Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OuEJKm3-HHPc2ga38QcHI4WH7QY.roa
File: OuEJKm3-HHPc2ga38QcHI4WH7QY.roa (raw, json)
Hash identifier: HbSOMf53bVVbGN0LR9X6ipMSwH1Uh4Wz6IumOgT4cII=
Subject key identifier: 3A:E1:09:2A:6D:FE:1C:73:DC:DA:06:B7:F1:07:07:23:85:87:ED:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01888BADF04A3B21BE0701148539672A25A9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OuEJKm3-HHPc2ga38QcHI4WH7QY.roa
Signing time: Mon 05 Jun 2023 13:10:12 +0000
ROA not before: Mon 05 Jun 2023 13:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:ad:f0:4a:3b:21:be:07:01:14:85:39:67:2a:25:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 5 13:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ae1092a6dfe1c73dcda06b7f10707238587ed06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8f:df:0f:d2:48:da:c8:ca:35:00:09:a5:50:
28:3b:a8:9a:fc:f1:e8:7d:8b:e7:d2:f4:db:a0:b3:
4c:68:26:32:b1:35:ba:69:a8:44:37:db:ef:36:10:
bd:14:14:0e:8e:70:76:96:0b:60:85:9f:8d:5f:d6:
ef:1d:f1:31:f9:a0:62:c3:8f:26:8a:1d:28:e9:d8:
14:7e:ae:b1:73:9c:57:e0:a3:ef:05:ea:96:53:31:
30:3d:b5:6e:ad:e7:f4:21:92:1e:37:cd:b9:92:53:
70:2f:6c:41:3c:78:17:33:95:6f:22:1c:c2:30:2e:
bb:81:b3:4e:b4:30:e0:fa:50:f5:0e:d0:c9:80:25:
73:f2:3e:3d:19:86:90:95:fb:97:de:47:c3:b8:d7:
cb:ef:cf:cc:3f:34:38:4b:9c:67:3c:0c:96:f6:45:
96:a7:87:24:55:4a:fb:bc:67:74:b7:72:63:81:15:
0d:28:a1:4c:27:d6:68:c3:f5:53:84:e3:25:8b:9e:
d2:99:19:67:c3:f2:90:72:9d:63:fc:e1:1a:52:d1:
bd:ef:72:c8:e0:57:7f:2a:9c:98:10:a5:ab:ec:40:
b6:3e:a3:84:75:9b:c7:40:54:a4:b8:ec:d4:09:e4:
e1:24:3f:38:09:c5:7b:8c:03:0a:a3:8d:26:e5:30:
59:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E1:09:2A:6D:FE:1C:73:DC:DA:06:B7:F1:07:07:23:85:87:ED:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OuEJKm3-HHPc2ga38QcHI4WH7QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:15:98:d3:b9:2f:f2:6f:15:7b:10:48:8b:51:a7:07:c5:e8:
af:f4:cc:1c:96:79:02:c8:66:8b:75:00:c9:4a:5b:5d:3c:bc:
38:e1:d8:84:0e:58:e4:a3:b2:62:63:71:be:e9:67:0e:21:3e:
c7:ef:5c:df:28:86:3f:c1:f7:63:bf:8e:6a:36:44:ac:d9:f4:
3b:0a:94:60:2b:c6:b9:87:b0:db:65:19:fe:2f:98:f9:98:2a:
03:d9:36:11:95:f3:3c:c8:ed:e2:b9:d6:2d:00:90:40:bf:2d:
9e:50:94:e3:85:27:db:8c:e2:c4:74:77:22:b0:b3:5a:c5:64:
d3:ae:ec:85:ee:cb:e3:85:71:74:9b:63:3f:d6:1c:6c:4c:2b:
0b:63:b1:a5:e8:69:20:7b:cb:46:ee:b9:0a:93:c5:c7:e8:fb:
04:41:1b:01:91:7d:aa:b8:22:91:39:82:8b:dc:a4:b2:90:7c:
a8:8e:69:d0:a7:26:95:fc:4b:2c:50:3a:1b:d6:14:32:22:a2:
ce:3d:c7:6a:16:ea:e2:6c:c2:42:2a:2a:70:c6:a8:a0:0f:81:
5b:0a:23:5d:6d:b6:4b:0c:77:4d:8f:55:c9:c8:c1:d3:91:a0:
d1:dd:1c:f4:da:f6:06:35:c1:d0:84:95:18:dc:22:f1:6c:df:
6c:d0:94:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiLrfBKOyG+BwEUhTlnKiWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA1MTMxMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWUxMDkyYTZkZmUxYzczZGNkYTA2YjdmMTA3MDcyMzg1ODdlZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI/fD9JI2sjKNQAJpVAoO6ia/PHo
fYvn0vTboLNMaCYysTW6aahEN9vvNhC9FBQOjnB2lgtghZ+NX9bvHfEx+aBiw48m
ih0o6dgUfq6xc5xX4KPvBeqWUzEwPbVuref0IZIeN825klNwL2xBPHgXM5VvIhzC
MC67gbNOtDDg+lD1DtDJgCVz8j49GYaQlfuX3kfDuNfL78/MPzQ4S5xnPAyW9kWW
p4ckVUr7vGd0t3JjgRUNKKFMJ9Zow/VThOMli57SmRlnw/KQcp1j/OEaUtG973LI
4Fd/KpyYEKWr7EC2PqOEdZvHQFSkuOzUCeThJD84CcV7jAMKo40m5TBZAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDrhCSpt/hxz3NoGt/EHByOFh+0GMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT3VFSkttMy1ISFBjMmdhMzhRY0hJNFdIN1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFEVmNO5L/JvFXsQSItR
pwfF6K/0zByWeQLIZot1AMlKW108vDjh2IQOWOSjsmJjcb7pZw4hPsfvXN8ohj/B
92O/jmo2RKzZ9DsKlGArxrmHsNtlGf4vmPmYKgPZNhGV8zzI7eK51i0AkEC/LZ5Q
lOOFJ9uM4sR0dyKws1rFZNOu7IXuy+OFcXSbYz/WHGxMKwtjsaXoaSB7y0buuQqT
xcfo+wRBGwGRfaq4IpE5govcpLKQfKiOadCnJpX8SyxQOhvWFDIios49x2oW6uJs
wkIqKnDGqKAPgVsKI11ttksMd02PVcnIwdORoNHdHPTa9gY1wdCElRjcIvFs32zQ
lM4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 22:18:13 2025 by rpki-client