Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7ImFjJ5vs7AaBlnd3VUwt9E_vD4.roa
File: 7ImFjJ5vs7AaBlnd3VUwt9E_vD4.roa (raw, json)
Hash identifier: FovFgA2uu9sO3wkG61vZSlCW0EI9b9xsPrIozL4G4DU=
Subject key identifier: EC:89:85:8C:9E:6F:B3:B0:1A:06:59:DD:DD:55:30:B7:D1:3F:BC:3E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185B1AFD76298F71231DE30ADA2CF3559C7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7ImFjJ5vs7AaBlnd3VUwt9E_vD4.roa
Signing time: Sat 14 Jan 2023 19:09:29 +0000
ROA not before: Sat 14 Jan 2023 19:09:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b1:af:d7:62:98:f7:12:31:de:30:ad:a2:cf:35:59:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 14 19:09:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec89858c9e6fb3b01a0659dddd5530b7d13fbc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:39:ec:64:fc:08:b2:82:46:c7:5d:5c:fb:4d:
22:96:cc:da:4c:3d:7b:67:3d:38:36:f0:fb:e7:8c:
09:ef:74:43:0f:c1:28:59:8a:93:35:b8:6a:9e:92:
5d:87:ed:4f:fe:ca:71:00:ab:51:90:40:da:d2:69:
ab:3a:ce:27:ca:06:61:29:12:8b:f5:61:7f:6a:a6:
76:52:1b:68:68:32:ad:21:66:f3:45:0f:ba:30:bc:
78:76:21:d7:11:86:9b:42:a1:38:9e:6e:97:39:25:
9a:df:1f:8b:df:6c:a7:a1:eb:b2:03:36:52:f3:08:
5a:91:20:d4:11:c3:e8:a5:32:da:48:77:b1:f3:c3:
ca:e5:e6:24:19:1b:8d:7f:07:27:4d:a8:bf:fc:38:
ea:8a:b3:49:d7:3e:a5:fa:fe:3c:8f:8e:e8:72:a1:
b3:76:91:61:e2:26:fd:5c:fa:bb:a7:51:c3:7e:33:
b3:c6:74:b9:c4:cf:dc:6c:be:df:54:dc:05:59:ae:
11:4b:94:57:bb:61:39:26:83:db:55:97:38:c9:fb:
5d:3e:6b:63:80:c7:4f:1e:8e:87:b0:4d:be:e2:e2:
ae:c1:b6:19:ee:e0:ae:24:bb:76:02:e6:0f:77:3f:
65:89:f1:60:dc:6c:27:09:a1:2d:8d:f9:67:df:56:
a1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:89:85:8C:9E:6F:B3:B0:1A:06:59:DD:DD:55:30:B7:D1:3F:BC:3E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7ImFjJ5vs7AaBlnd3VUwt9E_vD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:7a:53:c2:19:c7:1f:8c:d1:00:a4:78:ae:29:40:49:c4:ef:
b4:06:7b:ce:46:aa:9f:09:1d:77:05:63:5b:cd:d8:49:fd:f9:
1c:0e:09:84:21:8b:8d:57:b5:9e:c5:18:54:0d:06:bd:aa:b4:
e1:8a:c0:b9:aa:ba:2b:f7:47:1d:73:68:e8:a2:bc:96:31:89:
9b:ab:6b:8d:8a:51:a0:e7:23:b6:42:7e:53:a7:de:f8:a8:bd:
e2:bf:2b:7f:eb:1c:44:c3:d0:57:27:e4:93:19:a9:be:ee:50:
b9:14:c2:a9:c2:c1:bd:ad:af:4c:be:94:39:b5:e4:68:0f:65:
d0:5e:14:4d:0c:db:d0:45:b5:46:62:0b:8e:93:58:9f:db:28:
35:3d:48:3a:59:74:cf:f1:93:7d:d4:ea:73:f8:1a:95:0d:cd:
de:e4:6f:5d:ff:15:1b:f7:c8:b0:58:ec:62:27:00:10:99:8d:
e1:e2:04:fd:56:a9:34:a7:05:24:33:0a:fa:c1:03:97:d7:d5:
f1:a6:79:2e:b7:c1:7b:25:9e:dd:66:45:bc:7c:2c:8a:0e:6c:
18:e7:5e:9f:3a:ff:6b:45:bb:7f:da:8a:92:c4:8f:e6:43:57:
45:0a:99:07:7f:1f:cf:18:74:92:b1:26:d9:ae:22:56:4a:9d:
63:55:fa:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWxr9dimPcSMd4wraLPNVnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE0MTkwOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg5ODU4YzllNmZiM2IwMWEwNjU5ZGRkZDU1MzBiN2QxM2ZiYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDnsZPwIsoJGx11c+00ilszaTD17
Zz04NvD754wJ73RDD8EoWYqTNbhqnpJdh+1P/spxAKtRkEDa0mmrOs4nygZhKRKL
9WF/aqZ2UhtoaDKtIWbzRQ+6MLx4diHXEYabQqE4nm6XOSWa3x+L32ynoeuyAzZS
8whakSDUEcPopTLaSHex88PK5eYkGRuNfwcnTai//DjqirNJ1z6l+v48j47ocqGz
dpFh4ib9XPq7p1HDfjOzxnS5xM/cbL7fVNwFWa4RS5RXu2E5JoPbVZc4yftdPmtj
gMdPHo6HsE2+4uKuwbYZ7uCuJLt2AuYPdz9lifFg3GwnCaEtjfln31ahdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOyJhYyeb7OwGgZZ3d1VMLfRP7w+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN0ltRmpKNXZzN0FhQmxuZDNWVXd0OUVfdkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHx6U8IZxx+M0QCkeK4p
QEnE77QGe85Gqp8JHXcFY1vN2En9+RwOCYQhi41XtZ7FGFQNBr2qtOGKwLmquiv3
Rx1zaOiivJYxiZura42KUaDnI7ZCflOn3vioveK/K3/rHETD0Fcn5JMZqb7uULkU
wqnCwb2tr0y+lDm15GgPZdBeFE0M29BFtUZiC46TWJ/bKDU9SDpZdM/xk33U6nP4
GpUNzd7kb13/FRv3yLBY7GInABCZjeHiBP1WqTSnBSQzCvrBA5fX1fGmeS63wXsl
nt1mRbx8LIoObBjnXp86/2tFu3/aipLEj+ZDV0UKmQd/H88YdJKxJtmuIlZKnWNV
+p8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:08:02 2025 by rpki-client