Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8PiNpnR7pblbzThiM0z77OmSQOY.roa
File: 8PiNpnR7pblbzThiM0z77OmSQOY.roa (raw, json)
Hash identifier: qoMTEhVp03GTVF6t5h4NbSGRKdoFQAVn7fLfV+y/Ufc=
Subject key identifier: F0:F8:8D:A6:74:7B:A5:B9:5B:CD:38:62:33:4C:FB:EC:E9:92:40:E6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1C46028EDD779F5EE9CB9BE80F947699
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8PiNpnR7pblbzThiM0z77OmSQOY.roa
Signing time: Tue 22 Aug 2023 08:04:24 +0000
ROA not before: Tue 22 Aug 2023 08:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:18a:1c45:f4da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:46:02:8e:dd:77:9f:5e:e9:cb:9b:e8:0f:94:76:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 22 08:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0f88da6747ba5b95bcd3862334cfbece99240e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:98:23:92:a5:d8:b7:51:88:b5:2e:df:56:29:
1e:87:48:6d:9b:57:52:11:1f:bf:69:a3:aa:4d:72:
b0:8c:57:57:91:08:d0:c1:a9:59:e5:71:94:5c:76:
0b:9a:f4:97:8c:36:85:ba:c7:a7:20:fc:f9:31:2d:
7c:25:c1:62:77:c3:b6:0f:a0:48:17:68:f6:99:d5:
da:11:46:96:ea:2b:a6:66:cb:d3:dc:9b:d8:a0:24:
a0:54:26:1f:cd:ce:3e:1a:42:b1:0d:fb:e9:aa:f1:
ce:64:db:d0:ec:45:76:7e:a9:3c:dd:c3:8e:14:7f:
04:14:7e:92:26:50:73:6e:47:57:03:f6:43:24:1c:
d5:ca:cc:4d:f4:48:d1:78:c1:cd:9d:c1:66:61:94:
9e:22:ce:de:2f:a8:0f:63:0c:83:8c:c0:76:b4:78:
9f:7f:59:2b:9c:5f:33:10:69:57:66:a1:1a:40:40:
89:72:19:fb:2d:36:9d:6b:d8:33:88:63:d8:0e:75:
33:26:9b:11:7a:19:c4:7d:92:56:54:89:dd:70:7a:
48:f6:50:44:21:db:68:d9:c3:18:ba:e8:7c:fe:6b:
28:ca:b5:e4:b1:ce:a3:6e:0f:1b:3e:1b:a9:0a:fe:
2b:11:15:0f:97:82:e5:c8:33:c0:1d:a6:46:5a:29:
88:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F8:8D:A6:74:7B:A5:B9:5B:CD:38:62:33:4C:FB:EC:E9:92:40:E6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8PiNpnR7pblbzThiM0z77OmSQOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:fa:ff:b1:dc:20:04:54:92:e5:73:8a:af:e4:bd:bb:3d:23:
70:fd:e1:20:27:ab:8f:57:91:6c:d4:c5:cd:2a:b9:d9:64:86:
d1:fa:1d:b0:74:de:75:50:a0:8c:78:b3:0b:7b:37:d0:95:ed:
e4:fa:dd:fc:5d:ee:24:94:7e:42:ed:13:52:3b:c4:d4:66:d2:
8d:44:20:ee:f6:95:5f:07:8a:d4:f1:43:ae:ae:85:57:4e:35:
0b:24:43:7f:5b:b9:ce:67:cd:d7:62:99:ac:1b:19:cf:00:5a:
6b:dc:33:f8:52:e2:28:2c:de:33:97:cf:fe:58:9f:b2:6a:4b:
48:6d:dd:08:c5:6f:67:09:ea:80:6e:97:30:5e:5a:91:d0:db:
72:aa:a7:cd:8f:04:a6:65:f6:cc:c4:b4:bc:97:93:16:71:b1:
26:c9:4c:2b:09:1a:6c:4d:63:a3:af:0b:9d:ed:33:29:ef:87:
6a:fe:28:ec:0c:42:01:f4:1c:a3:27:6b:a6:ef:cf:a6:9a:e0:
bb:8e:47:4d:68:c7:47:84:a9:af:3f:ad:a2:ea:a4:11:6e:29:
99:1f:14:95:98:86:c1:fc:1c:bb:95:6e:f7:54:50:3f:e6:5d:
0a:99:86:ba:cc:5b:45:cc:82:79:6a:4c:11:25:7e:cc:b3:65:
1f:a8:08:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYocRgKO3XefXunLm+gPlHaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIyMDgwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGY4OGRhNjc0N2JhNWI5NWJjZDM4NjIzMzRjZmJlY2U5OTI0MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJgjkqXYt1GItS7fVikeh0htm1dS
ER+/aaOqTXKwjFdXkQjQwalZ5XGUXHYLmvSXjDaFusenIPz5MS18JcFid8O2D6BI
F2j2mdXaEUaW6iumZsvT3JvYoCSgVCYfzc4+GkKxDfvpqvHOZNvQ7EV2fqk83cOO
FH8EFH6SJlBzbkdXA/ZDJBzVysxN9EjReMHNncFmYZSeIs7eL6gPYwyDjMB2tHif
f1krnF8zEGlXZqEaQECJchn7LTada9gziGPYDnUzJpsRehnEfZJWVIndcHpI9lBE
Idto2cMYuuh8/msoyrXksc6jbg8bPhupCv4rERUPl4LlyDPAHaZGWimIEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPD4jaZ0e6W5W804YjNM++zpkkDmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOFBpTnBuUjdwYmxielRoaU0wejc3T21TUU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABf6/7HcIARUkuVziq/k
vbs9I3D94SAnq49XkWzUxc0qudlkhtH6HbB03nVQoIx4swt7N9CV7eT63fxd7iSU
fkLtE1I7xNRm0o1EIO72lV8HitTxQ66uhVdONQskQ39buc5nzddimawbGc8AWmvc
M/hS4igs3jOXz/5Yn7JqS0ht3QjFb2cJ6oBulzBeWpHQ23Kqp82PBKZl9szEtLyX
kxZxsSbJTCsJGmxNY6OvC53tMynvh2r+KOwMQgH0HKMna6bvz6aa4LuOR01ox0eE
qa8/raLqpBFuKZkfFJWYhsH8HLuVbvdUUD/mXQqZhrrMW0XMgnlqTBElfsyzZR+o
CN0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:30:23 2025 by rpki-client