Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pRip8NU4rM-36sMLLckalDka7Yo.roa
File: pRip8NU4rM-36sMLLckalDka7Yo.roa (raw, json)
Hash identifier: 8JUllgeRV1aR2re4T98vhzQuLILvS2J9oOvQ9hGT4fY=
Subject key identifier: A5:18:A9:F0:D5:38:AC:CF:B7:EA:C3:0B:2D:C9:1A:94:39:1A:ED:8A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018578D5E593014373D146C9541700D7D98B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pRip8NU4rM-36sMLLckalDka7Yo.roa
Signing time: Tue 03 Jan 2023 18:12:41 +0000
ROA not before: Tue 03 Jan 2023 18:12:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:d5:e5:93:01:43:73:d1:46:c9:54:17:00:d7:d9:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 3 18:12:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a518a9f0d538accfb7eac30b2dc91a94391aed8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:20:4e:e6:b2:16:ec:0b:de:ca:55:32:66:66:
a4:62:cb:25:b6:96:d2:a4:68:7a:da:13:02:c9:26:
06:79:bd:07:08:e4:60:70:54:c2:9c:59:25:eb:7d:
ed:70:63:2f:4f:0e:25:5b:d5:7c:e0:68:da:e6:90:
0a:2c:97:2d:49:4c:c6:16:65:6e:08:20:8f:4d:42:
00:0c:d3:11:54:b7:b7:7d:99:ca:16:f4:ca:ed:b8:
bc:30:cb:a8:a0:92:59:cd:5c:ad:f5:47:25:ec:4b:
bf:cc:61:01:12:ce:9f:89:bc:0d:b0:8e:01:bc:cf:
63:3f:d2:09:3a:72:01:c0:af:fe:98:f9:f5:eb:46:
10:2d:e4:93:ac:43:d2:d2:34:9a:34:dc:8f:43:c5:
c2:0f:f1:77:85:e1:3d:95:9e:40:4f:40:b5:82:c1:
13:59:41:bf:df:77:31:3c:41:0a:87:93:9a:6f:03:
05:9e:03:91:90:99:23:dc:59:91:21:31:7e:c0:0c:
c6:ae:72:2f:b5:a8:5c:f5:3e:e5:e2:5c:6c:4c:5a:
df:28:31:56:d6:ba:83:55:77:18:90:fb:65:b1:b3:
c7:fb:e7:46:24:04:74:85:24:ed:d4:3a:d3:85:ac:
7c:07:17:ce:35:f8:0a:52:7f:c1:89:ab:c5:96:c3:
7d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:18:A9:F0:D5:38:AC:CF:B7:EA:C3:0B:2D:C9:1A:94:39:1A:ED:8A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pRip8NU4rM-36sMLLckalDka7Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:3d:03:d8:45:ed:d5:48:6e:6c:23:43:95:85:71:99:b2:1c:
e5:f2:d5:d5:40:f7:3a:3c:8a:b6:ad:c5:5d:c1:0e:59:94:1b:
9a:bd:9c:16:d2:ab:9e:ea:96:03:bf:e2:a9:02:a1:42:35:40:
09:54:52:48:7a:d6:d4:43:97:40:3b:c6:93:e3:d0:e3:21:60:
33:f0:3a:95:35:25:2f:0e:b3:95:f3:8c:fd:a0:b5:b5:c0:4c:
83:94:6e:bf:3c:3b:9c:4d:1e:88:fe:cd:5b:20:d2:e1:ca:e1:
51:6a:a3:e5:a9:89:31:b2:58:57:19:9d:49:ae:4a:f9:3b:89:
94:8b:c4:d0:14:c9:2d:c7:38:44:09:8f:88:a4:b4:9a:23:69:
f7:b3:64:a7:94:57:5e:3f:8c:31:69:93:b0:bb:5d:bb:43:42:
97:f4:a8:e8:c4:41:36:1d:ae:b9:f0:9b:16:b4:10:21:eb:b5:
58:7b:86:88:ac:73:6d:28:24:d9:ec:81:fa:ef:13:61:ec:b1:
03:d3:ad:dd:d2:85:8d:c4:b9:f5:18:64:1d:91:e0:53:bb:dd:
ca:ca:29:29:67:69:07:f9:32:f3:b2:77:c2:63:4a:99:54:98:
e6:97:ec:1c:af:29:c0:a4:71:80:89:84:f9:c9:f1:d1:68:98:
ee:16:84:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV41eWTAUNz0UbJVBcA19mLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAzMTgxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTE4YTlmMGQ1MzhhY2NmYjdlYWMzMGIyZGM5MWE5NDM5MWFlZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSBO5rIW7AveylUyZmakYssltpbS
pGh62hMCySYGeb0HCORgcFTCnFkl633tcGMvTw4lW9V84Gja5pAKLJctSUzGFmVu
CCCPTUIADNMRVLe3fZnKFvTK7bi8MMuooJJZzVyt9Ucl7Eu/zGEBEs6fibwNsI4B
vM9jP9IJOnIBwK/+mPn160YQLeSTrEPS0jSaNNyPQ8XCD/F3heE9lZ5AT0C1gsET
WUG/33cxPEEKh5OabwMFngORkJkj3FmRITF+wAzGrnIvtahc9T7l4lxsTFrfKDFW
1rqDVXcYkPtlsbPH++dGJAR0hSTt1DrThax8BxfONfgKUn/BiavFlsN9dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKUYqfDVOKzPt+rDCy3JGpQ5Gu2KMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcFJpcDhOVTRyTS0zNnNNTExja2FsRGthN1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKw9A9hF7dVIbmwjQ5WF
cZmyHOXy1dVA9zo8iratxV3BDlmUG5q9nBbSq57qlgO/4qkCoUI1QAlUUkh61tRD
l0A7xpPj0OMhYDPwOpU1JS8Os5XzjP2gtbXATIOUbr88O5xNHoj+zVsg0uHK4VFq
o+WpiTGyWFcZnUmuSvk7iZSLxNAUyS3HOEQJj4iktJojafezZKeUV14/jDFpk7C7
XbtDQpf0qOjEQTYdrrnwmxa0ECHrtVh7hoisc20oJNnsgfrvE2HssQPTrd3ShY3E
ufUYZB2R4FO73crKKSlnaQf5MvOyd8JjSplUmOaX7ByvKcCkcYCJhPnJ8dFomO4W
hLs=
-----END CERTIFICATE-----
Generated at Thu May 1 06:00:09 2025 by rpki-client