Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oR9e9GfWtbTb4TB1WVWjHSFDrqI.roa
File: oR9e9GfWtbTb4TB1WVWjHSFDrqI.roa (raw, json)
Hash identifier: wOqSjXsOnFUkBmYca6SXZ+kcA2UCvji+dJagY5aQT7Y=
Subject key identifier: A1:1F:5E:F4:67:D6:B5:B4:DB:E1:30:75:59:55:A3:1D:21:43:AE:A2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2895CD732D04519A95590860DAF0B64B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oR9e9GfWtbTb4TB1WVWjHSFDrqI.roa
Signing time: Thu 24 Aug 2023 17:27:00 +0000
ROA not before: Thu 24 Aug 2023 17:27:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:95:cd:73:2d:04:51:9a:95:59:08:60:da:f0:b6:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 17:27:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a11f5ef467d6b5b4dbe130755955a31d2143aea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:2b:d4:0c:4c:d6:5e:67:93:bf:ee:ab:b6:
27:26:1f:6e:b8:cf:8f:35:78:c2:cb:f8:f3:72:88:
4f:6d:25:98:58:f0:7c:68:24:5e:a8:b5:67:48:2b:
69:f3:3f:2c:ff:c9:cd:87:07:d5:f1:0e:cd:c3:a9:
d2:ce:d3:dd:5a:c4:a9:b0:4f:ae:3a:86:49:5c:c1:
79:b6:4a:a3:7c:ce:8d:0a:58:4f:e7:5f:0c:2b:0d:
9e:3d:37:8f:d7:00:73:92:01:cd:22:e0:55:ed:9f:
46:ac:61:ab:4f:05:9e:4d:94:93:2b:0e:17:f0:09:
a8:12:f8:7f:42:8c:e1:6f:6a:c6:a8:cc:b5:f0:a7:
93:d8:7e:8b:1b:4f:2a:6d:3a:2b:32:94:e9:b0:e8:
e7:8d:16:a3:47:a0:fa:b9:30:36:78:de:2a:47:84:
cd:06:ef:be:30:d0:c5:d0:fe:30:05:e7:47:1f:f8:
08:60:37:ca:0f:17:e0:1e:e9:d7:08:77:67:25:2d:
df:f7:bc:7c:81:ff:cc:06:54:95:0b:ed:23:04:06:
2a:b6:66:17:db:0c:32:7e:4c:30:a0:94:61:82:34:
98:70:ca:0f:1e:a1:6c:75:e8:92:d5:8f:a0:09:39:
40:9f:78:b5:c5:c3:a8:ed:f4:38:41:e6:d8:58:c0:
51:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1F:5E:F4:67:D6:B5:B4:DB:E1:30:75:59:55:A3:1D:21:43:AE:A2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oR9e9GfWtbTb4TB1WVWjHSFDrqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:b1:7e:57:c1:a7:98:6a:19:0d:b8:68:57:a1:96:41:f3:35:
59:c6:72:cf:4c:a3:f2:e9:7c:70:fa:11:4d:cd:d0:ab:0b:88:
48:ee:75:36:75:98:68:95:98:0e:65:30:22:bb:55:1d:6f:be:
48:4a:a3:70:ef:c0:e1:28:08:a6:7e:1d:ff:c5:d9:7b:47:c2:
72:b9:7d:49:7b:10:f7:ee:22:cb:be:ba:42:46:99:52:f2:15:
72:5e:5c:f1:63:0c:82:77:03:6d:8a:33:f3:64:fb:4d:de:5b:
fa:00:37:4d:5a:04:8a:a0:d4:6d:0c:9c:d3:12:36:4a:90:d2:
b8:28:33:f5:d5:e2:df:a6:f9:88:59:72:50:58:1a:88:50:61:
7c:81:14:5f:9c:59:ac:20:89:26:3c:35:32:66:00:32:ac:8b:
66:c8:9d:e7:34:4c:8c:43:20:42:f5:f4:cf:c9:43:90:03:42:
9a:02:ae:d0:6a:28:e5:27:33:fb:df:0b:32:05:1b:4f:53:aa:
79:ee:ed:c4:71:6a:b9:fc:1a:d6:70:18:cb:b8:dc:a9:2d:d3:
1b:45:9e:89:9b:de:e2:35:a1:79:3f:89:39:dc:5c:f9:02:1b:
7b:ff:42:2a:26:b0:56:9e:3c:e5:98:51:82:ab:e4:2b:fa:b4:
01:f5:83:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoolc1zLQRRmpVZCGDa8LZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MTcyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFmNWVmNDY3ZDZiNWI0ZGJlMTMwNzU1OTU1YTMxZDIxNDNhZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoor1AxM1l5nk7/uq7YnJh9uuM+P
NXjCy/jzcohPbSWYWPB8aCReqLVnSCtp8z8s/8nNhwfV8Q7Nw6nSztPdWsSpsE+u
OoZJXMF5tkqjfM6NClhP518MKw2ePTeP1wBzkgHNIuBV7Z9GrGGrTwWeTZSTKw4X
8AmoEvh/Qozhb2rGqMy18KeT2H6LG08qbTorMpTpsOjnjRajR6D6uTA2eN4qR4TN
Bu++MNDF0P4wBedHH/gIYDfKDxfgHunXCHdnJS3f97x8gf/MBlSVC+0jBAYqtmYX
2wwyfkwwoJRhgjSYcMoPHqFsdeiS1Y+gCTlAn3i1xcOo7fQ4QebYWMBRBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKEfXvRn1rW02+EwdVlVox0hQ66iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb1I5ZTlHZld0YlRiNFRCMVdWV2pIU0ZEcnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ+xflfBp5hqGQ24aFeh
lkHzNVnGcs9Mo/LpfHD6EU3N0KsLiEjudTZ1mGiVmA5lMCK7VR1vvkhKo3DvwOEo
CKZ+Hf/F2XtHwnK5fUl7EPfuIsu+ukJGmVLyFXJeXPFjDIJ3A22KM/Nk+03eW/oA
N01aBIqg1G0MnNMSNkqQ0rgoM/XV4t+m+YhZclBYGohQYXyBFF+cWawgiSY8NTJm
ADKsi2bInec0TIxDIEL19M/JQ5ADQpoCrtBqKOUnM/vfCzIFG09Tqnnu7cRxarn8
GtZwGMu43Kkt0xtFnomb3uI1oXk/iTncXPkCG3v/QiomsFaePOWYUYKr5Cv6tAH1
g5c=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:10:18 2025 by rpki-client