Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I2EhxAQEsnk_taDFp74wKp3Ltnw.roa
File: I2EhxAQEsnk_taDFp74wKp3Ltnw.roa (raw, json)
Hash identifier: GwLxRC2i1qDXdBtHM7sXbV0ss0wWuBgm9jwWxfJ+XsU=
Subject key identifier: 23:61:21:C4:04:04:B2:79:3F:B5:A0:C5:A7:BE:30:2A:9D:CB:B6:7C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3862E3B441C8A6B98BEA3AEB61CCE841
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I2EhxAQEsnk_taDFp74wKp3Ltnw.roa
Signing time: Sun 27 Aug 2023 19:05:19 +0000
ROA not before: Sun 27 Aug 2023 19:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:3861:f72d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:38:62:e3:b4:41:c8:a6:b9:8b:ea:3a:eb:61:cc:e8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 27 19:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=236121c40404b2793fb5a0c5a7be302a9dcbb67c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:f5:e4:37:4c:b6:85:b8:a3:b9:e4:e5:76:
77:c9:65:40:5e:1d:16:e5:13:b3:1c:39:cd:47:ca:
0f:26:19:2f:16:94:72:c5:2c:96:31:73:01:dd:91:
8f:c1:08:f6:a9:5d:47:15:bf:b4:2e:6a:e1:d8:a2:
2b:7f:bc:8b:85:97:75:ab:24:57:a5:7f:16:f2:e4:
b8:43:db:bf:e5:ec:5a:9b:8d:49:19:13:42:94:76:
ac:15:0e:05:6e:b1:53:6e:22:a2:8e:30:b1:0c:61:
85:01:26:6c:78:b9:dd:f8:0f:ec:c3:20:e3:2e:97:
75:1f:55:a7:8f:59:69:9f:58:29:09:1e:40:ff:92:
88:f7:41:9b:fd:c1:e1:6b:47:f7:3c:43:04:f8:79:
60:7b:bc:87:1a:2a:b1:ab:7e:cd:e1:c5:19:a8:e3:
21:b8:63:ea:60:b1:93:af:bf:a1:4f:0c:0e:7f:a0:
93:97:e1:3e:cf:ad:3d:f2:9c:6d:8a:4e:45:36:96:
38:f6:fd:de:81:05:9e:55:0a:a0:ab:94:03:c3:f6:
50:f6:da:bf:d9:68:e6:70:47:aa:30:f4:6f:f7:5b:
fa:7d:b1:a5:71:c0:b5:25:05:00:90:05:33:ce:c5:
94:61:a0:37:3f:30:dc:a1:d7:5e:c8:d6:e4:60:fd:
73:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:61:21:C4:04:04:B2:79:3F:B5:A0:C5:A7:BE:30:2A:9D:CB:B6:7C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I2EhxAQEsnk_taDFp74wKp3Ltnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:c5:cc:47:c6:bd:fd:a9:1d:af:bc:29:b4:40:5c:40:15:ec:
56:26:dc:d8:50:da:1e:a7:3f:84:14:7b:c2:2e:75:b9:26:fe:
21:d6:3b:45:a0:53:07:b3:d1:78:01:3f:24:2d:c8:19:42:12:
79:d3:60:c6:55:8b:3d:2a:ce:10:98:93:83:4d:ef:1b:e4:48:
18:c9:75:cc:5c:cf:db:d4:81:6a:29:e5:d7:fd:1b:ea:06:e6:
83:5d:ba:90:04:da:d4:dd:22:49:3c:18:09:51:8d:29:2d:6a:
ad:48:66:76:0e:8c:f5:01:d6:5c:7c:5c:27:50:db:d0:29:1b:
a4:12:31:f2:e0:9c:72:04:e9:52:4e:b8:ff:dd:54:6c:2d:89:
f0:ed:6e:bc:42:e8:f1:d5:01:45:2b:f8:88:81:87:47:64:16:
da:4f:9b:2f:14:f8:37:7c:7a:d1:a1:fe:11:22:db:08:e9:6f:
99:1e:9d:7d:78:2f:6e:50:c7:43:82:f5:74:85:f3:b8:fb:aa:
a7:56:a9:e3:fd:50:a6:2d:7c:49:fd:f1:1b:fe:38:5b:1f:8f:
d3:ea:a4:37:f8:10:61:0f:d4:f1:e7:cb:db:39:b1:77:e7:08:
ac:d7:62:7b:4b:27:b3:91:69:a9:a8:db:fd:b8:81:99:5f:2d:
d0:0f:16:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo4YuO0QcimuYvqOuthzOhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI3MTkwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzYxMjFjNDA0MDRiMjc5M2ZiNWEwYzVhN2JlMzAyYTlkY2JiNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlL15DdMtoW4o7nk5XZ3yWVAXh0W
5ROzHDnNR8oPJhkvFpRyxSyWMXMB3ZGPwQj2qV1HFb+0Lmrh2KIrf7yLhZd1qyRX
pX8W8uS4Q9u/5exam41JGRNClHasFQ4FbrFTbiKijjCxDGGFASZseLnd+A/swyDj
Lpd1H1Wnj1lpn1gpCR5A/5KI90Gb/cHha0f3PEME+Hlge7yHGiqxq37N4cUZqOMh
uGPqYLGTr7+hTwwOf6CTl+E+z6098pxtik5FNpY49v3egQWeVQqgq5QDw/ZQ9tq/
2WjmcEeqMPRv91v6fbGlccC1JQUAkAUzzsWUYaA3PzDcoddeyNbkYP1zXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCNhIcQEBLJ5P7Wgxae+MCqdy7Z8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSTJFaHhBUUVzbmtfdGFERnA3NHdLcDNMdG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGnFzEfGvf2pHa+8KbRA
XEAV7FYm3NhQ2h6nP4QUe8Iudbkm/iHWO0WgUwez0XgBPyQtyBlCEnnTYMZViz0q
zhCYk4NN7xvkSBjJdcxcz9vUgWop5df9G+oG5oNdupAE2tTdIkk8GAlRjSktaq1I
ZnYOjPUB1lx8XCdQ29ApG6QSMfLgnHIE6VJOuP/dVGwtifDtbrxC6PHVAUUr+IiB
h0dkFtpPmy8U+Dd8etGh/hEi2wjpb5kenX14L25Qx0OC9XSF87j7qqdWqeP9UKYt
fEn98Rv+OFsfj9PqpDf4EGEP1PHny9s5sXfnCKzXYntLJ7ORaamo2/24gZlfLdAP
FpA=
-----END CERTIFICATE-----
Generated at Thu May 1 16:00:29 2025 by rpki-client