Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oiJW31mrNM01GRXx_dG098Z8M1E.roa
File: oiJW31mrNM01GRXx_dG098Z8M1E.roa (raw, json)
Hash identifier: t1nYM/GQWEnvt1Tv9pXofE6+vKhtLHM1b1/zTjdHnrw=
Subject key identifier: A2:22:56:DF:59:AB:34:CD:35:19:15:F1:FD:D1:B4:F7:C6:7C:33:51
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0181F289DC501D9AB15E628D044019F8F146
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oiJW31mrNM01GRXx_dG098Z8M1E.roa
Signing time: Tue 12 Jul 2022 13:12:10 +0000
ROA not before: Tue 12 Jul 2022 13:12:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:89:dc:50:1d:9a:b1:5e:62:8d:04:40:19:f8:f1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 12 13:12:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a22256df59ab34cd351915f1fdd1b4f7c67c3351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c8:bc:4b:1a:62:7a:c4:20:28:95:91:0c:03:
01:b3:11:32:cf:20:97:92:63:0d:fb:4a:9e:62:38:
a9:f7:8a:d4:fd:32:45:6e:9a:67:f4:58:8c:96:21:
fe:70:b6:db:ab:5a:92:ef:07:b8:40:cf:c0:d6:63:
88:a2:e7:b1:b2:73:d5:fc:04:8a:4a:11:66:e9:b1:
fe:67:5c:ad:bd:5f:b9:92:15:fa:7e:2d:1d:18:d1:
19:96:cc:91:57:62:eb:bb:e4:60:05:09:e7:f0:06:
4a:2b:7a:0a:0b:8b:eb:02:e2:5c:05:de:11:99:0c:
5f:36:e8:a9:c9:66:d3:21:79:75:dc:39:73:77:85:
7d:af:e8:4f:cf:61:27:1c:a0:4f:f7:4b:46:97:c7:
43:db:de:53:41:1c:ea:7a:31:64:c8:79:a7:3d:46:
2a:c7:58:5f:a5:b8:4a:2e:20:96:4c:9b:92:98:b0:
11:14:f1:63:ed:a3:5b:41:0d:b3:86:a5:19:64:b2:
bf:9c:c1:47:c5:88:a9:dd:76:54:1a:e9:b7:ef:76:
5a:a3:bd:4a:99:67:2b:61:e1:66:0e:39:c1:93:18:
04:dc:aa:89:73:ee:17:78:1a:1c:33:b9:47:f0:d7:
50:3d:ee:bc:60:df:41:f8:c1:a5:3f:96:98:3d:64:
f8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:22:56:DF:59:AB:34:CD:35:19:15:F1:FD:D1:B4:F7:C6:7C:33:51
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oiJW31mrNM01GRXx_dG098Z8M1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:fd:80:16:63:e7:70:80:c8:24:16:ce:60:e3:86:91:50:38:
52:be:cd:bf:06:6f:96:ca:00:29:2a:29:cc:e0:a4:dc:6f:39:
8c:5a:b0:14:a7:31:24:07:c8:c5:5a:8e:9a:af:6c:f7:51:c1:
51:ec:35:e9:a6:41:34:51:27:16:3c:79:17:ff:36:9b:95:6a:
b4:dd:da:93:9f:a2:ba:d9:af:25:15:17:7e:6a:24:3d:96:2a:
b2:b5:51:2a:3d:b1:48:6e:a6:f3:2e:b8:b7:65:ec:75:a5:46:
27:2b:ad:b2:b0:6c:0d:c6:72:34:79:7e:db:a1:60:8a:ab:fd:
f2:32:57:7d:b1:d1:f8:77:f5:c8:92:b8:df:82:12:e7:8f:1d:
f9:b8:3b:2a:a9:82:92:1e:f5:78:1e:f5:d9:9b:f0:6b:d8:5e:
a2:de:7e:49:5b:33:20:50:fd:dd:08:44:9e:84:1e:e4:0f:ca:
a9:c2:01:94:d3:93:8c:0d:15:6e:55:9f:85:cf:f3:c0:7f:f9:
18:c0:b4:bf:bc:f2:65:ff:d9:c1:5a:2a:0c:25:b6:7a:32:fe:
d4:c6:53:a4:7e:46:63:03:e0:5d:fc:4a:56:1f:63:74:3a:df:
e8:9f:a7:f0:1b:d5:e8:57:c7:79:71:3b:ff:88:f8:69:44:e3:
f0:e4:33:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYHyidxQHZqxXmKNBEAZ+PFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzEyMTMxMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIyNTZkZjU5YWIzNGNkMzUxOTE1ZjFmZGQxYjRmN2M2N2MzMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8i8SxpiesQgKJWRDAMBsxEyzyCX
kmMN+0qeYjip94rU/TJFbppn9FiMliH+cLbbq1qS7we4QM/A1mOIouexsnPV/ASK
ShFm6bH+Z1ytvV+5khX6fi0dGNEZlsyRV2Lru+RgBQnn8AZKK3oKC4vrAuJcBd4R
mQxfNuipyWbTIXl13Dlzd4V9r+hPz2EnHKBP90tGl8dD295TQRzqejFkyHmnPUYq
x1hfpbhKLiCWTJuSmLARFPFj7aNbQQ2zhqUZZLK/nMFHxYip3XZUGum373Zao71K
mWcrYeFmDjnBkxgE3KqJc+4XeBocM7lH8NdQPe68YN9B+MGlP5aYPWT43QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKIiVt9ZqzTNNRkV8f3RtPfGfDNRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb2lKVzMxbXJOTTAxR1JYeF9kRzA5OFo4TTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIr9gBZj53CAyCQWzmDj
hpFQOFK+zb8Gb5bKACkqKczgpNxvOYxasBSnMSQHyMVajpqvbPdRwVHsNemmQTRR
JxY8eRf/NpuVarTd2pOforrZryUVF35qJD2WKrK1USo9sUhupvMuuLdl7HWlRicr
rbKwbA3GcjR5ftuhYIqr/fIyV32x0fh39ciSuN+CEuePHfm4OyqpgpIe9Xge9dmb
8GvYXqLefklbMyBQ/d0IRJ6EHuQPyqnCAZTTk4wNFW5Vn4XP88B/+RjAtL+88mX/
2cFaKgwltnoy/tTGU6R+RmMD4F38SlYfY3Q63+ifp/Ab1ehXx3lxO/+I+GlE4/Dk
My4=
-----END CERTIFICATE-----
Generated at Thu May 1 06:45:40 2025 by rpki-client