Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ozLbt0dUk3gIYWEnwcHZJJ7BwqA.roa
File: ozLbt0dUk3gIYWEnwcHZJJ7BwqA.roa (raw, json)
Hash identifier: ZCZgXbcmEm4/I2F54gnaJ47EMEdFmdFWMjgx45wMms4=
Subject key identifier: A3:32:DB:B7:47:54:93:78:08:61:61:27:C1:C1:D9:24:9E:C1:C2:A0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3190FB78B7942ECFED1F501B0E288652
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ozLbt0dUk3gIYWEnwcHZJJ7BwqA.roa
Signing time: Sat 26 Aug 2023 11:18:19 +0000
ROA not before: Sat 26 Aug 2023 11:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:90:fb:78:b7:94:2e:cf:ed:1f:50:1b:0e:28:86:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 11:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a332dbb74754937808616127c1c1d9249ec1c2a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:eb:cb:64:fe:fc:46:de:d8:98:04:25:9a:12:
4c:d1:eb:81:15:9a:c8:52:42:40:a2:ec:d5:2d:cc:
5d:ff:17:f7:01:df:03:9e:1f:cd:be:e1:a0:d1:c6:
f4:38:26:8e:9d:39:22:7d:9b:29:8b:65:a9:70:b0:
70:57:22:ce:ab:43:72:5c:3d:84:26:7b:b8:06:9e:
9d:19:94:1f:41:02:d0:37:ba:da:2c:ce:06:2d:13:
c4:0e:a7:cb:df:e7:55:e5:e3:fc:e2:a8:c6:29:14:
90:d9:d0:6b:d5:3e:e0:13:c7:59:6a:81:e9:5e:db:
c6:63:1e:a7:d9:8b:4a:bd:85:8b:2c:b6:d9:06:80:
d9:d9:63:c2:d6:b9:47:1c:33:7e:d6:ae:f0:77:30:
b8:02:81:16:07:8d:4b:08:30:89:c0:19:21:f6:68:
c8:eb:83:92:05:3a:f2:1f:aa:62:f8:57:f2:54:a6:
2b:d8:5e:30:f6:b8:d8:db:ff:75:81:b4:ee:89:99:
61:85:6c:b5:ed:7d:b0:3b:8a:71:84:4b:fd:41:a0:
ae:1a:5b:72:28:35:39:5f:dc:98:31:64:20:9e:b7:
57:37:71:8b:ba:4c:04:ed:b2:5e:ac:dc:18:bb:5f:
4e:eb:4a:5b:f7:f0:0a:53:9e:8f:0f:2b:dc:77:27:
52:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:32:DB:B7:47:54:93:78:08:61:61:27:C1:C1:D9:24:9E:C1:C2:A0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ozLbt0dUk3gIYWEnwcHZJJ7BwqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:07:28:a3:4e:cd:c8:d9:6a:38:af:a6:a0:61:62:0e:bf:e7:
0e:f6:7e:94:7b:16:f4:9f:81:3e:09:39:5f:4c:46:b8:a0:45:
96:0d:95:39:65:bb:35:9c:30:bb:1b:18:bd:06:81:92:27:d6:
17:e4:d3:71:4d:74:58:f4:a7:ea:98:22:e4:45:bd:b9:ea:ee:
e8:f0:4a:28:6a:5f:7d:73:c0:84:b0:f8:a6:d9:59:d3:5e:54:
fd:51:19:37:89:b9:15:4a:38:de:d9:33:5d:03:b3:d3:1e:da:
8f:7e:aa:00:1c:f6:8c:f4:23:63:e3:08:a4:cb:44:ce:06:b7:
0d:d3:56:c7:c5:b6:cc:51:c8:e6:c2:92:3a:5b:6c:53:7d:f2:
c0:85:d3:79:0c:81:53:06:0e:7b:94:1d:11:e1:b0:76:ba:fd:
b5:39:87:66:43:a0:46:90:bc:31:80:ef:7c:7f:58:c6:3a:d2:
92:f4:9e:3a:48:bb:b6:93:e0:d0:18:3d:77:f2:46:e1:d4:1c:
54:73:3c:34:06:ec:e0:ed:cd:00:48:02:91:01:3e:c4:19:aa:
06:9e:19:f0:b6:b0:a4:99:37:8a:ca:2d:fd:9b:22:45:a0:f0:
86:35:9e:df:eb:1c:c7:69:53:46:e8:fb:88:c4:28:93:e0:d0:
31:5a:47:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoxkPt4t5Quz+0fUBsOKIZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI2MTExODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzMyZGJiNzQ3NTQ5Mzc4MDg2MTYxMjdjMWMxZDkyNDllYzFjMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuvLZP78Rt7YmAQlmhJM0euBFZrI
UkJAouzVLcxd/xf3Ad8Dnh/NvuGg0cb0OCaOnTkifZspi2WpcLBwVyLOq0NyXD2E
Jnu4Bp6dGZQfQQLQN7raLM4GLRPEDqfL3+dV5eP84qjGKRSQ2dBr1T7gE8dZaoHp
XtvGYx6n2YtKvYWLLLbZBoDZ2WPC1rlHHDN+1q7wdzC4AoEWB41LCDCJwBkh9mjI
64OSBTryH6pi+FfyVKYr2F4w9rjY2/91gbTuiZlhhWy17X2wO4pxhEv9QaCuGlty
KDU5X9yYMWQgnrdXN3GLukwE7bJerNwYu19O60pb9/AKU56PDyvcdydSBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKMy27dHVJN4CGFhJ8HB2SSewcKgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb3pMYnQwZFVrM2dJWVdFbndjSFpKSjdCd3FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEwHKKNOzcjZajivpqBh
Yg6/5w72fpR7FvSfgT4JOV9MRrigRZYNlTlluzWcMLsbGL0GgZIn1hfk03FNdFj0
p+qYIuRFvbnq7ujwSihqX31zwISw+KbZWdNeVP1RGTeJuRVKON7ZM10Ds9Me2o9+
qgAc9oz0I2PjCKTLRM4Gtw3TVsfFtsxRyObCkjpbbFN98sCF03kMgVMGDnuUHRHh
sHa6/bU5h2ZDoEaQvDGA73x/WMY60pL0njpIu7aT4NAYPXfyRuHUHFRzPDQG7ODt
zQBIApEBPsQZqgaeGfC2sKSZN4rKLf2bIkWg8IY1nt/rHMdpU0bo+4jEKJPg0DFa
R/o=
-----END CERTIFICATE-----
Generated at Thu May 1 14:07:55 2025 by rpki-client