Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r5cFSujh8r2CHkQyxvuYPtGOyjw.roa
File: r5cFSujh8r2CHkQyxvuYPtGOyjw.roa (raw, json)
Hash identifier: bGL2uoyMlZ/lS/6POghPfVeqNVSW7w+myZcnVjgxzmw=
Subject key identifier: AF:97:05:4A:E8:E1:F2:BD:82:1E:44:32:C6:FB:98:3E:D1:8E:CA:3C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187C71B83A18A8E311C3BF8EC362D70FE46
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r5cFSujh8r2CHkQyxvuYPtGOyjw.roa
Signing time: Fri 28 Apr 2023 09:04:41 +0000
ROA not before: Fri 28 Apr 2023 09:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:187:c71b:e46/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:1b:83:a1:8a:8e:31:1c:3b:f8:ec:36:2d:70:fe:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 28 09:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af97054ae8e1f2bd821e4432c6fb983ed18eca3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:0f:1e:54:03:9a:92:c5:57:3b:a0:9c:7d:
92:d8:46:79:d8:20:d9:75:83:40:08:e4:10:8e:d1:
67:e6:17:5b:63:6f:42:38:68:ef:fb:99:30:3e:e8:
8a:2c:90:39:7c:62:1a:86:63:ba:a6:39:16:87:44:
37:5a:0d:34:6c:e8:6c:1b:15:ae:98:4e:3f:0a:14:
6a:57:33:03:c7:4f:1f:6f:9a:70:f2:ff:a9:9e:e3:
44:be:5a:40:9b:dd:fc:9c:f4:92:ce:e2:f2:bd:93:
90:40:f9:62:a9:f1:f9:b0:b8:92:7e:11:d7:27:fb:
9f:3c:7c:cd:79:ce:ee:02:68:18:ed:c4:5e:96:8e:
17:e0:1a:18:c2:bb:f9:1b:2c:f2:e3:dd:e7:f8:5a:
19:a6:38:52:dc:1a:79:42:36:86:ba:4e:2b:9d:84:
ed:ba:be:7c:d2:41:66:9a:16:df:c0:a5:17:21:10:
cd:4b:18:08:c3:c6:79:f3:3b:f0:4e:96:7e:4f:22:
90:fc:c5:8b:96:0e:fc:47:46:2e:45:3b:14:89:de:
46:41:eb:07:76:57:6e:8f:67:9d:4c:5d:0b:26:b6:
37:f2:d9:6b:68:dd:f8:98:ab:13:c2:d5:fa:dd:ba:
89:c1:95:4d:44:8d:f7:cd:1f:df:8e:2a:7d:c1:f3:
d2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:97:05:4A:E8:E1:F2:BD:82:1E:44:32:C6:FB:98:3E:D1:8E:CA:3C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r5cFSujh8r2CHkQyxvuYPtGOyjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:f1:de:dc:47:34:fe:5c:b9:33:83:25:17:61:02:67:e9:45:
06:dd:dd:13:45:da:17:9d:44:79:74:ec:aa:7f:af:d1:d3:12:
4a:5a:d0:65:04:2d:cb:05:32:60:85:31:1b:f1:8f:00:33:27:
be:ca:98:4c:5a:e4:9a:26:17:7c:01:d5:c9:cb:04:27:f9:43:
01:6a:04:ba:36:8e:e8:4b:9b:1b:29:95:31:e3:ec:76:37:0a:
84:ab:ce:26:98:31:61:d3:7b:0e:1e:dc:86:cf:ab:21:07:c9:
9b:6b:15:0f:79:fd:6e:03:e3:e7:cb:1a:64:e3:cb:08:3b:e4:
86:75:e8:12:c5:22:67:16:1b:84:40:3a:a6:b6:bd:8a:c9:22:
83:1a:d6:1a:53:e9:ca:63:65:3a:28:a5:42:07:96:a8:38:d5:
01:7b:6c:cb:82:c7:a4:3f:e1:1e:88:ab:9d:f6:1b:2e:75:9a:
e9:9c:f3:56:63:8e:8e:af:3d:15:4e:b8:ce:c5:18:e0:a4:00:
ed:80:7b:d2:a4:fc:78:60:7e:b4:08:09:81:ae:7a:e4:3a:1f:
b3:cc:a1:02:49:44:60:6e:04:10:2f:29:48:6e:fe:84:bd:81:
a3:d9:47:0f:d0:21:3a:62:ad:69:7b:02:e2:82:37:29:49:3b:
16:bc:c5:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfHG4Ohio4xHDv47DYtcP5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI4MDkwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk3MDU0YWU4ZTFmMmJkODIxZTQ0MzJjNmZiOTgzZWQxOGVjYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui4PHlQDmpLFVzugnH2S2EZ52CDZ
dYNACOQQjtFn5hdbY29COGjv+5kwPuiKLJA5fGIahmO6pjkWh0Q3Wg00bOhsGxWu
mE4/ChRqVzMDx08fb5pw8v+pnuNEvlpAm938nPSSzuLyvZOQQPliqfH5sLiSfhHX
J/ufPHzNec7uAmgY7cRelo4X4BoYwrv5Gyzy493n+FoZpjhS3Bp5QjaGuk4rnYTt
ur580kFmmhbfwKUXIRDNSxgIw8Z58zvwTpZ+TyKQ/MWLlg78R0YuRTsUid5GQesH
dlduj2edTF0LJrY38tlraN34mKsTwtX63bqJwZVNRI33zR/fjip9wfPSnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK+XBUro4fK9gh5EMsb7mD7Rjso8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcjVjRlN1amg4cjJDSGtReXh2dVlQdEdPeWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHjx3txHNP5cuTODJRdh
AmfpRQbd3RNF2hedRHl07Kp/r9HTEkpa0GUELcsFMmCFMRvxjwAzJ77KmExa5Jom
F3wB1cnLBCf5QwFqBLo2juhLmxsplTHj7HY3CoSrziaYMWHTew4e3IbPqyEHyZtr
FQ95/W4D4+fLGmTjywg75IZ16BLFImcWG4RAOqa2vYrJIoMa1hpT6cpjZToopUIH
lqg41QF7bMuCx6Q/4R6Iq532Gy51mumc81Zjjo6vPRVOuM7FGOCkAO2Ae9Kk/Hhg
frQICYGueuQ6H7PMoQJJRGBuBBAvKUhu/oS9gaPZRw/QITpirWl7AuKCNylJOxa8
xeE=
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:32:55 2025 by rpki-client