Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I3rtg_ojqgQDIzqD4ak6MZK_aGo.roa
File: I3rtg_ojqgQDIzqD4ak6MZK_aGo.roa (raw, json)
Hash identifier: Ui1sP499PNCzpItP0rr2bMS5zHOoAHFfbNmjc75BnTQ=
Subject key identifier: 23:7A:ED:83:FA:23:AA:04:03:23:3A:83:E1:A9:3A:31:92:BF:68:6A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184A460C624357F7B9754E444C302FCE9B8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I3rtg_ojqgQDIzqD4ak6MZK_aGo.roa
Signing time: Wed 23 Nov 2022 12:05:16 +0000
ROA not before: Wed 23 Nov 2022 12:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:a460:1b02/128 maxlen: 128
2001:67c:64:ffff:0:184:9f03:9814/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:60:c6:24:35:7f:7b:97:54:e4:44:c3:02:fc:e9:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 23 12:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=237aed83fa23aa0403233a83e1a93a3192bf686a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b6:d2:01:78:4e:00:cf:71:af:b5:df:60:af:
21:e8:f5:b6:93:ff:14:0b:73:95:a0:aa:d0:1c:45:
42:85:ab:81:f2:a0:a4:82:f8:bc:68:a2:2c:58:ce:
7e:72:7d:8f:b1:75:a8:b8:c8:90:eb:6f:a4:74:57:
d4:2c:62:dc:7e:53:a3:8b:f0:91:35:f6:99:64:2d:
aa:6f:8e:f4:2c:9b:1a:da:83:df:f2:9c:3a:70:9d:
97:f0:2d:49:62:cf:65:6f:78:1d:0b:91:5a:7d:5c:
cc:0a:cd:61:c8:07:33:c2:d2:42:90:92:8e:f2:4d:
d5:41:3f:25:3b:bd:db:17:d1:09:8d:bb:72:1d:5a:
fc:44:4f:9a:a9:b4:1f:d6:71:73:9b:0b:ca:5f:72:
99:80:bb:92:2a:9b:0f:fa:58:f7:5c:c1:81:a7:af:
ba:28:22:db:2e:d8:2a:0b:f7:12:dc:6e:35:33:93:
92:7f:c4:7f:e7:45:24:e8:bf:70:ef:2f:86:8e:71:
45:99:f4:9b:c1:cc:dd:5a:f0:65:0a:60:f9:80:4b:
2c:05:3c:4a:2a:ac:24:8c:99:bc:a3:49:2a:48:0a:
2d:c3:6a:41:cc:b1:3b:25:a9:fc:39:e8:e0:6f:08:
bb:99:c3:08:c4:15:41:1d:4f:5f:fb:45:64:bd:57:
04:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7A:ED:83:FA:23:AA:04:03:23:3A:83:E1:A9:3A:31:92:BF:68:6A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I3rtg_ojqgQDIzqD4ak6MZK_aGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:c4:7c:fb:1e:c3:53:32:e2:59:78:d7:ad:94:35:17:be:63:
b3:7c:46:ef:13:ea:1d:8b:29:af:ef:5c:db:70:2f:77:d0:59:
bc:ca:5d:6d:25:16:c0:81:75:df:a4:13:90:4b:01:52:1f:d0:
08:76:67:a0:f0:59:a9:fd:64:76:4c:24:d5:c2:b8:13:5d:00:
5e:d4:84:24:f1:aa:3c:eb:45:e9:cf:eb:13:95:62:e4:0a:a2:
60:34:74:c1:f8:bf:64:a3:ca:18:ef:e5:c3:c9:6c:d7:60:4e:
8e:ba:d4:08:f3:3d:27:c9:93:2c:7d:0b:86:b4:f2:0f:a6:2c:
95:61:86:b7:92:d7:dc:b3:e5:eb:4b:e7:66:62:44:64:9e:b2:
ee:d1:97:60:dc:69:be:ef:54:6a:63:9c:1a:2f:c3:12:86:4a:
4c:ba:e8:70:a0:50:16:89:e3:37:ae:09:44:47:4b:37:7c:44:
b9:a4:a7:18:fb:e0:f8:ad:86:2f:10:2b:e7:d3:7f:b0:1a:58:
4e:95:74:5c:c7:8a:f5:70:a9:1a:99:27:c4:78:3b:5e:28:ab:
e2:9e:73:f6:1d:c8:7f:84:4a:e9:66:89:10:83:63:7a:2d:54:
bc:f4:0e:b4:26:b4:43:36:32:7d:db:db:34:11:89:fa:0e:9e:
a1:fc:e9:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSkYMYkNX97l1TkRMMC/Om4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTIzMTIwNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdhZWQ4M2ZhMjNhYTA0MDMyMzNhODNlMWE5M2EzMTkyYmY2ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7bSAXhOAM9xr7XfYK8h6PW2k/8U
C3OVoKrQHEVChauB8qCkgvi8aKIsWM5+cn2PsXWouMiQ62+kdFfULGLcflOji/CR
NfaZZC2qb470LJsa2oPf8pw6cJ2X8C1JYs9lb3gdC5FafVzMCs1hyAczwtJCkJKO
8k3VQT8lO73bF9EJjbtyHVr8RE+aqbQf1nFzmwvKX3KZgLuSKpsP+lj3XMGBp6+6
KCLbLtgqC/cS3G41M5OSf8R/50Uk6L9w7y+GjnFFmfSbwczdWvBlCmD5gEssBTxK
KqwkjJm8o0kqSAotw2pBzLE7Jan8Oejgbwi7mcMIxBVBHU9f+0VkvVcElwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCN67YP6I6oEAyM6g+GpOjGSv2hqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSTNydGdfb2pxZ1FESXpxRDRhazZNWktfYUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJXEfPsew1My4ll4162U
NRe+Y7N8Ru8T6h2LKa/vXNtwL3fQWbzKXW0lFsCBdd+kE5BLAVIf0Ah2Z6DwWan9
ZHZMJNXCuBNdAF7UhCTxqjzrRenP6xOVYuQKomA0dMH4v2Sjyhjv5cPJbNdgTo66
1AjzPSfJkyx9C4a08g+mLJVhhreS19yz5etL52ZiRGSesu7Rl2Dcab7vVGpjnBov
wxKGSky66HCgUBaJ4zeuCURHSzd8RLmkpxj74Pithi8QK+fTf7AaWE6VdFzHivVw
qRqZJ8R4O14oq+Kec/YdyH+ESulmiRCDY3otVLz0DrQmtEM2Mn3b2zQRifoOnqH8
6dI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:17 2025 by rpki-client