Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9IlSlMt0URGGZJz9PKkIa-DWmE4.roa
File: 9IlSlMt0URGGZJz9PKkIa-DWmE4.roa (raw, json)
Hash identifier: hfwrHqRGs5/yJINl+0dglHv1xPmuoeFd9j8ypLH9uDc=
Subject key identifier: F4:89:52:94:CB:74:51:11:86:64:9C:FD:3C:A9:08:6B:E0:D6:98:4E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C6AF3314322FC55BD4ECA85859B8AF81
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9IlSlMt0URGGZJz9PKkIa-DWmE4.roa
Signing time: Sat 05 Aug 2023 17:11:57 +0000
ROA not before: Sat 05 Aug 2023 17:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:af:33:14:32:2f:c5:5b:d4:ec:a8:58:59:b8:af:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 5 17:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4895294cb74511186649cfd3ca9086be0d6984e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2b:05:81:03:36:34:69:9f:49:13:2b:81:ed:
b7:c7:7a:65:1b:b2:d5:1e:39:01:5f:35:b3:d3:a8:
ca:15:d2:c3:77:49:17:54:19:9d:5e:a4:69:10:3d:
9b:d6:92:27:8a:47:8b:d5:1e:3b:7d:9a:ed:cd:cf:
a8:47:f6:ee:2c:32:91:e0:63:5a:c5:3f:ac:fb:5a:
99:a9:87:b5:cf:03:5a:9d:f1:b6:90:96:c7:ff:0a:
aa:1c:93:35:00:69:70:4c:e1:e3:1d:2f:09:19:d5:
84:74:e1:78:44:63:f8:a0:3c:63:5f:77:77:e1:e6:
82:86:fe:e0:62:5e:ee:61:9d:d0:6a:ec:6e:57:94:
ee:fe:cf:95:da:b1:c9:99:6c:e8:d6:1b:00:39:35:
52:01:e5:db:26:29:0e:a2:ca:e9:8f:97:bd:74:a6:
8b:d9:b8:b6:a9:18:34:f2:79:8b:b4:c3:3f:1d:78:
07:82:3c:10:6f:1a:9b:40:ae:c3:bc:59:09:70:e1:
58:19:ce:41:78:05:02:d4:7b:b0:b2:ba:a6:9e:96:
c5:c4:eb:73:ee:ba:4c:0f:4e:38:4a:cb:f4:22:55:
f7:55:23:7d:6d:6f:53:11:be:4c:00:2b:b1:fa:9e:
b2:04:91:40:fd:17:8a:97:86:c5:a4:53:4f:8e:be:
b4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:89:52:94:CB:74:51:11:86:64:9C:FD:3C:A9:08:6B:E0:D6:98:4E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9IlSlMt0URGGZJz9PKkIa-DWmE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:2e:8b:b6:74:2c:71:4f:0f:a6:9a:f5:47:e5:0a:fe:ce:e2:
13:ec:2e:e3:da:46:fe:e1:c0:f8:ce:0b:b2:82:f4:98:95:b6:
d8:3d:29:a2:31:3b:c1:16:67:9f:5e:00:19:d4:02:6d:f7:6a:
1e:e7:cf:16:34:74:35:de:88:40:c0:82:14:ee:54:62:0c:9b:
82:51:69:a0:8c:5b:97:24:6a:93:e9:0b:c4:ec:7f:62:4b:e8:
70:bb:00:a2:cc:85:07:a9:c3:bf:8f:6f:1d:b3:f6:5e:af:a5:
c7:f2:75:95:9c:46:a1:99:d7:22:5a:6a:05:4f:fd:0c:f5:c4:
05:6e:51:db:87:d8:59:ee:e3:b5:86:68:a4:a1:97:2a:b4:82:
32:8d:1b:47:5a:eb:21:a3:4c:84:b9:38:26:c4:8d:84:18:12:
5e:32:a8:f9:da:f5:3a:6a:ae:fe:f5:04:a6:68:cf:b1:07:e8:
0e:13:c3:78:8e:f9:cf:00:bd:89:ca:8f:25:35:4a:c7:6e:40:
67:fc:a6:7b:c4:ff:53:30:56:39:3a:26:45:ff:f1:bf:3a:c6:
0b:fc:a4:c7:5e:34:94:c3:59:88:66:eb:2e:62:83:4d:f4:97:
c0:d2:0d:69:60:cb:df:a7:e1:3c:90:47:71:b8:35:29:a1:f7:
69:3f:97:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnGrzMUMi/FW9TsqFhZuK+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA1MTcxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg5NTI5NGNiNzQ1MTExODY2NDljZmQzY2E5MDg2YmUwZDY5ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnysFgQM2NGmfSRMrge23x3plG7LV
HjkBXzWz06jKFdLDd0kXVBmdXqRpED2b1pInikeL1R47fZrtzc+oR/buLDKR4GNa
xT+s+1qZqYe1zwNanfG2kJbH/wqqHJM1AGlwTOHjHS8JGdWEdOF4RGP4oDxjX3d3
4eaChv7gYl7uYZ3QauxuV5Tu/s+V2rHJmWzo1hsAOTVSAeXbJikOosrpj5e9dKaL
2bi2qRg08nmLtMM/HXgHgjwQbxqbQK7DvFkJcOFYGc5BeAUC1HuwsrqmnpbFxOtz
7rpMD044Ssv0IlX3VSN9bW9TEb5MACux+p6yBJFA/ReKl4bFpFNPjr60rQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSJUpTLdFERhmSc/TypCGvg1phOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOUlsU2xNdDBVUkdHWkp6OVBLa0lhLURXbUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEQui7Z0LHFPD6aa9Ufl
Cv7O4hPsLuPaRv7hwPjOC7KC9JiVttg9KaIxO8EWZ59eABnUAm33ah7nzxY0dDXe
iEDAghTuVGIMm4JRaaCMW5ckapPpC8Tsf2JL6HC7AKLMhQepw7+Pbx2z9l6vpcfy
dZWcRqGZ1yJaagVP/Qz1xAVuUduH2Fnu47WGaKShlyq0gjKNG0da6yGjTIS5OCbE
jYQYEl4yqPna9Tpqrv71BKZoz7EH6A4Tw3iO+c8AvYnKjyU1SsduQGf8pnvE/1Mw
Vjk6JkX/8b86xgv8pMdeNJTDWYhm6y5ig030l8DSDWlgy9+n4TyQR3G4NSmh92k/
lzY=
-----END CERTIFICATE-----
Generated at Sat May 3 02:02:17 2025 by rpki-client