Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/E3HSmJq5IXUlscLa54UKpLtMyYo.roa
File: E3HSmJq5IXUlscLa54UKpLtMyYo.roa (raw, json)
Hash identifier: csEImuti0zvQdMtuRYomiZ3RUT2ttlo1qC+Yan//C3w=
Subject key identifier: 13:71:D2:98:9A:B9:21:75:25:B1:C2:DA:E7:85:0A:A4:BB:4C:C9:8A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186EF4564EB53A8397DA92E20C596800F75
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/E3HSmJq5IXUlscLa54UKpLtMyYo.roa
Signing time: Fri 17 Mar 2023 11:12:27 +0000
ROA not before: Fri 17 Mar 2023 11:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:45:64:eb:53:a8:39:7d:a9:2e:20:c5:96:80:0f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 17 11:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1371d2989ab9217525b1c2dae7850aa4bb4cc98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:87:04:6a:d0:9d:2b:e0:f2:32:69:72:9c:22:
a6:82:b7:51:73:44:26:4f:36:56:df:00:4a:55:b5:
4a:f1:03:c5:ef:07:31:96:96:6b:dc:37:ae:c9:77:
a7:66:40:b1:6a:59:6a:5c:d9:2b:7e:26:85:e5:9f:
be:80:b7:39:ed:71:18:5c:e1:03:b3:23:1c:30:02:
94:08:d6:b8:9d:e9:4f:72:47:93:c1:45:92:fb:79:
33:45:d0:e8:15:4d:fa:a9:0d:74:1a:bb:d2:88:57:
1b:a6:44:18:13:c3:21:de:f5:73:b3:11:b1:5a:de:
2e:78:ec:83:83:b9:37:6a:1b:d0:c4:62:6d:79:a0:
2f:e0:c1:4d:66:49:fc:1e:2f:c7:57:b6:e5:ce:11:
07:da:97:36:5b:17:c0:fe:4a:b7:11:2e:41:a4:cb:
16:ad:2a:3f:2c:7a:d7:f3:8c:a5:b1:a8:de:2a:53:
ca:23:95:24:64:b0:a6:5d:43:01:78:e8:bd:d3:f4:
4d:0f:e1:67:7c:4e:d6:da:92:93:ce:4a:61:b9:68:
92:ec:12:d5:90:e3:fe:d6:e5:2c:49:10:4e:5d:c6:
c9:f5:61:00:03:56:b9:75:ec:90:1c:48:29:38:83:
b1:c9:98:c1:25:33:96:bd:d6:2c:90:99:83:db:04:
24:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:71:D2:98:9A:B9:21:75:25:B1:C2:DA:E7:85:0A:A4:BB:4C:C9:8A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/E3HSmJq5IXUlscLa54UKpLtMyYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:b4:ab:9b:33:55:f1:59:01:1d:69:fc:c0:de:74:1f:24:08:
02:92:79:f3:e4:f4:28:1f:12:bd:36:1f:5b:93:09:60:e9:f7:
19:47:22:e7:33:20:47:0a:7e:8e:b9:35:0b:6c:ad:d3:55:bd:
32:2d:98:03:a3:82:70:b9:d5:d2:be:5a:09:ae:ae:bc:e7:58:
1a:61:10:ae:ab:9a:81:d7:97:a9:06:98:72:fe:9e:83:0c:bb:
16:4a:cd:bc:80:07:65:a4:9b:1d:11:76:60:48:18:ac:c4:cf:
36:35:c3:2b:1a:62:52:68:43:72:a0:52:ed:54:e5:c6:39:f4:
c2:8d:6e:6a:65:86:2b:af:e6:95:4b:da:4e:1d:89:79:ff:dd:
05:b0:88:0b:df:e9:e3:06:72:46:c7:0b:91:2c:39:26:47:77:
ec:1f:01:37:3e:5c:d1:df:2c:55:2d:76:4f:d2:d7:38:b9:21:
74:a9:35:57:fa:e9:8f:f8:3e:12:15:84:01:91:a0:be:ae:90:
c4:18:0c:42:05:4f:a0:cc:27:c3:93:f7:6c:bc:cb:c9:6d:12:
c4:5d:a9:59:40:8b:b6:26:ce:0b:2c:e0:e7:0b:d7:28:8c:bc:
7c:fc:d5:5d:5b:32:0c:10:82:ae:1f:3f:65:59:13:8a:06:87:
45:ac:2a:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbvRWTrU6g5fakuIMWWgA91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE3MTExMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzcxZDI5ODlhYjkyMTc1MjViMWMyZGFlNzg1MGFhNGJiNGNjOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ocEatCdK+DyMmlynCKmgrdRc0Qm
TzZW3wBKVbVK8QPF7wcxlpZr3DeuyXenZkCxallqXNkrfiaF5Z++gLc57XEYXOED
syMcMAKUCNa4nelPckeTwUWS+3kzRdDoFU36qQ10GrvSiFcbpkQYE8Mh3vVzsxGx
Wt4ueOyDg7k3ahvQxGJteaAv4MFNZkn8Hi/HV7blzhEH2pc2WxfA/kq3ES5BpMsW
rSo/LHrX84ylsajeKlPKI5UkZLCmXUMBeOi90/RND+FnfE7W2pKTzkphuWiS7BLV
kOP+1uUsSRBOXcbJ9WEAA1a5deyQHEgpOIOxyZjBJTOWvdYskJmD2wQkYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBNx0piauSF1JbHC2ueFCqS7TMmKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRTNIU21KcTVJWFVsc2NMYTU0VUtwTHRNeVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALS0q5szVfFZAR1p/MDe
dB8kCAKSefPk9CgfEr02H1uTCWDp9xlHIuczIEcKfo65NQtsrdNVvTItmAOjgnC5
1dK+WgmurrznWBphEK6rmoHXl6kGmHL+noMMuxZKzbyAB2Wkmx0RdmBIGKzEzzY1
wysaYlJoQ3KgUu1U5cY59MKNbmplhiuv5pVL2k4diXn/3QWwiAvf6eMGckbHC5Es
OSZHd+wfATc+XNHfLFUtdk/S1zi5IXSpNVf66Y/4PhIVhAGRoL6ukMQYDEIFT6DM
J8OT92y8y8ltEsRdqVlAi7Ymzgss4OcL1yiMvHz81V1bMgwQgq4fP2VZE4oGh0Ws
KkE=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:40:51 2025 by rpki-client