Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/omxKpizUbJi40VB8M3BZr_P6B1k.roa
File: omxKpizUbJi40VB8M3BZr_P6B1k.roa (raw, json)
Hash identifier: JmC9LZYzwVb+apiuz8eU0xw201C/00y9hsQ4gfTkioY=
Subject key identifier: A2:6C:4A:A6:2C:D4:6C:98:B8:D1:50:7C:33:70:59:AF:F3:FA:07:59
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182493C46E6CD312E3FA6B167549F81188C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/omxKpizUbJi40VB8M3BZr_P6B1k.roa
Signing time: Fri 29 Jul 2022 09:14:23 +0000
ROA not before: Fri 29 Jul 2022 09:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:49:3c:46:e6:cd:31:2e:3f:a6:b1:67:54:9f:81:18:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 29 09:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a26c4aa62cd46c98b8d1507c337059aff3fa0759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:3f:55:5c:2c:54:59:89:54:9f:da:1a:0a:
88:4e:9c:d0:41:5d:5a:7f:73:c6:5d:e8:70:ed:25:
38:a1:43:5c:6b:10:39:a5:46:50:6f:3f:ca:45:51:
0a:4e:3e:3d:38:b1:07:a7:c8:0d:6c:4d:49:6d:25:
ee:fb:f8:b7:49:f0:88:46:1a:2b:41:91:61:3f:6a:
a9:01:a6:4a:78:63:07:86:aa:bf:d2:a5:a0:7d:11:
21:65:84:0b:18:1c:56:73:7a:ed:6d:da:ef:35:99:
16:78:3a:3d:1d:81:ed:a0:dd:fd:ba:66:65:83:cd:
7a:1e:98:be:31:ec:64:93:57:a9:cd:fc:45:c5:fb:
76:0a:73:fb:c7:ba:77:68:73:bf:52:22:0f:65:bb:
8f:f8:3d:32:25:d3:c6:72:d9:fe:ba:07:07:a7:b6:
06:01:56:02:ca:d0:57:a7:80:31:01:88:d3:8c:04:
a6:6f:d3:96:0b:73:97:f9:f8:f5:2e:1d:22:a9:bf:
18:c4:f6:12:84:cc:37:0c:b1:35:eb:ca:bd:99:28:
26:63:0a:86:23:6c:c4:bd:e1:07:a7:52:50:2c:4f:
86:87:5b:70:4a:58:a4:a0:01:9f:bf:8c:70:69:5c:
fb:64:e2:cb:60:14:1b:3a:10:84:6e:9d:61:d6:31:
05:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6C:4A:A6:2C:D4:6C:98:B8:D1:50:7C:33:70:59:AF:F3:FA:07:59
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/omxKpizUbJi40VB8M3BZr_P6B1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:f7:0f:84:b3:5e:a9:ce:3d:b2:6f:32:66:54:3c:c1:f7:61:
9e:9e:e9:2a:29:0e:74:cc:c3:79:e2:f9:30:9c:ec:c4:f0:b3:
a7:31:a9:7f:a2:13:12:36:55:9b:03:59:e9:3a:07:c3:5c:60:
9a:3c:9f:df:3c:24:7b:73:f3:7c:ef:8d:22:d5:c1:6a:61:66:
21:0f:d9:80:39:f2:e8:7b:7e:f3:dd:43:1a:c6:18:16:51:b8:
26:85:43:9b:66:b3:4b:d8:10:09:82:30:e6:7d:c2:44:35:01:
0b:b2:8c:1a:66:9b:b5:dc:c2:23:e0:db:47:79:57:bc:ea:f9:
b9:5d:d7:55:3f:c6:0a:72:a7:b4:3d:82:fd:a5:c1:04:34:c8:
12:fa:00:85:ac:e1:04:ad:f9:1b:b6:1d:78:f7:3c:ce:6b:6e:
53:20:06:3d:be:f8:d1:c0:d0:a4:7a:f1:90:89:e6:3a:f6:bb:
b4:13:e4:5c:fa:53:10:6d:48:3b:3a:d1:6c:37:e9:92:0f:bd:
e5:cf:8b:ae:45:e5:8d:46:df:69:55:1c:49:db:f1:f4:54:30:
ce:66:4e:28:1d:f6:f0:80:32:f1:18:87:77:e7:05:85:b8:69:
b5:d9:1a:a0:c8:fc:2d:21:23:a2:dc:77:4f:b5:fe:61:f8:e3:
36:72:2f:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYJJPEbmzTEuP6axZ1SfgRiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzI5MDkxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZjNGFhNjJjZDQ2Yzk4YjhkMTUwN2MzMzcwNTlhZmYzZmEwNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhs/VVwsVFmJVJ/aGgqITpzQQV1a
f3PGXehw7SU4oUNcaxA5pUZQbz/KRVEKTj49OLEHp8gNbE1JbSXu+/i3SfCIRhor
QZFhP2qpAaZKeGMHhqq/0qWgfREhZYQLGBxWc3rtbdrvNZkWeDo9HYHtoN39umZl
g816Hpi+Mexkk1epzfxFxft2CnP7x7p3aHO/UiIPZbuP+D0yJdPGctn+ugcHp7YG
AVYCytBXp4AxAYjTjASmb9OWC3OX+fj1Lh0iqb8YxPYShMw3DLE168q9mSgmYwqG
I2zEveEHp1JQLE+Gh1twSlikoAGfv4xwaVz7ZOLLYBQbOhCEbp1h1jEF8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJsSqYs1GyYuNFQfDNwWa/z+gdZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb214S3BpelViSmk0MFZCOE0zQlpyX1A2QjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAf3D4SzXqnOPbJvMmZU
PMH3YZ6e6SopDnTMw3ni+TCc7MTws6cxqX+iExI2VZsDWek6B8NcYJo8n988JHtz
83zvjSLVwWphZiEP2YA58uh7fvPdQxrGGBZRuCaFQ5tms0vYEAmCMOZ9wkQ1AQuy
jBpmm7XcwiPg20d5V7zq+bld11U/xgpyp7Q9gv2lwQQ0yBL6AIWs4QSt+Ru2HXj3
PM5rblMgBj2++NHA0KR68ZCJ5jr2u7QT5Fz6UxBtSDs60Ww36ZIPveXPi65F5Y1G
32lVHEnb8fRUMM5mTigd9vCAMvEYh3fnBYW4abXZGqDI/C0hI6Lcd0+1/mH44zZy
L0g=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:15 2025 by rpki-client