Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OdfEvOY_6tU6IWfkFH2Y2RMB3BQ.roa
File: OdfEvOY_6tU6IWfkFH2Y2RMB3BQ.roa (raw, json)
Hash identifier: 45Kw8gul7Q7eDTmVoWFHg0xezSWm/MnHRf4wxSwi9vg=
Subject key identifier: 39:D7:C4:BC:E6:3F:EA:D5:3A:21:67:E4:14:7D:98:D9:13:01:DC:14
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018573036B829B6C5D11335A5CAD5EE2AFE6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OdfEvOY_6tU6IWfkFH2Y2RMB3BQ.roa
Signing time: Mon 02 Jan 2023 15:04:42 +0000
ROA not before: Mon 02 Jan 2023 15:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:7303:1860/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:6b:82:9b:6c:5d:11:33:5a:5c:ad:5e:e2:af:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 2 15:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39d7c4bce63fead53a2167e4147d98d91301dc14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:62:d5:a4:43:f5:ed:81:2c:8b:9a:2d:22:93:
f6:e2:6c:73:a5:dd:3b:a0:12:08:05:62:a8:a8:32:
9f:6d:eb:60:35:75:62:20:53:c4:e4:32:fc:d7:c7:
bb:13:11:a2:c2:68:4b:b2:87:45:3d:c3:09:25:88:
bd:6e:98:4b:9f:cf:16:b9:a4:c8:b1:70:60:fe:18:
e6:4d:fe:3a:26:04:5c:7b:b2:d5:5c:af:f4:79:da:
53:31:9c:5e:de:96:0e:9c:a2:36:c9:3e:75:59:39:
b3:c9:fc:0e:89:de:a2:2d:de:0e:fd:30:76:e3:68:
f6:d3:13:8e:b1:90:ed:a1:c2:7e:92:93:58:d6:89:
a1:63:5f:bd:37:7a:e1:31:92:e9:53:e6:83:36:1f:
97:3c:a3:c9:96:03:04:2c:02:73:54:b1:f8:19:0c:
3f:da:2d:49:c2:15:53:50:b7:0d:ba:46:df:92:02:
37:27:84:b4:b8:17:51:9f:e8:54:66:a5:ba:d6:4b:
34:ae:26:80:b3:c0:c2:3d:24:db:18:ff:e1:1d:b0:
1f:65:a4:23:c0:d4:81:da:2a:16:d2:4c:c2:31:cb:
87:10:c6:e3:30:7e:4f:c1:75:19:32:66:ed:b9:13:
de:45:ae:90:0c:d6:3c:5a:45:49:29:d4:7d:11:cc:
d8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D7:C4:BC:E6:3F:EA:D5:3A:21:67:E4:14:7D:98:D9:13:01:DC:14
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OdfEvOY_6tU6IWfkFH2Y2RMB3BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:70:d9:41:6e:db:a7:61:29:d8:42:08:b2:40:e8:5e:d2:92:
10:a5:73:0d:88:58:b9:4e:9d:21:94:b7:11:3f:71:d2:a4:46:
7a:c9:4e:c1:ae:c5:78:6f:96:1e:74:a6:48:cb:d6:c4:6c:24:
b1:28:0c:af:6b:20:13:c7:7f:48:f1:16:61:4f:2e:3f:b7:c9:
fb:dd:52:be:59:ff:a2:75:33:5d:0e:4c:46:4e:f1:25:ca:89:
e0:e5:be:4f:4e:5a:d6:3b:30:7c:a3:7b:67:9a:e5:d7:30:2b:
a7:b4:71:15:0f:2e:8d:87:ca:3d:c0:74:a5:76:7d:b2:78:a5:
45:9d:3c:63:2d:75:2c:5c:66:ff:12:98:22:e5:0d:6b:e5:68:
f5:e3:d3:46:ca:f7:23:17:16:e0:79:96:02:bb:0f:8d:2d:a0:
85:ac:f6:4a:b4:11:ec:70:57:95:4e:96:50:8e:0f:38:32:d6:
08:91:0e:0c:02:76:5f:84:bd:56:9e:89:16:83:86:3e:20:0f:
31:d1:a3:d9:64:a1:54:0a:cb:cb:92:52:ae:5b:af:50:6f:95:
e9:48:22:dd:f2:2d:cf:7b:fd:65:04:f5:80:51:82:3f:cb:0d:
be:d5:93:8f:1d:ea:28:d3:b9:bc:6f:cf:81:f5:4c:42:84:c7:
2a:14:84:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzA2uCm2xdETNaXK1e4q/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAyMTUwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ3YzRiY2U2M2ZlYWQ1M2EyMTY3ZTQxNDdkOThkOTEzMDFkYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmLVpEP17YEsi5otIpP24mxzpd07
oBIIBWKoqDKfbetgNXViIFPE5DL818e7ExGiwmhLsodFPcMJJYi9bphLn88WuaTI
sXBg/hjmTf46JgRce7LVXK/0edpTMZxe3pYOnKI2yT51WTmzyfwOid6iLd4O/TB2
42j20xOOsZDtocJ+kpNY1omhY1+9N3rhMZLpU+aDNh+XPKPJlgMELAJzVLH4GQw/
2i1JwhVTULcNukbfkgI3J4S0uBdRn+hUZqW61ks0riaAs8DCPSTbGP/hHbAfZaQj
wNSB2ioW0kzCMcuHEMbjMH5PwXUZMmbtuRPeRa6QDNY8WkVJKdR9EczY5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDnXxLzmP+rVOiFn5BR9mNkTAdwUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT2RmRXZPWV82dFU2SVdma0ZIMlkyUk1CM0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADpw2UFu26dhKdhCCLJA
6F7SkhClcw2IWLlOnSGUtxE/cdKkRnrJTsGuxXhvlh50pkjL1sRsJLEoDK9rIBPH
f0jxFmFPLj+3yfvdUr5Z/6J1M10OTEZO8SXKieDlvk9OWtY7MHyje2ea5dcwK6e0
cRUPLo2Hyj3AdKV2fbJ4pUWdPGMtdSxcZv8SmCLlDWvlaPXj00bK9yMXFuB5lgK7
D40toIWs9kq0EexwV5VOllCODzgy1giRDgwCdl+EvVaeiRaDhj4gDzHRo9lkoVQK
y8uSUq5br1BvlelIIt3yLc97/WUE9YBRgj/LDb7Vk48d6ijTubxvz4H1TEKExyoU
hNc=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:21:29 2025 by rpki-client