Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ojXoTwZ9K0XSrKHg3A3Cx1FIWG0.roa
File: ojXoTwZ9K0XSrKHg3A3Cx1FIWG0.roa (raw, json)
Hash identifier: YtkSqHvNz6FNEh5jB6YQA/d1OJGqFWHnRhlh5uMNTsQ=
Subject key identifier: A2:35:E8:4F:06:7D:2B:45:D2:AC:A1:E0:DC:0D:C2:C7:51:48:58:6D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185646FB9B8BA73F1055D4E6BB52B1AA3A4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ojXoTwZ9K0XSrKHg3A3Cx1FIWG0.roa
Signing time: Fri 30 Dec 2022 19:08:41 +0000
ROA not before: Fri 30 Dec 2022 19:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:64:6f:b9:b8:ba:73:f1:05:5d:4e:6b:b5:2b:1a:a3:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 19:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a235e84f067d2b45d2aca1e0dc0dc2c75148586d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:80:04:24:f4:b5:cf:85:b0:cb:6f:01:4d:
3a:35:ea:b5:59:b5:c9:1a:fa:18:8f:5b:7b:fd:40:
2b:b2:be:67:b4:0b:0d:51:40:41:e8:2a:81:11:18:
d3:e7:14:f5:e2:56:56:26:5d:0b:23:8a:b5:8f:24:
1a:fb:d0:a1:79:18:97:f2:e2:7a:11:4d:30:c0:d4:
28:ea:0d:50:ef:dc:e3:e6:c2:d8:aa:ba:0b:01:72:
5d:64:e0:c1:28:13:5a:27:e4:02:fd:2b:0b:16:9b:
d7:4b:c5:ce:33:18:fd:bf:d6:0a:cb:12:4a:00:94:
88:34:3e:43:0e:d7:57:20:a3:1d:43:52:a9:0f:c4:
9f:66:ef:5c:70:d8:26:85:5d:85:99:25:fa:91:c2:
09:db:68:9c:2b:da:11:ac:99:8f:b4:9e:b4:6c:07:
25:68:eb:db:d9:a7:cd:46:93:e3:88:46:0c:71:e2:
d9:05:fd:86:ac:12:1e:3e:6e:ec:dd:37:d5:71:b8:
23:27:7a:48:6d:82:dc:bd:64:5d:fa:9f:b4:07:4b:
f1:ea:97:89:5c:da:8d:90:db:e8:5a:be:d1:20:b9:
70:87:b6:ee:8b:db:14:86:05:d0:e3:53:6d:fc:42:
3e:26:7c:3f:82:1b:d5:d4:00:35:b4:b0:1e:33:db:
8a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:35:E8:4F:06:7D:2B:45:D2:AC:A1:E0:DC:0D:C2:C7:51:48:58:6D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ojXoTwZ9K0XSrKHg3A3Cx1FIWG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:0d:21:94:07:c5:29:bf:ea:b8:6f:62:4d:0c:3d:28:3b:33:
9b:8e:75:a0:50:f5:f2:00:d6:20:7e:da:9b:f9:bd:71:54:d1:
fc:70:80:d7:7e:f1:c7:18:23:67:f4:95:51:5e:66:d1:50:44:
05:43:9a:3a:78:f8:87:eb:27:86:06:46:fe:f4:2b:2b:59:24:
5a:7b:06:54:00:ac:22:91:49:5b:dd:ff:1c:38:27:12:7e:79:
f2:5f:d9:7f:a3:04:23:21:ef:30:de:b8:ba:1c:c9:eb:ef:69:
33:13:af:e9:4e:62:ac:dd:b2:60:36:70:2e:71:b6:26:b2:1d:
10:65:4c:4f:43:41:3e:12:b8:85:de:82:8b:ec:59:93:48:a0:
11:a4:be:bd:22:f1:89:ae:c0:0a:05:31:f6:5e:79:32:6d:18:
04:75:0d:0a:45:40:77:8f:00:b6:08:a6:a6:42:3d:62:4b:59:
96:81:df:4d:ca:8f:dc:78:fb:a6:60:74:fb:4a:74:ed:17:01:
c5:4e:48:0d:ac:64:76:61:c7:f2:3f:8b:06:15:f0:b8:8b:dd:
3e:43:cf:16:2c:9e:f7:66:1b:1a:46:e7:7f:84:1a:89:da:fa:
93:59:aa:47:dc:8a:e7:f3:37:10:92:df:17:46:25:af:87:2b:
27:d0:cf:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVkb7m4unPxBV1Oa7UrGqOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMTkwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM1ZTg0ZjA2N2QyYjQ1ZDJhY2ExZTBkYzBkYzJjNzUxNDg1ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOuABCT0tc+FsMtvAU06Neq1WbXJ
GvoYj1t7/UArsr5ntAsNUUBB6CqBERjT5xT14lZWJl0LI4q1jyQa+9CheRiX8uJ6
EU0wwNQo6g1Q79zj5sLYqroLAXJdZODBKBNaJ+QC/SsLFpvXS8XOMxj9v9YKyxJK
AJSIND5DDtdXIKMdQ1KpD8SfZu9ccNgmhV2FmSX6kcIJ22icK9oRrJmPtJ60bAcl
aOvb2afNRpPjiEYMceLZBf2GrBIePm7s3TfVcbgjJ3pIbYLcvWRd+p+0B0vx6peJ
XNqNkNvoWr7RILlwh7bui9sUhgXQ41Nt/EI+Jnw/ghvV1AA1tLAeM9uKDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKI16E8GfStF0qyh4NwNwsdRSFhtMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb2pYb1R3WjlLMFhTcktIZzNBM0N4MUZJV0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABkNIZQHxSm/6rhvYk0M
PSg7M5uOdaBQ9fIA1iB+2pv5vXFU0fxwgNd+8ccYI2f0lVFeZtFQRAVDmjp4+Ifr
J4YGRv70KytZJFp7BlQArCKRSVvd/xw4JxJ+efJf2X+jBCMh7zDeuLocyevvaTMT
r+lOYqzdsmA2cC5xtiayHRBlTE9DQT4SuIXegovsWZNIoBGkvr0i8YmuwAoFMfZe
eTJtGAR1DQpFQHePALYIpqZCPWJLWZaB303Kj9x4+6ZgdPtKdO0XAcVOSA2sZHZh
x/I/iwYV8LiL3T5DzxYsnvdmGxpG53+EGona+pNZqkfciufzNxCS3xdGJa+HKyfQ
z+M=
-----END CERTIFICATE-----
Generated at Fri May 2 19:13:33 2025 by rpki-client