Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5bKNxewV75OXh6Z0jAouEAb87_8.roa
File: 5bKNxewV75OXh6Z0jAouEAb87_8.roa (raw, json)
Hash identifier: qupCu8ooiGL/iNFjoRJuWxMgJO64vPVEJeE/umSc9IQ=
Subject key identifier: E5:B2:8D:C5:EC:15:EF:93:97:87:A6:74:8C:0A:2E:10:06:FC:EF:FF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A4514C87C0A7EF38295662F0BC45861E4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5bKNxewV75OXh6Z0jAouEAb87_8.roa
Signing time: Wed 30 Aug 2023 06:15:04 +0000
ROA not before: Wed 30 Aug 2023 06:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:14:c8:7c:0a:7e:f3:82:95:66:2f:0b:c4:58:61:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 30 06:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5b28dc5ec15ef939787a6748c0a2e1006fcefff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:00:84:b1:05:c7:f3:c3:ce:dd:8a:2e:89:f8:
97:79:f2:5e:6f:6c:1f:fa:de:da:ab:85:7d:a8:77:
ae:08:0a:5b:72:7f:01:c1:bd:6f:d4:2b:0e:33:77:
ec:5b:b6:2e:80:eb:d1:d8:85:e3:2b:85:0c:bc:19:
a2:cf:aa:23:e6:c9:30:7c:51:3b:ff:fe:47:6f:41:
60:af:e0:31:8d:a2:bd:db:50:cf:3e:43:c2:8c:bd:
e7:af:fd:b7:5e:e3:fe:73:df:85:9f:32:73:88:99:
27:fa:b0:bf:ff:b2:2e:d6:fc:52:8e:d7:e1:48:ac:
06:3c:e9:9c:4a:0f:6a:e9:93:07:fb:97:01:50:b8:
3d:ea:d6:d0:cf:a6:19:79:d6:e5:33:51:c3:cb:3d:
e3:4e:14:63:f7:87:03:ca:24:2f:b2:81:d9:88:fa:
08:62:5d:49:9b:c8:a4:2e:49:44:8c:48:44:06:bb:
5d:9b:b4:de:d3:76:93:65:27:87:13:57:76:8a:3a:
b7:0a:3c:97:18:23:03:07:2c:fc:45:38:b2:26:d9:
53:d0:f8:d5:9c:91:9f:b3:5b:f2:cc:0f:9a:5e:7e:
69:bf:7f:e4:b6:a4:af:3e:80:a3:49:27:9f:86:05:
5e:e1:1b:12:cf:4a:64:89:85:93:3b:a5:6d:83:57:
14:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B2:8D:C5:EC:15:EF:93:97:87:A6:74:8C:0A:2E:10:06:FC:EF:FF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/5bKNxewV75OXh6Z0jAouEAb87_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:ec:72:1b:9c:7f:d1:45:f1:c4:6c:34:ea:46:c8:56:bf:19:
c5:42:f2:45:82:9a:04:e0:9e:f8:3a:62:08:a0:c1:2b:4d:a6:
18:eb:90:92:23:f7:d1:7c:cf:93:01:da:a0:60:9d:c2:62:1d:
2f:a4:5a:e9:0e:e2:78:07:80:a2:60:b2:26:b5:2b:ab:51:c6:
31:f7:77:9c:86:a3:f5:92:fd:6f:14:30:93:9d:fe:d3:fa:91:
bb:a9:ad:ea:7a:a7:23:f7:44:c4:a5:3c:ae:e0:ad:85:d8:83:
21:ae:c0:6c:4e:b9:df:2a:4d:4a:f9:e4:5d:94:bc:ec:20:04:
56:04:2e:ec:5a:fb:28:11:07:67:31:54:4d:36:7d:a1:3e:ca:
6e:b2:31:b7:89:85:fa:7a:ac:bb:a6:59:48:40:52:04:37:6b:
e8:e2:20:0c:9e:26:73:d4:7f:af:48:bc:ac:76:98:a1:dc:6c:
c6:56:45:9a:a2:d8:c9:b5:db:cf:e1:69:c7:e8:03:bf:4a:8f:
fe:e3:44:3e:e4:b9:59:0a:d1:c0:be:f3:57:0e:05:63:e5:a4:
0a:a7:68:a8:d5:98:08:6a:05:e3:6a:f8:fe:7b:cc:69:b7:72:
7b:70:a6:82:e0:91:fb:53:46:72:cf:17:63:ca:03:54:58:7e:
8a:01:a4:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpFFMh8Cn7zgpVmLwvEWGHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODMwMDYxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWIyOGRjNWVjMTVlZjkzOTc4N2E2NzQ4YzBhMmUxMDA2ZmNlZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqACEsQXH88PO3YouifiXefJeb2wf
+t7aq4V9qHeuCApbcn8Bwb1v1CsOM3fsW7YugOvR2IXjK4UMvBmiz6oj5skwfFE7
//5Hb0Fgr+AxjaK921DPPkPCjL3nr/23XuP+c9+FnzJziJkn+rC//7Iu1vxSjtfh
SKwGPOmcSg9q6ZMH+5cBULg96tbQz6YZedblM1HDyz3jThRj94cDyiQvsoHZiPoI
Yl1Jm8ikLklEjEhEBrtdm7Te03aTZSeHE1d2ijq3CjyXGCMDByz8RTiyJtlT0PjV
nJGfs1vyzA+aXn5pv3/ktqSvPoCjSSefhgVe4RsSz0pkiYWTO6Vtg1cUOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOWyjcXsFe+Tl4emdIwKLhAG/O//MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNWJLTnhld1Y3NU9YaDZaMGpBb3VFQWI4N184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJPschucf9FF8cRsNOpG
yFa/GcVC8kWCmgTgnvg6YgigwStNphjrkJIj99F8z5MB2qBgncJiHS+kWukO4ngH
gKJgsia1K6tRxjH3d5yGo/WS/W8UMJOd/tP6kbuprep6pyP3RMSlPK7grYXYgyGu
wGxOud8qTUr55F2UvOwgBFYELuxa+ygRB2cxVE02faE+ym6yMbeJhfp6rLumWUhA
UgQ3a+jiIAyeJnPUf69IvKx2mKHcbMZWRZqi2Mm128/hacfoA79Kj/7jRD7kuVkK
0cC+81cOBWPlpAqnaKjVmAhqBeNq+P57zGm3cntwpoLgkftTRnLPF2PKA1RYfooB
pGQ=
-----END CERTIFICATE-----
Generated at Wed Jun 11 00:55:36 2025 by rpki-client