Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5CDLmWOQj-SawWJrqpN8abtF3iw.roa
File: 5CDLmWOQj-SawWJrqpN8abtF3iw.roa (raw, json)
Hash identifier: 8Vvd+r6vph6SgVvCjgp1GjYpaUeNoDFWkOH8YxrP0MQ=
Subject key identifier: E4:20:CB:99:63:90:8F:E4:9A:C1:62:6B:AA:93:7C:69:BB:45:DE:2C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186ACC86AB4E1A854FFAAA55D626F736508
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5CDLmWOQj-SawWJrqpN8abtF3iw.roa
Signing time: Sat 04 Mar 2023 13:21:01 +0000
ROA not before: Sat 04 Mar 2023 13:21:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ac:c8:6a:b4:e1:a8:54:ff:aa:a5:5d:62:6f:73:65:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 4 13:21:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e420cb9963908fe49ac1626baa937c69bb45de2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:33:bb:88:3b:04:b1:c3:b8:ee:d7:dc:90:c4:
5a:f0:2c:a8:08:47:7f:c0:17:11:04:ce:47:e2:ee:
83:da:ca:20:1c:b1:05:02:e7:05:a6:db:4f:a5:b8:
f7:9a:69:c7:6e:d1:4b:f1:bd:cd:b2:1d:69:c6:75:
2e:d8:85:d1:c8:27:9c:5b:8b:61:a2:ca:ee:44:9e:
38:ea:4d:75:07:4c:ea:a5:b2:7c:b8:1a:61:65:dc:
a2:4f:bf:49:6b:fd:c1:d2:79:56:b2:80:40:5c:bb:
79:45:88:cf:78:53:24:4b:d5:87:8f:d6:e5:43:af:
20:fe:8d:c3:91:5b:81:27:c2:c8:66:84:cb:db:fd:
53:1d:0d:63:70:a7:05:7b:1e:68:b6:61:4f:41:ee:
4b:08:16:a6:88:ff:5d:80:39:f0:d8:86:75:66:4c:
30:31:31:51:d6:09:5a:87:99:74:c7:cf:12:5e:7c:
e1:1d:9e:90:23:28:72:2b:97:7f:e0:d0:b7:ed:30:
9f:88:2d:1d:95:ac:1a:05:57:99:75:aa:a4:bd:f1:
f8:78:46:dd:61:06:93:14:a7:ce:e0:dc:df:56:64:
75:56:55:74:d0:26:13:c2:c9:ad:ed:d7:f5:b6:a0:
8f:81:1f:5b:cd:23:96:b3:cc:d7:4c:38:c7:95:aa:
c5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:20:CB:99:63:90:8F:E4:9A:C1:62:6B:AA:93:7C:69:BB:45:DE:2C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5CDLmWOQj-SawWJrqpN8abtF3iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:a1:4c:28:fa:72:66:62:ef:c7:67:51:ec:07:42:ac:96:38:
11:b9:e6:9f:71:b2:4e:c2:55:18:bb:66:29:ae:04:19:04:a1:
0f:12:2a:ac:29:40:07:77:5d:0b:87:01:f7:ca:7e:c9:56:52:
89:9e:ec:55:7f:73:a7:35:63:c0:25:30:3c:87:00:5b:68:cc:
cb:dc:f3:e3:0d:a1:7b:8c:1a:d8:bf:ec:85:4b:0e:00:ef:e4:
ff:4a:a5:e2:f2:0f:b4:30:7f:12:49:a8:07:e6:10:4e:eb:26:
40:25:26:26:01:96:b4:5f:d7:b7:92:55:68:6c:66:f3:0f:2d:
35:ce:d2:38:64:5f:2c:e5:da:2a:92:b1:40:ba:76:be:23:b6:
26:fc:2b:ae:fb:40:89:14:b6:83:1e:8e:26:f1:a3:fc:ed:da:
c5:25:b8:26:39:0e:9c:50:60:92:09:03:ae:d8:9d:5b:a1:6f:
27:e2:45:bf:de:d2:fa:f3:8b:91:7f:67:1f:8d:59:ee:77:16:
2f:fc:73:a9:32:ff:3c:f5:e5:85:63:a3:2f:da:f7:a2:12:a6:
ac:ec:f8:82:09:17:93:e5:8e:d9:42:e8:62:ed:09:7d:12:9a:
26:36:66:fd:e0:af:85:46:ec:87:36:31:a4:7c:ad:09:c1:00:
fb:0a:81:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYasyGq04ahU/6qlXWJvc2UIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA0MTMyMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDIwY2I5OTYzOTA4ZmU0OWFjMTYyNmJhYTkzN2M2OWJiNDVkZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TO7iDsEscO47tfckMRa8CyoCEd/
wBcRBM5H4u6D2sogHLEFAucFpttPpbj3mmnHbtFL8b3Nsh1pxnUu2IXRyCecW4th
osruRJ446k11B0zqpbJ8uBphZdyiT79Ja/3B0nlWsoBAXLt5RYjPeFMkS9WHj9bl
Q68g/o3DkVuBJ8LIZoTL2/1THQ1jcKcFex5otmFPQe5LCBamiP9dgDnw2IZ1Zkww
MTFR1glah5l0x88SXnzhHZ6QIyhyK5d/4NC37TCfiC0dlawaBVeZdaqkvfH4eEbd
YQaTFKfO4NzfVmR1VlV00CYTwsmt7df1tqCPgR9bzSOWs8zXTDjHlarFjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOQgy5ljkI/kmsFia6qTfGm7Rd4sMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNUNETG1XT1FqLVNhd1dKcnFwTjhhYnRGM2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADqhTCj6cmZi78dnUewH
QqyWOBG55p9xsk7CVRi7ZimuBBkEoQ8SKqwpQAd3XQuHAffKfslWUome7FV/c6c1
Y8AlMDyHAFtozMvc8+MNoXuMGti/7IVLDgDv5P9KpeLyD7QwfxJJqAfmEE7rJkAl
JiYBlrRf17eSVWhsZvMPLTXO0jhkXyzl2iqSsUC6dr4jtib8K677QIkUtoMejibx
o/zt2sUluCY5DpxQYJIJA67YnVuhbyfiRb/e0vrzi5F/Zx+NWe53Fi/8c6ky/zz1
5YVjoy/a96ISpqzs+IIJF5PljtlC6GLtCX0SmiY2Zv3gr4VG7Ic2MaR8rQnBAPsK
gUA=
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:45:56 2025 by rpki-client