Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DkRDYqECGy0SntAE6eLqV9GcOlM.roa
File: DkRDYqECGy0SntAE6eLqV9GcOlM.roa (raw, json)
Hash identifier: UIqS+0dPSCkJyL42HoOnvwO9b02Zpfzrka2L84lLrFI=
Subject key identifier: 0E:44:43:62:A1:02:1B:2D:12:9E:D0:04:E9:E2:EA:57:D1:9C:3A:53
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01875C0E2109516B4A19CA7E02EEEC443FB2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DkRDYqECGy0SntAE6eLqV9GcOlM.roa
Signing time: Fri 07 Apr 2023 14:10:42 +0000
ROA not before: Fri 07 Apr 2023 14:10:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5c:0e:21:09:51:6b:4a:19:ca:7e:02:ee:ec:44:3f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 7 14:10:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e444362a1021b2d129ed004e9e2ea57d19c3a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:65:6b:b7:3c:01:7c:fd:0f:d2:bc:1d:de:3c:
60:a7:98:18:15:1b:2c:ec:e6:2e:c5:a4:fc:64:d6:
8d:6f:48:2e:3a:06:f4:d6:e8:eb:4b:2c:af:44:e9:
bb:06:af:68:2f:5c:4e:17:8b:e4:ac:c6:9a:d6:a4:
1a:0d:6c:d5:1b:7b:ef:ee:73:6b:cd:58:9d:d6:4b:
af:09:9a:30:7b:db:ab:93:6d:4d:7b:fc:d7:e4:6b:
90:fa:45:e0:e8:39:ba:d1:75:11:d2:61:7b:71:8e:
ee:31:ab:d3:bc:5a:df:64:4e:8c:1e:33:b7:b9:9c:
3d:2e:52:2b:83:f6:de:b6:07:98:f0:e2:80:8d:b2:
ce:b6:18:0f:77:3c:f6:75:b1:6a:47:86:aa:51:00:
e1:3c:57:a8:56:0d:43:c3:c6:17:b4:34:1e:8d:25:
44:40:8b:64:4d:48:ad:90:43:6c:79:c3:e1:83:24:
8c:53:8f:69:45:45:7f:e0:f8:6d:ad:fc:32:3a:05:
b7:24:b4:38:87:db:a7:4c:6f:05:03:d8:6d:75:d6:
a8:1c:58:ba:f3:59:46:1e:ba:02:87:4c:6b:1e:c7:
96:4a:2e:55:ee:6a:af:f6:96:73:fd:00:ca:e3:1d:
69:df:0c:7d:f1:e0:84:f3:9b:3f:98:da:17:36:2c:
40:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:44:43:62:A1:02:1B:2D:12:9E:D0:04:E9:E2:EA:57:D1:9C:3A:53
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DkRDYqECGy0SntAE6eLqV9GcOlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:d5:ab:88:ec:b8:4a:6e:b5:a1:0f:66:39:82:91:6f:e2:53:
0e:3f:1d:90:9e:8d:2b:4e:fa:fd:d5:84:78:df:13:37:10:2f:
ac:d9:e1:3b:19:0b:24:22:f5:a9:90:29:6c:b5:ea:1a:2e:fa:
cb:80:84:c2:b1:71:da:de:d6:45:fd:4a:23:50:8d:a2:07:c6:
be:95:c0:6b:64:d5:c6:39:04:03:5d:aa:89:6d:44:2d:4d:96:
8d:7c:c7:92:71:bb:67:29:07:66:c2:76:ae:e6:3c:32:7b:dd:
c3:6c:f7:95:80:c5:bb:e7:22:8b:18:f2:23:48:e2:53:16:5c:
6c:9f:ac:3a:24:b1:11:46:b0:0e:4b:31:9e:cd:8c:b9:db:7e:
06:fb:ed:78:3b:79:5a:42:f3:ea:ce:42:65:48:8a:61:b9:d6:
0f:5c:9e:25:15:f8:f0:fe:bf:72:3f:bd:c7:99:8b:51:52:e0:
80:d5:ff:7b:7c:96:de:59:58:b2:b9:f8:0f:1e:73:8f:2d:9f:
69:1f:9b:a5:b9:83:84:cd:e5:b1:7c:42:ad:fc:0c:0c:8d:9f:
f8:09:78:cb:05:9c:c7:76:fa:88:54:5f:a2:7e:17:c2:c0:43:
31:3d:4a:a7:3d:53:32:e0:49:3f:52:17:68:7b:09:4d:16:7d:
70:15:f8:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdcDiEJUWtKGcp+Au7sRD+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA3MTQxMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQ0NDM2MmExMDIxYjJkMTI5ZWQwMDRlOWUyZWE1N2QxOWMzYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGVrtzwBfP0P0rwd3jxgp5gYFRss
7OYuxaT8ZNaNb0guOgb01ujrSyyvROm7Bq9oL1xOF4vkrMaa1qQaDWzVG3vv7nNr
zVid1kuvCZowe9urk21Ne/zX5GuQ+kXg6Dm60XUR0mF7cY7uMavTvFrfZE6MHjO3
uZw9LlIrg/betgeY8OKAjbLOthgPdzz2dbFqR4aqUQDhPFeoVg1Dw8YXtDQejSVE
QItkTUitkENsecPhgySMU49pRUV/4PhtrfwyOgW3JLQ4h9unTG8FA9htddaoHFi6
81lGHroCh0xrHseWSi5V7mqv9pZz/QDK4x1p3wx98eCE85s/mNoXNixAZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA5EQ2KhAhstEp7QBOni6lfRnDpTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRGtSRFlxRUNHeTBTbnRBRTZlTHFWOUdjT2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHzVq4jsuEputaEPZjmC
kW/iUw4/HZCejStO+v3VhHjfEzcQL6zZ4TsZCyQi9amQKWy16hou+suAhMKxcdre
1kX9SiNQjaIHxr6VwGtk1cY5BANdqoltRC1Nlo18x5Jxu2cpB2bCdq7mPDJ73cNs
95WAxbvnIosY8iNI4lMWXGyfrDoksRFGsA5LMZ7NjLnbfgb77Xg7eVpC8+rOQmVI
imG51g9cniUV+PD+v3I/vceZi1FS4IDV/3t8lt5ZWLK5+A8ec48tn2kfm6W5g4TN
5bF8Qq38DAyNn/gJeMsFnMd2+ohUX6J+F8LAQzE9Sqc9UzLgST9SF2h7CU0WfXAV
+Aw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:16:11 2025 by rpki-client