Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5a7rKxL4lG5TgHEUTVuaj1E4RX8.roa
File: 5a7rKxL4lG5TgHEUTVuaj1E4RX8.roa (raw, json)
Hash identifier: HUVDt1qcbXmrYJ1I3cK0NON/A2aMtvwW4Gtaxh+cLXI=
Subject key identifier: E5:AE:EB:2B:12:F8:94:6E:53:80:71:14:4D:5B:9A:8F:51:38:45:7F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186DBF72D33EBB7E8E6762F54BE3E56235E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5a7rKxL4lG5TgHEUTVuaj1E4RX8.roa
Signing time: Mon 13 Mar 2023 17:14:14 +0000
ROA not before: Mon 13 Mar 2023 17:14:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:f7:2d:33:eb:b7:e8:e6:76:2f:54:be:3e:56:23:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 13 17:14:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5aeeb2b12f8946e538071144d5b9a8f5138457f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:0e:56:03:42:48:17:0d:6f:28:e1:8f:c1:
c6:d2:d4:70:18:31:97:d0:5c:17:96:18:8a:3c:7a:
28:01:34:35:68:cb:ed:eb:81:d2:e7:0d:64:21:b8:
d8:d2:3d:b9:05:c5:8a:4c:f2:a5:6d:9f:34:cc:b7:
44:b3:42:4f:d1:56:b6:f0:26:c1:06:1a:1c:4a:d3:
c8:40:2f:48:58:e1:93:aa:0c:be:3f:85:71:93:a4:
43:f3:62:a3:9e:90:35:7a:6d:58:88:c9:70:86:34:
1f:6d:d0:8a:d7:36:1b:ed:48:ab:17:68:0a:ef:53:
c0:3e:6a:49:9a:da:07:1c:6a:eb:e2:c7:3f:98:d3:
62:3e:b0:68:9b:e4:22:a4:3a:4a:15:a7:78:ff:17:
0d:4e:94:bb:58:49:48:6c:d4:7d:09:6e:cd:52:d4:
09:68:00:5b:a2:3a:90:d3:82:ea:9d:90:56:33:6b:
9f:12:3d:b5:00:3a:95:f1:36:ba:fc:9c:d7:bf:6e:
c0:43:8b:07:ff:2f:1e:4e:e4:9f:6c:a8:19:7d:35:
60:5a:f1:cc:3d:46:61:fe:6c:f8:b1:a6:a4:29:7f:
a3:0a:e6:ea:7d:40:26:be:78:8a:36:ec:fa:21:a9:
25:68:45:0f:9b:ec:12:48:cf:c4:ce:3a:fe:7d:1f:
c0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AE:EB:2B:12:F8:94:6E:53:80:71:14:4D:5B:9A:8F:51:38:45:7F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5a7rKxL4lG5TgHEUTVuaj1E4RX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:45:c8:4b:c9:e9:4f:c4:e7:7a:61:c8:45:86:40:8b:60:03:
32:c6:18:37:61:a5:90:d9:a1:11:14:aa:bb:90:80:d8:16:4c:
fa:30:b7:99:03:dd:4b:20:e1:86:03:57:f7:fc:b3:20:bc:94:
66:05:6c:80:e7:a8:07:0b:f7:ed:25:31:53:c6:37:a9:4c:5f:
dd:e4:12:1c:8b:11:30:00:e8:0b:c1:30:62:3d:41:bc:d2:bd:
b0:80:5e:fb:7c:68:07:51:4f:db:8f:c2:4e:d4:cc:fb:5e:0a:
42:7d:2d:1e:d9:3b:c0:ab:ca:a1:b2:29:02:96:c9:62:7a:03:
a1:ad:83:2a:b8:ed:44:e5:83:19:44:ab:cc:af:3c:6c:6a:bc:
ae:41:e7:14:79:e9:5a:8b:62:24:33:5f:53:df:79:29:cc:6c:
3a:36:64:d8:7b:1a:0f:4a:75:2c:a8:99:4a:0e:82:d7:f7:01:
b2:6b:f0:10:2a:e2:fc:1a:fe:50:b5:ef:14:87:74:2e:86:c6:
90:f7:9d:f6:c8:cb:3e:d9:74:ed:e4:30:5b:52:90:cb:6b:a6:
7a:0f:40:e0:69:66:ee:7e:eb:d5:0f:1f:ed:78:cf:c8:b5:ee:
c7:cb:3d:d0:24:01:a2:ea:1b:05:58:84:5a:ac:40:ac:dd:f9:
2d:5d:2b:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbb9y0z67fo5nYvVL4+ViNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzEzMTcxNDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFlZWIyYjEyZjg5NDZlNTM4MDcxMTQ0ZDViOWE4ZjUxMzg0NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobYOVgNCSBcNbyjhj8HG0tRwGDGX
0FwXlhiKPHooATQ1aMvt64HS5w1kIbjY0j25BcWKTPKlbZ80zLdEs0JP0Va28CbB
BhocStPIQC9IWOGTqgy+P4Vxk6RD82KjnpA1em1YiMlwhjQfbdCK1zYb7UirF2gK
71PAPmpJmtoHHGrr4sc/mNNiPrBom+QipDpKFad4/xcNTpS7WElIbNR9CW7NUtQJ
aABbojqQ04LqnZBWM2ufEj21ADqV8Ta6/JzXv27AQ4sH/y8eTuSfbKgZfTVgWvHM
PUZh/mz4saakKX+jCubqfUAmvniKNuz6IaklaEUPm+wSSM/Ezjr+fR/A7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOWu6ysS+JRuU4BxFE1bmo9ROEV/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNWE3ckt4TDRsRzVUZ0hFVVRWdWFqMUU0Ulg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJlFyEvJ6U/E53phyEWG
QItgAzLGGDdhpZDZoREUqruQgNgWTPowt5kD3Usg4YYDV/f8syC8lGYFbIDnqAcL
9+0lMVPGN6lMX93kEhyLETAA6AvBMGI9QbzSvbCAXvt8aAdRT9uPwk7UzPteCkJ9
LR7ZO8CryqGyKQKWyWJ6A6Gtgyq47UTlgxlEq8yvPGxqvK5B5xR56VqLYiQzX1Pf
eSnMbDo2ZNh7Gg9KdSyomUoOgtf3AbJr8BAq4vwa/lC17xSHdC6GxpD3nfbIyz7Z
dO3kMFtSkMtrpnoPQOBpZu5+69UPH+14z8i17sfLPdAkAaLqGwVYhFqsQKzd+S1d
KwI=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:31:10 2025 by rpki-client