Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rO2-_OIDMrc5aSTkK_Ee1vECEAo.roa
File: rO2-_OIDMrc5aSTkK_Ee1vECEAo.roa (raw, json)
Hash identifier: rzMw396+SauD1EYodvKgQsMkUlVsc1DSM5yLztpyDMI=
Subject key identifier: AC:ED:BE:FC:E2:03:32:B7:39:69:24:E4:2B:F1:1E:D6:F1:02:10:0A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018689F70F59D2E00403F772BBA799BA41A4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rO2-_OIDMrc5aSTkK_Ee1vECEAo.roa
Signing time: Sat 25 Feb 2023 19:05:15 +0000
ROA not before: Sat 25 Feb 2023 19:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:89f6:207f/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:f7:0f:59:d2:e0:04:03:f7:72:bb:a7:99:ba:41:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 19:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acedbefce20332b7396924e42bf11ed6f102100a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:50:4c:b7:7e:d1:0e:8c:0e:d4:38:20:85:f4:
78:ff:7e:39:13:16:92:8a:8c:e2:2f:a7:11:64:e8:
af:74:cb:14:3a:7d:36:76:91:c2:a2:a8:9a:0a:c8:
c5:0e:5d:bd:9f:a1:1d:b4:2a:bf:43:81:b0:b0:64:
ea:75:ff:08:d2:e3:cf:62:a6:37:34:74:36:0e:1f:
3e:2d:58:72:d8:5a:2c:de:85:25:47:f8:cb:a0:c4:
76:82:bc:94:58:86:7b:24:6c:97:bd:ea:b1:46:b6:
53:31:d0:b6:56:14:1d:02:d6:81:c2:c3:91:73:3b:
45:40:80:bf:b9:14:e8:99:09:18:92:7f:3f:ee:76:
77:c2:53:eb:3c:d4:ac:0d:ed:7b:73:79:b7:ef:09:
30:9a:ab:89:40:2c:f5:4a:71:ab:29:0f:f0:05:98:
a7:2d:b1:a3:a7:3c:4f:35:3f:ba:21:04:9b:3c:35:
b9:68:7b:ff:6f:c1:11:60:55:8b:b8:85:5d:6d:11:
0c:5e:0b:1b:b5:59:06:a4:a4:9d:e6:4c:f2:ac:0a:
07:06:49:77:af:3b:00:d0:b7:cb:8e:c0:0c:9e:18:
43:b8:94:73:11:27:aa:b9:b4:91:68:a8:c0:6d:f2:
0d:01:b0:0a:be:7d:8a:bc:57:3e:77:3b:91:9f:0d:
8e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:ED:BE:FC:E2:03:32:B7:39:69:24:E4:2B:F1:1E:D6:F1:02:10:0A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rO2-_OIDMrc5aSTkK_Ee1vECEAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:92:15:db:01:77:c0:c3:be:6c:9e:d8:8e:ca:f7:9d:c3:3c:
90:b9:14:96:38:72:8c:d5:b3:da:8e:60:12:e5:b8:67:1a:6c:
3c:00:b9:5c:52:d2:46:04:ff:61:8f:44:96:cb:2f:f5:00:17:
1f:c2:20:64:55:87:e6:8b:8f:bc:71:97:fe:6c:ce:15:a0:5b:
e8:f0:47:42:5e:dc:c1:20:99:03:c8:43:9c:0f:81:eb:5f:ba:
40:55:05:c5:68:78:56:dd:5b:63:93:32:64:59:d6:0d:e1:01:
3f:6e:98:59:2a:41:db:b9:d1:82:64:32:94:81:83:03:d8:64:
54:6e:66:5b:76:38:1d:5e:89:88:ec:a9:66:76:a4:3d:20:11:
3b:07:06:c2:ef:c9:3c:6e:2e:77:85:c7:81:a8:99:0a:18:81:
4c:03:c0:4a:12:bf:03:93:fe:dc:33:3e:55:2a:0d:66:4e:72:
90:84:14:7a:6d:7b:21:9c:33:af:f8:b5:0b:3a:a8:2f:94:09:
f0:74:31:f0:b9:e1:9d:a2:cc:7f:9e:88:6f:dd:24:67:f3:ff:
94:be:59:8b:1e:1f:54:96:a2:97:61:7c:e0:d2:7b:a2:62:41:
60:96:67:50:56:60:d4:8a:d5:11:79:81:cd:b0:ee:53:6a:25:
d7:c2:ef:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaJ9w9Z0uAEA/dyu6eZukGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTkwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2VkYmVmY2UyMDMzMmI3Mzk2OTI0ZTQyYmYxMWVkNmYxMDIxMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1BMt37RDowO1DgghfR4/345ExaS
ioziL6cRZOivdMsUOn02dpHCoqiaCsjFDl29n6EdtCq/Q4GwsGTqdf8I0uPPYqY3
NHQ2Dh8+LVhy2Fos3oUlR/jLoMR2gryUWIZ7JGyXveqxRrZTMdC2VhQdAtaBwsOR
cztFQIC/uRTomQkYkn8/7nZ3wlPrPNSsDe17c3m37wkwmquJQCz1SnGrKQ/wBZin
LbGjpzxPNT+6IQSbPDW5aHv/b8ERYFWLuIVdbREMXgsbtVkGpKSd5kzyrAoHBkl3
rzsA0LfLjsAMnhhDuJRzESequbSRaKjAbfINAbAKvn2KvFc+dzuRnw2OUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKztvvziAzK3OWkk5CvxHtbxAhAKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvck8yLV9PSURNcmM1YVNUa0tfRWUxdkVDRUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAESSFdsBd8DDvmye2I7K
953DPJC5FJY4cozVs9qOYBLluGcabDwAuVxS0kYE/2GPRJbLL/UAFx/CIGRVh+aL
j7xxl/5szhWgW+jwR0Je3MEgmQPIQ5wPgetfukBVBcVoeFbdW2OTMmRZ1g3hAT9u
mFkqQdu50YJkMpSBgwPYZFRuZlt2OB1eiYjsqWZ2pD0gETsHBsLvyTxuLneFx4Go
mQoYgUwDwEoSvwOT/twzPlUqDWZOcpCEFHpteyGcM6/4tQs6qC+UCfB0MfC54Z2i
zH+eiG/dJGfz/5S+WYseH1SWopdhfODSe6JiQWCWZ1BWYNSK1RF5gc2w7lNqJdfC
70o=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:51:58 2025 by rpki-client