Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sQ_GGocjs4Qy1AW_eXFwRdsPl_E.roa
File: sQ_GGocjs4Qy1AW_eXFwRdsPl_E.roa (raw, json)
Hash identifier: 033OH1VYUvuPyQF0HfU1J5YklAgtK93A0G8eY+4HgoA=
Subject key identifier: B1:0F:C6:1A:87:23:B3:84:32:D4:05:BF:79:71:70:45:DB:0F:97:F1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1A57A0FE5ECA54EC4F7318D16F590538
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sQ_GGocjs4Qy1AW_eXFwRdsPl_E.roa
Signing time: Mon 21 Aug 2023 23:04:24 +0000
ROA not before: Mon 21 Aug 2023 23:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:18a:1a57:6169/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1a:57:a0:fe:5e:ca:54:ec:4f:73:18:d1:6f:59:05:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 21 23:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b10fc61a8723b38432d405bf79717045db0f97f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:46:f2:8a:34:43:1a:10:2d:34:d7:eb:e5:8b:
0d:f4:d4:b9:e1:e3:95:f6:e0:ce:37:04:36:8b:04:
4b:d2:77:91:73:1a:09:34:4f:ec:ae:26:40:d0:35:
f2:93:4b:8b:6d:22:20:51:86:fb:17:66:d5:4e:0f:
f5:d5:1b:2e:7c:c7:f8:31:b3:f6:f3:f3:55:28:08:
39:d5:a0:92:16:87:19:e6:5c:07:a1:2b:0a:90:73:
50:cf:40:fa:1e:50:84:17:37:cc:f4:c9:ed:8d:40:
e7:09:bc:79:5d:08:1d:db:e4:42:aa:9c:b2:ce:35:
87:68:55:34:c7:4c:e6:c6:05:da:a5:56:f4:33:69:
0f:d9:3c:c0:08:4f:2d:d9:3c:5c:47:02:fd:14:12:
80:04:a2:b2:9b:1b:01:cb:14:bd:fb:20:7d:94:64:
81:74:9f:ce:b3:a3:e6:bd:0b:33:00:64:51:11:64:
dc:5c:4c:5e:9e:c4:ec:6f:6a:c7:b5:47:ba:fc:62:
b4:5b:64:86:37:a7:72:3c:54:df:b3:81:27:2a:99:
47:fd:21:35:38:d9:a5:a4:4c:5f:79:99:4c:d8:64:
2f:0f:f7:ae:88:a1:8b:09:c8:d8:69:97:96:91:25:
d4:f6:54:4d:ed:0a:24:43:fe:24:6b:85:65:77:e0:
9b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0F:C6:1A:87:23:B3:84:32:D4:05:BF:79:71:70:45:DB:0F:97:F1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sQ_GGocjs4Qy1AW_eXFwRdsPl_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:23:ed:2e:df:f9:f9:c0:b9:65:3a:99:f6:13:6c:1c:01:af:
93:ef:43:e0:55:87:39:61:43:46:2c:a0:a1:d3:08:ea:0d:f2:
4b:fa:48:ee:60:d7:95:8a:8c:87:1e:2b:2f:2a:21:44:8a:12:
e2:e7:07:ec:2a:87:f8:f6:b8:14:cb:82:01:27:8d:4e:7d:0a:
6c:05:cd:9c:f4:64:f3:07:d3:68:55:72:12:c4:4e:61:14:c0:
91:5b:23:ed:52:79:b2:83:2f:35:7d:9f:bd:a6:53:3b:d4:d6:
e6:fc:1e:96:b8:e9:f8:6e:94:8b:07:cf:6d:66:f2:51:c3:6f:
7b:5e:20:f5:f5:4f:e5:3a:d7:1b:64:db:a2:ef:9d:23:0a:9d:
3f:e6:17:04:d3:1d:76:b7:26:21:a3:8e:90:ec:f0:9f:06:90:
c9:f6:b5:f0:2e:ca:45:fa:34:a3:b6:bd:b4:49:f7:2b:4c:3c:
7b:6d:56:64:64:9d:91:f0:02:0d:6a:dc:c6:fc:06:6b:dc:50:
6e:75:8c:fc:90:19:2d:87:12:7b:95:24:f3:c0:c7:44:5d:d1:
50:58:a1:92:23:dd:cc:66:34:04:61:f7:fd:83:b9:0d:e1:b4:
3f:9b:1a:5f:ad:db:29:13:9e:a3:0c:fa:27:ef:48:45:22:b5:
4c:18:fe:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoaV6D+XspU7E9zGNFvWQU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIxMjMwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTBmYzYxYTg3MjNiMzg0MzJkNDA1YmY3OTcxNzA0NWRiMGY5N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0byijRDGhAtNNfr5YsN9NS54eOV
9uDONwQ2iwRL0neRcxoJNE/sriZA0DXyk0uLbSIgUYb7F2bVTg/11RsufMf4MbP2
8/NVKAg51aCSFocZ5lwHoSsKkHNQz0D6HlCEFzfM9MntjUDnCbx5XQgd2+RCqpyy
zjWHaFU0x0zmxgXapVb0M2kP2TzACE8t2TxcRwL9FBKABKKymxsByxS9+yB9lGSB
dJ/Os6PmvQszAGRREWTcXExensTsb2rHtUe6/GK0W2SGN6dyPFTfs4EnKplH/SE1
ONmlpExfeZlM2GQvD/euiKGLCcjYaZeWkSXU9lRN7QokQ/4ka4Vld+CbQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLEPxhqHI7OEMtQFv3lxcEXbD5fxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc1FfR0dvY2pzNFF5MUFXX2VYRndSZHNQbF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACwj7S7f+fnAuWU6mfYT
bBwBr5PvQ+BVhzlhQ0YsoKHTCOoN8kv6SO5g15WKjIceKy8qIUSKEuLnB+wqh/j2
uBTLggEnjU59CmwFzZz0ZPMH02hVchLETmEUwJFbI+1SebKDLzV9n72mUzvU1ub8
Hpa46fhulIsHz21m8lHDb3teIPX1T+U61xtk26LvnSMKnT/mFwTTHXa3JiGjjpDs
8J8GkMn2tfAuykX6NKO2vbRJ9ytMPHttVmRknZHwAg1q3Mb8BmvcUG51jPyQGS2H
EnuVJPPAx0Rd0VBYoZIj3cxmNARh9/2DuQ3htD+bGl+t2ykTnqMM+ifvSEUitUwY
/lk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:10:16 2025 by rpki-client