Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dPhYlc3iumt56G35_kDDGw8gJ0Q.roa
File: dPhYlc3iumt56G35_kDDGw8gJ0Q.roa (raw, json)
Hash identifier: Jfm14gYwzR7eee3F7oL8XJEexvxHlMQEuccqWZzmBu0=
Subject key identifier: 74:F8:58:95:CD:E2:BA:6B:79:E8:6D:F9:FE:40:C3:1B:0F:20:27:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186523334C07201FEBC3F70F069F85BD67F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dPhYlc3iumt56G35_kDDGw8gJ0Q.roa
Signing time: Tue 14 Feb 2023 23:12:12 +0000
ROA not before: Tue 14 Feb 2023 23:12:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:52:33:34:c0:72:01:fe:bc:3f:70:f0:69:f8:5b:d6:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 14 23:12:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74f85895cde2ba6b79e86df9fe40c31b0f202744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a0:4e:85:47:32:f8:03:f7:cd:f5:51:64:98:
29:94:c8:ec:d0:b7:52:10:23:2e:a6:e0:3b:3f:fb:
e8:ca:c6:1c:23:55:6e:98:ff:32:d1:1e:81:1a:12:
d8:12:14:08:45:9a:bb:52:93:ed:b2:5c:bd:78:ab:
06:26:3e:b6:4b:f5:3c:70:09:08:4f:97:c5:11:1f:
f3:6a:64:fe:16:cd:25:45:98:61:12:5d:b8:ab:a9:
65:f1:1b:fb:8d:58:39:54:83:9b:26:be:b7:64:73:
e2:17:19:5f:36:19:dd:78:66:1d:27:b3:06:9e:85:
7d:10:3e:8d:c6:26:ef:51:95:c0:b7:a5:30:4d:e8:
00:ea:ca:f6:4b:58:78:9e:54:d0:17:2d:71:0b:90:
bc:0d:40:c9:16:35:e8:6e:59:7d:30:95:e2:58:01:
6d:44:bd:ba:3e:87:69:68:12:82:aa:7e:c2:21:ac:
7d:23:a2:36:80:74:49:01:4d:15:fe:da:ce:ab:42:
a0:8d:c1:2b:26:88:ee:0a:23:4a:87:aa:42:42:94:
e4:ba:a0:b1:4b:49:3b:88:cc:99:97:9e:c9:a3:6b:
26:34:e6:d7:24:b5:3b:52:30:8c:8a:4e:bd:83:0f:
97:f6:e6:38:b8:7b:49:31:34:8c:d0:bd:ee:5a:7d:
00:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F8:58:95:CD:E2:BA:6B:79:E8:6D:F9:FE:40:C3:1B:0F:20:27:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dPhYlc3iumt56G35_kDDGw8gJ0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a9:ab:18:99:4f:1f:b8:87:3a:11:51:7a:6d:52:8b:c7:70:81:
75:30:8b:5a:98:c2:d0:8a:a2:be:44:f7:dc:19:57:53:4d:8b:
de:da:da:f7:c4:e8:31:ab:0d:85:0c:18:0b:8e:e9:e4:1c:c5:
f7:e5:fa:07:bb:eb:35:2b:7e:b9:51:50:73:55:4e:37:27:48:
2c:8e:1f:63:c5:e9:f6:52:e1:9c:2f:ae:6d:32:1a:b4:69:24:
a3:a0:31:6b:76:19:0f:73:81:ef:2c:cd:3e:a8:23:7f:bd:95:
84:a7:f9:f6:70:6c:c7:8c:89:1c:fa:b4:53:8f:ba:21:d7:7d:
19:bf:aa:5a:28:d6:7f:c3:28:0c:fb:21:78:c7:ff:3f:02:6c:
1c:fb:62:53:09:88:54:1e:23:fb:20:2a:69:69:0e:02:dd:75:
1d:8b:b7:77:e8:0e:10:96:9f:4d:0d:ed:45:2d:df:23:5f:7d:
f4:3f:92:dc:11:75:0b:23:18:4d:34:b0:78:f0:76:a0:dd:11:
65:d8:b9:b2:db:e6:2e:db:2d:58:77:04:32:6f:ae:02:1c:91:
4a:d7:84:a7:6b:96:ae:46:b6:b7:90:d1:10:b4:49:68:16:f6:
a6:99:76:65:53:33:a6:c3:c2:f1:54:93:b0:aa:cd:a0:3b:1e:
28:6f:b6:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZSMzTAcgH+vD9w8Gn4W9Z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE0MjMxMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY4NTg5NWNkZTJiYTZiNzllODZkZjlmZTQwYzMxYjBmMjAyNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqBOhUcy+AP3zfVRZJgplMjs0LdS
ECMupuA7P/voysYcI1VumP8y0R6BGhLYEhQIRZq7UpPtsly9eKsGJj62S/U8cAkI
T5fFER/zamT+Fs0lRZhhEl24q6ll8Rv7jVg5VIObJr63ZHPiFxlfNhndeGYdJ7MG
noV9ED6NxibvUZXAt6UwTegA6sr2S1h4nlTQFy1xC5C8DUDJFjXobll9MJXiWAFt
RL26PodpaBKCqn7CIax9I6I2gHRJAU0V/trOq0KgjcErJojuCiNKh6pCQpTkuqCx
S0k7iMyZl57Jo2smNObXJLU7UjCMik69gw+X9uY4uHtJMTSM0L3uWn0APwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHT4WJXN4rpreeht+f5AwxsPICdEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZFBoWWxjM2l1bXQ1NkczNV9rRERHdzhnSjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKmrGJlPH7iHOhFRem1S
i8dwgXUwi1qYwtCKor5E99wZV1NNi97a2vfE6DGrDYUMGAuO6eQcxffl+ge76zUr
frlRUHNVTjcnSCyOH2PF6fZS4Zwvrm0yGrRpJKOgMWt2GQ9zge8szT6oI3+9lYSn
+fZwbMeMiRz6tFOPuiHXfRm/qloo1n/DKAz7IXjH/z8CbBz7YlMJiFQeI/sgKmlp
DgLddR2Lt3foDhCWn00N7UUt3yNfffQ/ktwRdQsjGE00sHjwdqDdEWXYubLb5i7b
LVh3BDJvrgIckUrXhKdrlq5GtreQ0RC0SWgW9qaZdmVTM6bDwvFUk7CqzaA7Hihv
trI=
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:10:19 2025 by rpki-client