Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/27O5dC3A2RM4yfHqd9Ggg4v3UFA.roa
File: 27O5dC3A2RM4yfHqd9Ggg4v3UFA.roa (raw, json)
Hash identifier: DkukH1lzwNqN4JvzphY/bAcTnGo3OkXimQxG5tQsEGU=
Subject key identifier: DB:B3:B9:74:2D:C0:D9:13:38:C9:F1:EA:77:D1:A0:83:8B:F7:50:50
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867679781DF2F47B37D6F731B2BD8649D8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/27O5dC3A2RM4yfHqd9Ggg4v3UFA.roa
Signing time: Wed 22 Feb 2023 00:15:17 +0000
ROA not before: Wed 22 Feb 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:76:79:78:1d:f2:f4:7b:37:d6:f7:31:b2:bd:86:49:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbb3b9742dc0d91338c9f1ea77d1a0838bf75050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b3:3d:2f:2c:b6:b1:1e:90:29:a2:8e:7e:dc:
b1:70:77:95:52:8f:e6:5f:b1:89:5c:fb:0b:57:62:
a0:f5:00:f8:91:ee:a9:5b:ef:bc:df:fe:8a:d9:ca:
01:71:88:e1:16:71:ca:24:44:7f:60:19:24:70:1c:
e5:7b:61:fb:28:04:7c:26:77:52:97:71:65:f3:14:
e7:9a:4a:56:85:cc:3c:e8:3c:80:b7:03:c9:48:47:
11:d9:1d:77:8f:00:72:ec:cb:8b:d1:73:5f:c4:18:
69:4a:f9:c0:3b:a5:5f:04:00:4f:c7:04:a5:ca:f5:
61:f8:dd:9d:91:b6:42:a6:61:29:a9:c3:ab:1d:88:
4a:c2:a4:88:ac:72:06:11:64:42:49:2e:be:6f:ee:
53:74:ec:45:da:30:38:39:40:13:e8:61:8f:71:da:
90:df:5c:63:72:72:24:0b:b3:ce:88:71:f1:cb:2e:
44:02:5d:bb:0d:1c:69:b7:ad:19:d3:26:6b:6c:f4:
d8:67:27:95:4a:be:fb:69:dd:41:00:b1:4f:b7:e6:
3c:00:dd:8d:ff:38:68:e4:61:89:7d:8b:93:04:c2:
1e:a5:4c:79:ce:ad:33:71:e0:64:f1:8f:d5:44:64:
fb:99:21:e8:86:47:c2:1b:e5:0f:7a:8b:2f:a1:15:
e7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B3:B9:74:2D:C0:D9:13:38:C9:F1:EA:77:D1:A0:83:8B:F7:50:50
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/27O5dC3A2RM4yfHqd9Ggg4v3UFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:f7:3e:48:e0:76:86:c0:50:70:84:52:6a:48:ce:fe:49:77:
d1:a3:d3:eb:da:eb:46:f1:ab:cf:91:14:66:6c:11:97:f2:61:
0b:79:0d:00:ca:35:7e:2e:30:18:56:e8:23:e8:5e:c6:39:19:
d1:82:b6:29:1a:9b:0d:ae:ae:91:9f:c4:01:e0:44:a9:45:34:
6c:64:f0:8b:e0:68:24:88:bb:c4:be:ec:33:11:e8:92:92:43:
35:a7:27:c4:fc:52:c2:7c:38:b2:19:f0:1b:34:12:9d:db:f0:
2d:98:8d:16:cb:42:d1:4c:7f:cc:f7:96:18:0e:4f:b4:f7:f8:
ea:a0:f4:f7:f9:ec:e9:c1:60:8c:09:d4:b4:76:ff:2a:b5:77:
6a:bf:de:d4:fc:52:65:67:61:10:af:f9:02:9f:31:ea:fa:d0:
fa:e7:65:b5:d3:8a:ec:01:41:78:ac:e8:05:58:6b:60:4e:cd:
a8:7d:5c:d0:b0:10:21:41:98:6e:5a:72:ba:23:ed:47:09:c5:
58:9b:e1:ab:b4:af:cf:cc:3c:db:8a:de:a0:d6:24:72:50:10:
44:ec:7e:f2:f7:91:34:ab:f7:f3:b0:7d:7b:ce:73:9d:7a:e9:
a5:b3:d1:2c:54:16:25:01:c1:c9:8c:f1:03:97:03:6e:68:2c:
f3:e7:1f:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ2eXgd8vR7N9b3MbK9hknYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmIzYjk3NDJkYzBkOTEzMzhjOWYxZWE3N2QxYTA4MzhiZjc1MDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLM9Lyy2sR6QKaKOftyxcHeVUo/m
X7GJXPsLV2Kg9QD4ke6pW++83/6K2coBcYjhFnHKJER/YBkkcBzle2H7KAR8JndS
l3Fl8xTnmkpWhcw86DyAtwPJSEcR2R13jwBy7MuL0XNfxBhpSvnAO6VfBABPxwSl
yvVh+N2dkbZCpmEpqcOrHYhKwqSIrHIGEWRCSS6+b+5TdOxF2jA4OUAT6GGPcdqQ
31xjcnIkC7POiHHxyy5EAl27DRxpt60Z0yZrbPTYZyeVSr77ad1BALFPt+Y8AN2N
/zho5GGJfYuTBMIepUx5zq0zceBk8Y/VRGT7mSHohkfCG+UPeosvoRXnGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNuzuXQtwNkTOMnx6nfRoIOL91BQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMjdPNWRDM0EyUk00eWZIcWQ5R2dnNHYzVUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ/3PkjgdobAUHCEUmpI
zv5Jd9Gj0+va60bxq8+RFGZsEZfyYQt5DQDKNX4uMBhW6CPoXsY5GdGCtikamw2u
rpGfxAHgRKlFNGxk8IvgaCSIu8S+7DMR6JKSQzWnJ8T8UsJ8OLIZ8Bs0Ep3b8C2Y
jRbLQtFMf8z3lhgOT7T3+Oqg9Pf57OnBYIwJ1LR2/yq1d2q/3tT8UmVnYRCv+QKf
Mer60PrnZbXTiuwBQXis6AVYa2BOzah9XNCwECFBmG5acroj7UcJxVib4au0r8/M
PNuK3qDWJHJQEETsfvL3kTSr9/OwfXvOc5166aWz0SxUFiUBwcmM8QOXA25oLPPn
H+o=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:24:55 2025 by rpki-client