Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G-iNsEGOJ7opQez6vgQFF1G0PfA.roa
File: G-iNsEGOJ7opQez6vgQFF1G0PfA.roa (raw, json)
Hash identifier: s7hoZW8AXTcTGUnsuTrTmCE8qM0IfbKVVzqt/htluc4=
Subject key identifier: 1B:E8:8D:B0:41:8E:27:BA:29:41:EC:FA:BE:04:05:17:51:B4:3D:F0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A276EFE72765D74F507390DEEC7D6B150
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G-iNsEGOJ7opQez6vgQFF1G0PfA.roa
Signing time: Thu 24 Aug 2023 12:05:00 +0000
ROA not before: Thu 24 Aug 2023 12:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:18a:276e:6a3d/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:6e:fe:72:76:5d:74:f5:07:39:0d:ee:c7:d6:b1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 12:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1be88db0418e27ba2941ecfabe04051751b43df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:85:0d:2b:10:0c:bb:11:78:6b:0f:40:90:99:
09:21:c3:34:eb:18:2c:37:14:ee:4d:c0:09:e9:76:
5c:73:93:f3:10:ad:14:4c:ee:35:82:ea:32:07:45:
21:2c:34:2b:54:38:b2:e1:06:78:a7:b0:76:2e:77:
b3:95:c8:2d:23:22:5e:cc:08:fb:69:68:aa:61:86:
52:81:45:49:94:0f:15:5a:a3:7a:30:b3:c9:f6:ea:
df:77:c6:38:85:5b:cb:84:2f:28:79:b5:e3:0d:81:
11:42:bc:d4:5b:d2:3e:d6:fa:9f:07:e8:be:c6:ad:
96:4e:32:de:22:52:d7:f8:a0:cb:db:82:5d:91:b7:
08:40:f6:12:14:75:26:33:49:37:57:21:dd:60:28:
30:11:98:59:42:6c:43:7a:d9:97:5c:6d:25:eb:2f:
8b:59:9d:05:14:85:99:6b:a3:90:d4:a0:a2:49:b9:
8b:55:17:e5:43:f4:29:45:f1:f2:65:b3:04:d4:4b:
9e:a5:79:af:13:67:00:ca:00:94:6b:0e:c4:3d:1d:
47:ed:0d:26:9f:86:96:e9:dd:c9:36:17:8e:c4:2f:
ac:3e:30:0e:e9:5f:d8:88:d7:e8:80:9a:be:e4:ce:
9e:c6:07:f5:c1:77:5f:6f:eb:ca:34:0d:aa:34:25:
ed:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E8:8D:B0:41:8E:27:BA:29:41:EC:FA:BE:04:05:17:51:B4:3D:F0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G-iNsEGOJ7opQez6vgQFF1G0PfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:08:b0:40:c0:26:cb:93:85:91:8c:e4:7e:12:85:fd:3d:75:
9b:2a:04:c4:de:74:2e:d7:04:89:b4:a1:80:a8:ec:e0:9d:f6:
97:48:8a:85:21:67:46:5f:84:74:c6:72:47:2c:b9:d7:72:44:
4c:76:11:4d:a4:5f:05:a7:32:4d:68:fa:40:1d:9e:7b:b1:01:
8e:7f:f2:0a:52:9c:f5:71:58:35:86:64:74:1e:62:8e:f4:a7:
fc:b9:4b:3b:0b:ba:f1:66:31:77:16:96:f3:5a:01:79:e3:82:
0e:e0:1e:4b:66:9b:0a:d9:0a:8f:31:ec:9a:66:3f:0b:a5:e8:
4e:ef:e3:9b:b3:a8:fd:b2:2d:60:3d:29:bc:56:a6:ac:e1:d6:
5a:90:93:9d:eb:e8:58:22:99:a9:42:30:00:66:b9:b0:31:69:
1f:de:b0:6c:d7:b8:c9:0b:43:60:9a:88:f3:d5:8c:b9:42:06:
5e:5d:46:1b:43:e2:f6:47:37:8f:1b:96:ae:fa:8e:97:c3:00:
09:ed:67:8c:ca:a7:e1:22:39:42:06:19:23:a5:cb:8b:9b:3f:
34:45:0e:ff:61:e2:9c:de:e5:06:12:ab:cd:30:f1:57:9e:77:
6b:1a:bf:53:fc:23:28:f8:7f:9b:2c:64:2d:1f:7a:b5:e6:a1:
da:e9:ef:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYonbv5ydl109Qc5De7H1rFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MTIwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmU4OGRiMDQxOGUyN2JhMjk0MWVjZmFiZTA0MDUxNzUxYjQzZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoUNKxAMuxF4aw9AkJkJIcM06xgs
NxTuTcAJ6XZcc5PzEK0UTO41guoyB0UhLDQrVDiy4QZ4p7B2LnezlcgtIyJezAj7
aWiqYYZSgUVJlA8VWqN6MLPJ9urfd8Y4hVvLhC8oebXjDYERQrzUW9I+1vqfB+i+
xq2WTjLeIlLX+KDL24JdkbcIQPYSFHUmM0k3VyHdYCgwEZhZQmxDetmXXG0l6y+L
WZ0FFIWZa6OQ1KCiSbmLVRflQ/QpRfHyZbME1EuepXmvE2cAygCUaw7EPR1H7Q0m
n4aW6d3JNheOxC+sPjAO6V/YiNfogJq+5M6exgf1wXdfb+vKNA2qNCXtMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBvojbBBjie6KUHs+r4EBRdRtD3wMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRy1pTnNFR09KN29wUWV6NnZnUUZGMUcwUGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJsIsEDAJsuThZGM5H4S
hf09dZsqBMTedC7XBIm0oYCo7OCd9pdIioUhZ0ZfhHTGckcsuddyREx2EU2kXwWn
Mk1o+kAdnnuxAY5/8gpSnPVxWDWGZHQeYo70p/y5SzsLuvFmMXcWlvNaAXnjgg7g
HktmmwrZCo8x7JpmPwul6E7v45uzqP2yLWA9KbxWpqzh1lqQk53r6FgimalCMABm
ubAxaR/esGzXuMkLQ2CaiPPVjLlCBl5dRhtD4vZHN48blq76jpfDAAntZ4zKp+Ei
OUIGGSOly4ubPzRFDv9h4pze5QYSq80w8Veed2sav1P8Iyj4f5ssZC0ferXmodrp
73Y=
-----END CERTIFICATE-----
Generated at Sat May 3 14:47:40 2025 by rpki-client