Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o_uMLh6oYUpxDme9jc-7yTo3djo.roa
File: o_uMLh6oYUpxDme9jc-7yTo3djo.roa (raw, json)
Hash identifier: 6FyEeoW0pvbdI+aTb7s/iuk3woSU1Iuq7FVCqprDVF4=
Subject key identifier: A3:FB:8C:2E:1E:A8:61:4A:71:0E:67:BD:8D:CF:BB:C9:3A:37:76:3A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8A323913
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o_uMLh6oYUpxDme9jc-7yTo3djo.roa
Signing time: Sun 05 Jun 2022 18:12:20 +0000
ROA not before: Sun 05 Jun 2022 18:12:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2318547219 (0x8a323913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 5 18:12:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3fb8c2e1ea8614a710e67bd8dcfbbc93a37763a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:fd:f8:f8:00:57:1a:30:d5:5a:8e:d0:c4:
0b:96:c5:d6:cf:f0:1c:fc:c0:d6:f2:99:dd:f0:2e:
49:33:9f:15:15:ee:17:cf:a7:b6:89:86:92:06:53:
9c:c5:d6:5f:e4:80:5e:cc:7c:8f:a1:1a:62:a1:fb:
55:4c:96:0b:b2:f9:4c:dd:50:39:e0:46:d0:3f:a5:
2a:de:dd:d4:d2:50:41:2c:fd:5a:57:f5:8a:ed:8d:
c7:e3:0c:65:a9:bb:82:07:e5:cb:01:a2:66:c1:33:
f2:53:4b:eb:7d:23:e4:a0:c4:71:c7:20:23:cb:09:
d5:f1:f3:86:aa:d0:f9:16:c5:10:42:68:21:8b:82:
ed:8b:02:43:32:2a:f8:ee:98:45:93:b7:7a:4f:27:
b9:6b:67:19:a6:11:ae:9e:8e:37:08:e7:f6:00:32:
e6:84:e9:57:a8:0a:3e:17:dd:c9:8c:5c:87:c0:7e:
e4:67:3d:de:ce:93:2f:1f:79:26:61:4a:92:6c:f1:
a3:cc:bd:93:09:d6:28:13:e2:ad:a6:3c:bb:fb:06:
e3:8a:31:86:0b:41:18:7a:59:13:d7:ae:d7:6b:ab:
f5:c9:0b:5e:f9:91:73:8c:38:c3:17:c6:cd:3e:ca:
21:81:ea:d0:1b:61:53:25:0c:67:56:58:ec:70:44:
de:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FB:8C:2E:1E:A8:61:4A:71:0E:67:BD:8D:CF:BB:C9:3A:37:76:3A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/o_uMLh6oYUpxDme9jc-7yTo3djo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:59:02:e4:7f:d5:ed:aa:43:d7:62:63:d9:60:a0:88:c4:8a:
84:cc:68:f4:dc:97:bb:55:d9:70:93:0e:7b:7a:02:a3:9e:07:
79:1f:af:99:39:c5:a3:c6:2d:cc:82:72:6e:68:a5:bf:5f:b2:
d4:ad:16:80:dd:b2:54:ff:38:87:4b:c7:72:2a:84:39:1d:98:
3b:ae:7c:e2:51:ee:f8:8f:27:a7:c5:74:96:8e:21:fb:1e:51:
e1:f4:25:b9:57:9d:02:1e:3e:62:e2:1a:f0:6f:3d:25:91:13:
60:24:2d:da:3a:43:42:a9:a1:94:21:c7:65:e9:c7:20:7a:f3:
5d:37:8e:6d:de:44:46:32:49:5d:df:20:0e:92:39:c4:02:b4:
55:32:28:90:6a:36:bb:fa:9b:24:61:55:00:3f:0f:1a:47:09:
fa:9d:90:d0:4c:04:d3:53:4f:da:36:1e:91:9c:aa:a1:fd:ff:
5a:c2:86:22:73:f7:6b:f3:5d:6b:7b:47:87:49:29:2a:ae:57:
d0:b6:6d:3a:33:93:75:15:02:ba:e7:15:1a:e8:ee:22:e5:6b:
0b:a9:b0:95:dc:da:4b:bb:9c:13:f2:39:95:3f:af:cf:b4:4f:
e9:7d:4e:a1:55:05:6a:68:f0:c3:d5:8f:ea:20:57:09:eb:f6:
6c:f3:c9:98
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIoyORMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDUxODEyMjBaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGEzZmI4YzJlMWVh
ODYxNGE3MTBlNjdiZDhkY2ZiYmM5M2EzNzc2M2EwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC61P34+ABXGjDVWo7QxAuWxdbP8Bz8wNbymd3wLkkznxUV
7hfPp7aJhpIGU5zF1l/kgF7MfI+hGmKh+1VMlguy+UzdUDngRtA/pSre3dTSUEEs
/VpX9YrtjcfjDGWpu4IH5csBombBM/JTS+t9I+SgxHHHICPLCdXx84aq0PkWxRBC
aCGLgu2LAkMyKvjumEWTt3pPJ7lrZxmmEa6ejjcI5/YAMuaE6VeoCj4X3cmMXIfA
fuRnPd7Oky8feSZhSpJs8aPMvZMJ1igT4q2mPLv7BuOKMYYLQRh6WRPXrtdrq/XJ
C175kXOMOMMXxs0+yiGB6tAbYVMlDGdWWOxwRN5FAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUo/uMLh6oYUpxDme9jc+7yTo3djowHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9vX3VNTGg2b1lVcHhEbWU5amMtN3lUbzNkam8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAc1kC5H/V7apD12Jj2WCgiMSKhMxo9NyXu1XZ
cJMOe3oCo54HeR+vmTnFo8YtzIJybmilv1+y1K0WgN2yVP84h0vHciqEOR2YO658
4lHu+I8np8V0lo4h+x5R4fQluVedAh4+YuIa8G89JZETYCQt2jpDQqmhlCHHZenH
IHrzXTeObd5ERjJJXd8gDpI5xAK0VTIokGo2u/qbJGFVAD8PGkcJ+p2Q0EwE01NP
2jYekZyqof3/WsKGInP3a/Nda3tHh0kpKq5X0LZtOjOTdRUCuucVGujuIuVrC6mw
ldzaS7ucE/I5lT+vz7RP6X1OoVUFamjww9WP6iBXCev2bPPJmA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:52:24 2025 by rpki-client