:40:
da:fd:33:1b:b3:d5:de:f7:2e:2c:e5:15:1a:ba:64:
72:f0:16:b7:b1:ba:43:fb:33:1b:49:d8:a8:09:1e:
0a:3d:4a:36:ef:67:c9:eb:d7:f4:4c:7e:0e:c0:53:
e9:df:35:3c:29:d2:af:26:6d:99:96:c0:54:6a:72:
44:e2:0d:ec:23:b5:e6:ba:b3:4f:b2:79:18:1d:27:
27:cc:c5:06:8d:1a:0e:62:ff:a6:a3:fd:6b:29:8b:
44:10:d5:70:a6:60:d9:d8:ac:4f:a6:c8:df:77:cb:
de:9e:8e:8e:9f:be:7a:f6:98:4b:49:02:f7:ae:05:
a7:3d:65:3f:1b:f1:77:f3:2b:73:69:3d:d4:31:50:
9e:00:b3:30:e7:f8:8b:29:01:86:48:6a:75:a7:88:
cc:e6:a8:e0:9b:e7:a1:4a:7b:e5:42:31:3f:37:a4:
64:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:16:28:07:B0:E4:F0:10:43:EE:6F:45:6C:A1:ED:DF:91:06:9B:04
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ohYoB7Dk8BBD7m9FbKHt35EGmwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:2a:88:9f:9a:1e:a3:ab:b1:5f:78:5c:54:cb:6f:d5:59:2d:
2d:45:48:59:3a:3b:71:db:34:a9:7f:a5:8f:1d:0b:99:d5:71:
6e:54:41:ca:d7:c0:2e:64:bc:5d:3e:6f:d5:22:c0:71:a1:5a:
15:0c:78:9c:bf:4e:94:cc:07:8c:8c:77:0c:3e:f9:7b:b3:49:
db:7a:6c:ea:33:6a:de:00:67:ef:ab:02:bc:a1:55:f4:fa:89:
ba:c1:23:1c:23:cf:9a:b1:f3:54:d9:70:3e:2d:68:bd:d9:45:
fe:db:fe:ad:d6:60:be:45:2a:21:b1:ac:eb:ad:f8:13:b8:be:
5e:ec:93:bb:1b:0d:17:b0:ff:5b:87:67:5b:c4:5a:eb:6f:fb:
55:0a:4a:ce:df:03:2e:91:66:0a:93:fe:28:a1:8b:d4:72:c9:
58:2f:72:7e:68:09:ec:aa:1b:e7:27:fa:2b:f0:ab:a5:11:2a:
ff:6f:47:f6:19:60:56:b2:06:78:61:36:d2:d8:86:4c:50:79:
e5:f2:31:73:7c:88:5b:bc:b8:05:2a:45:8a:62:e9:98:7c:9f:
d0:48:cc:e5:37:61:bd:ca:c8:ed:d1:64:de:d6:9a:1f:60:f2:
34:19:8d:9e:0d:2a:bf:9c:b5:e5:a8:c9:f7:26:de:ef:e8:d2:
c8:a8:12:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnUbZTdTGqJo+8lXA+B9GI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA4MDkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE2MjgwN2IwZTRmMDEwNDNlZTZmNDU2Y2ExZWRkZjkxMDY5YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnL8IPiL8NjpUdprXHqM3X6kYlZI
Vpq/2+iCwQlBdRhX2Pu2wi3SL1y28HVU5+jWGpO/DRjYCD8Rx333cZH0BzBYZncA
NZiy57iwWRqn9LWj9mnmcKqcKkDa/TMbs9Xe9y4s5RUaumRy8Ba3sbpD+zMbSdio
CR4KPUo272fJ69f0TH4OwFPp3zU8KdKvJm2ZlsBUanJE4g3sI7XmurNPsnkYHScn
zMUGjRoOYv+mo/1rKYtEENVwpmDZ2KxPpsjfd8veno6On7569phLSQL3rgWnPWU/
G/F38ytzaT3UMVCeALMw5/iLKQGGSGp1p4jM5qjgm+ehSnvlQjE/N6Rk0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKIWKAew5PAQQ+5vRWyh7d+RBpsEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb2hZb0I3RGs4QkJEN205RmJLSHQzNUVHbXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG4qiJ+aHqOrsV94XFTL
b9VZLS1FSFk6O3HbNKl/pY8dC5nVcW5UQcrXwC5kvF0+b9UiwHGhWhUMeJy/TpTM
B4yMdww++XuzSdt6bOozat4AZ++rAryhVfT6ibrBIxwjz5qx81TZcD4taL3ZRf7b
/q3WYL5FKiGxrOut+BO4vl7sk7sbDRew/1uHZ1vEWutv+1UKSs7fAy6RZgqT/iih
i9RyyVgvcn5oCeyqG+cn+ivwq6URKv9vR/YZYFayBnhhNtLYhkxQeeXyMXN8iFu8
uAUqRYpi6Zh8n9BIzOU3Yb3KyO3RZN7Wmh9g8jQZjZ4NKr+cteWoyfcm3u/o0sio
EsU=
-----END CERTIFICATE-----
Generated at Fri May 2 14:54:10 2025 by rpki-client