Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dr7a9VNi8ouovK_TGF-tBljozTM.roa
File: Dr7a9VNi8ouovK_TGF-tBljozTM.roa (raw, json)
Hash identifier: +XmLrHPwNg/dihHUzhtr/H6M+ZzkWztN0Zfg9ZozagM=
Subject key identifier: 0E:BE:DA:F5:53:62:F2:8B:A8:BC:AF:D3:18:5F:AD:06:58:E8:CD:33
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01878C194E7CB8AB5ED5125C7AC42F61A44A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dr7a9VNi8ouovK_TGF-tBljozTM.roa
Signing time: Sun 16 Apr 2023 22:04:41 +0000
ROA not before: Sun 16 Apr 2023 22:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:187:8c18:ffb5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8c:19:4e:7c:b8:ab:5e:d5:12:5c:7a:c4:2f:61:a4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 16 22:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ebedaf55362f28ba8bcafd3185fad0658e8cd33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7b:e2:14:f6:b6:5e:57:80:bc:aa:86:f7:3e:
33:f7:52:7d:6c:3b:62:69:04:8f:dd:36:69:71:ca:
a7:cb:a2:33:f8:3b:86:dc:a5:38:0e:9a:26:65:26:
3f:03:b3:85:fb:25:65:7f:cc:52:a4:67:f1:3d:ed:
5c:72:0b:7a:d8:40:8f:fd:2c:b2:c1:04:af:f0:9f:
43:d3:3a:59:19:44:86:8b:5e:0d:02:ae:c2:e2:10:
18:17:93:a4:e9:20:55:e4:4f:99:a4:e3:58:97:db:
c2:4f:67:88:0a:23:ef:50:92:4f:40:bd:03:1e:34:
02:47:32:e3:de:db:63:c9:12:9e:44:d4:c5:5c:c1:
10:14:42:6b:3d:f7:0d:ee:1a:47:a9:d8:d5:b7:0f:
b5:9f:ce:0f:f9:ba:c1:c0:77:1c:e6:a1:95:e2:c1:
a4:00:22:dd:47:fb:1f:ac:34:1b:5b:c2:4c:85:f9:
64:92:19:cd:4a:cb:c0:ef:8a:0b:98:ae:5b:b0:17:
51:34:0a:86:ff:1c:a2:26:9e:54:f5:98:bf:50:40:
1a:14:ae:a8:2b:60:0b:9d:79:15:8f:61:b5:f3:69:
95:f5:0f:fa:4b:7b:fe:41:38:db:3d:5b:81:10:ee:
09:08:fe:ad:7c:29:ef:05:b8:75:90:84:e9:03:02:
96:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BE:DA:F5:53:62:F2:8B:A8:BC:AF:D3:18:5F:AD:06:58:E8:CD:33
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dr7a9VNi8ouovK_TGF-tBljozTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:a2:1b:26:89:90:68:7d:8f:67:55:de:f0:d9:1d:97:8d:fd:
c5:4e:f2:73:4a:cf:af:0a:71:a9:65:45:dc:35:b0:4b:07:2d:
fb:59:9e:de:68:2a:88:f4:c1:f8:d4:51:33:e5:58:9a:d7:3b:
51:91:93:5c:ba:15:fb:69:1f:8b:af:44:20:bd:e3:01:a7:dd:
76:fa:85:03:ed:23:29:9c:dd:41:5f:fa:d4:4c:2f:7a:f4:b7:
f8:2d:42:12:f2:0e:a0:b9:19:b4:34:10:79:2c:9c:41:11:1c:
57:cd:99:f8:6d:dc:e8:b9:79:0f:a4:aa:19:f4:56:d6:e9:39:
58:b4:9b:5e:1d:d0:3f:bd:8f:72:42:46:c3:27:38:42:1d:26:
b9:4a:88:a7:a1:d6:04:cf:21:2b:ca:26:e5:27:4e:f0:f3:31:
44:02:0f:22:79:d0:62:4d:65:30:05:05:d8:b7:4e:9e:34:d2:
87:72:04:bc:cf:50:8c:b3:9d:3a:68:1b:ea:3a:20:dd:46:e8:
35:42:63:a4:c1:ac:88:eb:c8:f5:10:2f:89:39:40:31:c9:b1:
cf:a8:3e:af:6b:fb:58:40:06:7d:45:54:ae:2f:bb:99:79:d2:
06:ac:39:b5:0d:e4:19:ac:07:d0:74:0c:d6:f5:ae:87:c8:39:
54:fa:de:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeMGU58uKte1RJcesQvYaRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE2MjIwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJlZGFmNTUzNjJmMjhiYThiY2FmZDMxODVmYWQwNjU4ZThjZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XviFPa2XleAvKqG9z4z91J9bDti
aQSP3TZpccqny6Iz+DuG3KU4DpomZSY/A7OF+yVlf8xSpGfxPe1ccgt62ECP/Syy
wQSv8J9D0zpZGUSGi14NAq7C4hAYF5Ok6SBV5E+ZpONYl9vCT2eICiPvUJJPQL0D
HjQCRzLj3ttjyRKeRNTFXMEQFEJrPfcN7hpHqdjVtw+1n84P+brBwHcc5qGV4sGk
ACLdR/sfrDQbW8JMhflkkhnNSsvA74oLmK5bsBdRNAqG/xyiJp5U9Zi/UEAaFK6o
K2ALnXkVj2G182mV9Q/6S3v+QTjbPVuBEO4JCP6tfCnvBbh1kITpAwKWfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA6+2vVTYvKLqLyv0xhfrQZY6M0zMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRHI3YTlWTmk4b3VvdktfVEdGLXRCbGpvelRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECiGyaJkGh9j2dV3vDZ
HZeN/cVO8nNKz68KcallRdw1sEsHLftZnt5oKoj0wfjUUTPlWJrXO1GRk1y6Fftp
H4uvRCC94wGn3Xb6hQPtIymc3UFf+tRML3r0t/gtQhLyDqC5GbQ0EHksnEERHFfN
mfht3Oi5eQ+kqhn0VtbpOVi0m14d0D+9j3JCRsMnOEIdJrlKiKeh1gTPISvKJuUn
TvDzMUQCDyJ50GJNZTAFBdi3Tp400odyBLzPUIyznTpoG+o6IN1G6DVCY6TBrIjr
yPUQL4k5QDHJsc+oPq9r+1hABn1FVK4vu5l50gasObUN5BmsB9B0DNb1rofIOVT6
3gU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:37:28 2025 by rpki-client