Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1yRsHxEWQdTiS6C3Ws7DqGT8L0Q.roa
File: 1yRsHxEWQdTiS6C3Ws7DqGT8L0Q.roa (raw, json)
Hash identifier: WESkdeLf+Ovnble5PN7+ArAK9b1FLhwZfzHmQrBoEzs=
Subject key identifier: D7:24:6C:1F:11:16:41:D4:E2:4B:A0:B7:5A:CE:C3:A8:64:FC:2F:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189AB368E6051A6A2F86DD7CC6CDC200E08
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1yRsHxEWQdTiS6C3Ws7DqGT8L0Q.roa
Signing time: Mon 31 Jul 2023 09:10:26 +0000
ROA not before: Mon 31 Jul 2023 09:10:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:36:8e:60:51:a6:a2:f8:6d:d7:cc:6c:dc:20:0e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 09:10:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7246c1f111641d4e24ba0b75acec3a864fc2f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7a:04:20:38:5e:36:32:aa:a0:6c:ea:c9:f5:
a7:9e:b2:c6:a1:2e:65:8c:a1:97:7a:c7:99:ad:35:
96:05:01:0d:34:42:78:52:72:1b:56:96:55:84:42:
82:64:6c:1d:24:94:76:77:58:4f:34:52:63:6d:ee:
35:7f:00:2f:b9:ce:94:14:44:86:19:64:98:e1:29:
c5:df:61:2d:a3:8b:fc:8e:70:e1:cc:3a:6a:45:4a:
78:82:e5:c9:44:43:10:31:a6:38:1f:aa:99:c6:99:
00:65:01:e0:6c:a1:ac:e5:ec:74:b0:2d:fe:0d:d3:
7b:1e:4d:bf:a5:dc:69:b3:6d:ef:9e:59:67:ae:a1:
c7:65:ce:e2:1c:a1:35:ae:2d:da:3d:b5:3e:85:11:
3f:3c:05:78:62:9f:84:89:44:11:63:6f:bf:16:ab:
a1:0b:f7:e0:d8:0e:cc:03:d6:16:3f:2c:50:bb:6f:
f8:24:92:12:02:59:f4:ba:a1:ed:83:92:a5:79:a0:
2d:90:90:5f:1f:21:45:6b:e0:c4:64:b2:9a:72:f8:
b6:66:9b:d3:6e:ed:16:06:d3:db:e3:0e:9e:8e:bd:
b4:7d:ba:80:38:29:cf:96:fb:d6:8a:28:9b:46:ea:
65:ac:03:43:33:b3:f1:e1:f9:54:2b:ec:bf:fd:61:
39:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:24:6C:1F:11:16:41:D4:E2:4B:A0:B7:5A:CE:C3:A8:64:FC:2F:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1yRsHxEWQdTiS6C3Ws7DqGT8L0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:d1:1b:b2:af:d9:b7:a4:9e:83:fe:1c:4a:26:6a:5f:12:86:
7a:0a:a8:69:52:ad:0b:9e:06:54:da:ec:d1:78:3d:44:95:90:
c4:cf:c7:77:49:a8:64:7d:c4:b2:be:80:a6:42:de:67:25:fb:
97:5d:ad:bb:19:d9:20:25:3b:6a:0d:68:d6:88:7b:88:ed:57:
96:40:65:16:cd:a2:f8:78:89:c5:34:50:28:b9:73:55:fa:ee:
94:9f:f9:59:12:5e:c9:c4:b7:ff:2d:ad:73:40:0a:00:1f:0d:
3e:bb:2d:b7:f4:3c:5e:ad:66:fb:be:25:91:ee:04:06:15:ab:
1e:b8:2e:7f:df:96:8b:2e:21:93:b4:4b:68:e2:4c:71:47:22:
01:9a:f3:d3:9a:c2:79:5b:cf:70:ef:de:90:24:eb:e9:cd:e9:
12:df:98:9c:d1:e1:38:f6:0b:2a:47:07:8f:93:90:79:af:32:
a4:e2:69:6a:42:23:cc:6b:14:c8:60:56:a5:47:23:d7:f8:40:
ab:d7:41:70:15:d5:7c:1e:45:cd:60:e6:49:f2:40:2e:16:11:
1c:3b:c1:b0:08:45:0f:53:a7:64:f1:51:f4:df:28:67:aa:0c:
4e:cb:b2:25:d9:be:8c:ba:92:06:4a:05:c7:d9:c0:38:c8:f8:
c4:1c:7e:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmrNo5gUaai+G3XzGzcIA4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMDkxMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzI0NmMxZjExMTY0MWQ0ZTI0YmEwYjc1YWNlYzNhODY0ZmMyZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXoEIDheNjKqoGzqyfWnnrLGoS5l
jKGXeseZrTWWBQENNEJ4UnIbVpZVhEKCZGwdJJR2d1hPNFJjbe41fwAvuc6UFESG
GWSY4SnF32Eto4v8jnDhzDpqRUp4guXJREMQMaY4H6qZxpkAZQHgbKGs5ex0sC3+
DdN7Hk2/pdxps23vnllnrqHHZc7iHKE1ri3aPbU+hRE/PAV4Yp+EiUQRY2+/Fquh
C/fg2A7MA9YWPyxQu2/4JJISAln0uqHtg5KleaAtkJBfHyFFa+DEZLKacvi2ZpvT
bu0WBtPb4w6ejr20fbqAOCnPlvvWiiibRuplrANDM7Px4flUK+y//WE58wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNckbB8RFkHU4kugt1rOw6hk/C9EMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMXlSc0h4RVdRZFRpUzZDM1dzN0RxR1Q4TDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE/RG7Kv2beknoP+HEom
al8ShnoKqGlSrQueBlTa7NF4PUSVkMTPx3dJqGR9xLK+gKZC3mcl+5ddrbsZ2SAl
O2oNaNaIe4jtV5ZAZRbNovh4icU0UCi5c1X67pSf+VkSXsnEt/8trXNACgAfDT67
Lbf0PF6tZvu+JZHuBAYVqx64Ln/flosuIZO0S2jiTHFHIgGa89Oawnlbz3Dv3pAk
6+nN6RLfmJzR4Tj2CypHB4+TkHmvMqTiaWpCI8xrFMhgVqVHI9f4QKvXQXAV1Xwe
Rc1g5knyQC4WERw7wbAIRQ9Tp2TxUfTfKGeqDE7LsiXZvoy6kgZKBcfZwDjI+MQc
fj8=
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:31:24 2025 by rpki-client