Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IOfG0hrkg2h0nBvOgtPWVjzFVao.roa
File: IOfG0hrkg2h0nBvOgtPWVjzFVao.roa (raw, json)
Hash identifier: SnO01Rx2FvV7R96mAhXPQ/vMx/9METOMKSDwcVAQG5s=
Subject key identifier: 20:E7:C6:D2:1A:E4:83:68:74:9C:1B:CE:82:D3:D6:56:3C:C5:55:AA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183D7414BF0429940C205ED5C1516777DD4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IOfG0hrkg2h0nBvOgtPWVjzFVao.roa
Signing time: Fri 14 Oct 2022 16:08:44 +0000
ROA not before: Fri 14 Oct 2022 16:08:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:183:d73d:6a06/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d7:41:4b:f0:42:99:40:c2:05:ed:5c:15:16:77:7d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 14 16:08:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20e7c6d21ae48368749c1bce82d3d6563cc555aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:80:ee:cd:db:92:41:12:94:da:89:11:49:3b:
bd:02:ac:01:c3:3e:88:9a:d6:d7:23:6c:40:9d:46:
6d:22:af:37:e1:ad:5e:17:b2:df:6a:df:cc:8d:9d:
c6:8e:f0:fb:ae:36:df:6a:56:e8:ae:55:9b:04:10:
23:10:96:82:d2:ba:b3:b6:d6:0d:83:ba:23:c9:78:
de:a9:d3:fd:68:a2:f0:2e:9f:d1:3e:3a:cf:e7:4c:
26:29:49:bd:28:ad:f5:d1:80:a1:47:d5:60:8b:c0:
3d:50:b4:25:3a:b0:00:17:81:b2:4d:f2:35:7b:fb:
44:b6:b5:fc:da:a2:52:9d:8a:76:2b:29:c5:bd:01:
49:b1:d4:30:c3:2e:4c:af:aa:04:c5:ad:42:8b:c2:
95:2f:65:d4:3b:11:59:47:29:ef:83:35:b5:ad:2d:
0c:6a:a7:71:e6:b2:d9:40:11:1d:c8:df:2f:94:54:
6b:1d:84:cf:38:f1:cf:4c:db:d4:30:d7:58:a7:73:
8e:c7:ae:6c:eb:0f:cd:5a:74:ae:08:c8:d4:e8:42:
57:f1:2d:58:48:dd:79:2d:27:56:40:52:c5:ea:f4:
57:6d:f7:33:87:f6:a7:a1:a3:da:a8:33:07:1a:fa:
c5:6a:e5:23:2a:1b:e6:25:06:d5:d1:84:cf:94:11:
e2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E7:C6:D2:1A:E4:83:68:74:9C:1B:CE:82:D3:D6:56:3C:C5:55:AA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IOfG0hrkg2h0nBvOgtPWVjzFVao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:69:85:43:f8:6d:b9:52:b8:28:a5:49:b8:c8:07:5b:56:d5:
00:a8:3b:40:90:ee:04:91:97:6f:fb:2f:b4:cd:74:b3:85:a7:
09:46:03:8f:29:ab:d0:a2:63:7d:b5:5f:df:01:05:7f:b3:69:
be:56:12:66:c3:ce:f6:4a:1d:b9:40:81:fc:89:17:39:ef:3d:
91:bb:67:c6:2c:f0:f8:5c:0d:45:e5:1b:42:b6:a5:12:02:61:
4f:09:63:32:05:71:0b:f3:e5:21:70:5d:c4:0d:4e:09:34:10:
67:f3:3a:48:af:05:aa:f1:b9:69:28:3f:9a:86:f9:db:b8:8b:
07:4d:47:ce:aa:d4:f0:88:65:e9:08:87:49:df:ca:6b:5e:c0:
2b:84:7e:fa:ff:cb:47:f9:cf:fc:76:bb:99:10:69:f9:c8:d7:
08:b4:30:14:b9:5d:24:29:bc:86:c8:fa:36:8c:1e:0e:e5:47:
17:14:31:41:d0:02:4a:9d:d3:e7:dc:ff:99:7d:50:e8:86:78:
32:e3:2e:c8:c4:a7:09:bb:bf:7e:de:0d:b6:54:37:c3:44:b1:
3a:93:c9:87:61:21:5e:d7:aa:0a:ef:f8:05:4a:e0:8a:99:c6:
48:5c:65:97:2d:83:10:46:97:c7:e2:64:94:cf:c2:44:66:80:
ec:de:64:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPXQUvwQplAwgXtXBUWd33UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDE0MTYwODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGU3YzZkMjFhZTQ4MzY4NzQ5YzFiY2U4MmQzZDY1NjNjYzU1NWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oDuzduSQRKU2okRSTu9AqwBwz6I
mtbXI2xAnUZtIq834a1eF7Lfat/MjZ3GjvD7rjbfalborlWbBBAjEJaC0rqzttYN
g7ojyXjeqdP9aKLwLp/RPjrP50wmKUm9KK310YChR9Vgi8A9ULQlOrAAF4GyTfI1
e/tEtrX82qJSnYp2KynFvQFJsdQwwy5Mr6oExa1Ci8KVL2XUOxFZRynvgzW1rS0M
aqdx5rLZQBEdyN8vlFRrHYTPOPHPTNvUMNdYp3OOx65s6w/NWnSuCMjU6EJX8S1Y
SN15LSdWQFLF6vRXbfczh/anoaPaqDMHGvrFauUjKhvmJQbV0YTPlBHi8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCDnxtIa5INodJwbzoLT1lY8xVWqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSU9mRzBocmtnMmgwbkJ2T2d0UFdWanpGVmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALNphUP4bblSuCilSbjI
B1tW1QCoO0CQ7gSRl2/7L7TNdLOFpwlGA48pq9CiY321X98BBX+zab5WEmbDzvZK
HblAgfyJFznvPZG7Z8Ys8PhcDUXlG0K2pRICYU8JYzIFcQvz5SFwXcQNTgk0EGfz
OkivBarxuWkoP5qG+du4iwdNR86q1PCIZekIh0nfymtewCuEfvr/y0f5z/x2u5kQ
afnI1wi0MBS5XSQpvIbI+jaMHg7lRxcUMUHQAkqd0+fc/5l9UOiGeDLjLsjEpwm7
v37eDbZUN8NEsTqTyYdhIV7Xqgrv+AVK4IqZxkhcZZctgxBGl8fiZJTPwkRmgOze
ZO8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:05:19 2025 by rpki-client