Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/trNPePPep3kMjboczSmXeGbJcRk.roa
File: trNPePPep3kMjboczSmXeGbJcRk.roa (raw, json)
Hash identifier: h0mhh0bPwnhMw2DstaGn5WS3cfc8CE7yV967hBC95Dk=
Subject key identifier: B6:B3:4F:78:F3:DE:A7:79:0C:8D:BA:1C:CD:29:97:78:66:C9:71:19
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A32A3A5A4D8BD2499007445110149446B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/trNPePPep3kMjboczSmXeGbJcRk.roa
Signing time: Sat 26 Aug 2023 16:18:20 +0000
ROA not before: Sat 26 Aug 2023 16:18:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:32:a3:a5:a4:d8:bd:24:99:00:74:45:11:01:49:44:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 16:18:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6b34f78f3dea7790c8dba1ccd29977866c97119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:c8:8e:f8:a4:24:c4:70:59:59:4d:21:8e:
ba:d0:de:11:f8:ef:23:62:5c:33:15:21:ba:d3:76:
b0:94:82:73:9a:5e:0d:52:0f:af:b1:22:eb:a2:d5:
e1:c6:fa:c4:d4:b9:6c:ca:7d:d6:e5:0b:f4:ae:3e:
f0:89:83:b4:30:0a:db:d0:c4:c3:8f:a8:de:cf:73:
48:0e:72:0b:d2:87:15:66:b2:e7:a1:fe:d9:5b:f0:
6f:3c:ba:33:9e:f3:6c:0a:7c:1e:17:7b:34:70:1f:
bf:67:d3:f7:17:98:fd:40:b8:71:98:70:b5:d2:e2:
fe:8c:4e:49:55:fb:ac:dd:48:32:0e:e0:ff:cd:3f:
f4:c7:d1:e2:cf:26:c2:2a:23:e0:e1:98:c6:d9:ef:
3e:d5:b9:43:8a:aa:8f:46:dc:eb:b0:03:e7:45:8d:
6d:1f:46:60:27:ca:a1:4d:36:2b:22:7b:93:fd:33:
89:4a:96:91:47:46:75:1e:97:41:10:03:60:6e:42:
50:da:9b:4b:b4:7b:33:f8:c6:5e:63:48:08:8a:5e:
27:d3:ed:36:25:7c:43:54:a7:18:76:b8:45:a3:be:
52:fb:97:a2:7a:3b:b2:f5:a2:04:3d:77:53:ed:3d:
f0:16:0c:53:f6:e0:83:8c:79:fe:74:8e:2e:1c:0f:
8c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B3:4F:78:F3:DE:A7:79:0C:8D:BA:1C:CD:29:97:78:66:C9:71:19
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/trNPePPep3kMjboczSmXeGbJcRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:74:98:5a:8e:4a:b4:f4:69:ff:1b:79:8a:af:1c:c9:e3:48:
75:14:d6:74:0f:dd:8c:9d:48:46:15:54:bd:e7:59:4a:06:43:
3a:6e:54:8b:58:fd:b0:f2:8f:46:50:70:f3:55:7a:9a:45:d5:
a7:51:28:59:f2:93:6f:cc:b1:d3:15:44:19:d4:36:7f:33:76:
c9:17:96:fc:c0:f3:58:71:07:c0:63:dd:3b:b1:44:f1:a0:f8:
2e:51:e9:3a:22:df:32:ee:1f:76:60:32:49:c6:2b:e2:80:63:
21:6c:54:4d:5d:d0:e1:d1:f2:dd:03:b7:67:16:2c:58:e0:c3:
af:37:1c:6d:2f:b8:88:b9:28:d8:56:78:dd:c9:b5:28:30:9c:
0e:3d:0c:18:33:fc:76:b3:65:52:c4:39:af:d2:7f:3c:95:78:
5a:18:63:0f:8e:c9:99:5d:a1:d9:66:15:71:4a:51:c8:33:a4:
bd:7b:98:a3:a0:97:48:07:89:26:6c:f2:12:e3:ee:e8:8d:fd:
07:c6:5c:db:aa:98:93:98:1f:a4:94:e7:e6:27:9c:8f:5f:4d:
3c:2b:38:96:48:cf:37:62:bc:81:22:e1:16:41:73:67:c6:44:
19:65:60:33:d1:60:44:b8:97:1b:66:2c:ac:fc:69:53:b9:5e:
1a:b4:aa:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoyo6Wk2L0kmQB0RREBSURrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI2MTYxODIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmIzNGY3OGYzZGVhNzc5MGM4ZGJhMWNjZDI5OTc3ODY2Yzk3MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2XIjvikJMRwWVlNIY660N4R+O8j
YlwzFSG603awlIJzml4NUg+vsSLrotXhxvrE1Llsyn3W5Qv0rj7wiYO0MArb0MTD
j6jez3NIDnIL0ocVZrLnof7ZW/BvPLoznvNsCnweF3s0cB+/Z9P3F5j9QLhxmHC1
0uL+jE5JVfus3UgyDuD/zT/0x9HizybCKiPg4ZjG2e8+1blDiqqPRtzrsAPnRY1t
H0ZgJ8qhTTYrInuT/TOJSpaRR0Z1HpdBEANgbkJQ2ptLtHsz+MZeY0gIil4n0+02
JXxDVKcYdrhFo75S+5eiejuy9aIEPXdT7T3wFgxT9uCDjHn+dI4uHA+MjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLazT3jz3qd5DI26HM0pl3hmyXEZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdHJOUGVQUGVwM2tNamJvY3pTbVhlR2JKY1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADF0mFqOSrT0af8beYqv
HMnjSHUU1nQP3YydSEYVVL3nWUoGQzpuVItY/bDyj0ZQcPNVeppF1adRKFnyk2/M
sdMVRBnUNn8zdskXlvzA81hxB8Bj3TuxRPGg+C5R6Toi3zLuH3ZgMknGK+KAYyFs
VE1d0OHR8t0Dt2cWLFjgw683HG0vuIi5KNhWeN3JtSgwnA49DBgz/HazZVLEOa/S
fzyVeFoYYw+OyZldodlmFXFKUcgzpL17mKOgl0gHiSZs8hLj7uiN/QfGXNuqmJOY
H6SU5+YnnI9fTTwrOJZIzzdivIEi4RZBc2fGRBllYDPRYES4lxtmLKz8aVO5Xhq0
qh8=
-----END CERTIFICATE-----
Generated at Thu May 1 07:56:11 2025 by rpki-client