Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I4wcO-xuAS73ZzzXeSWEg70hgYc.roa
File: I4wcO-xuAS73ZzzXeSWEg70hgYc.roa (raw, json)
Hash identifier: fxE+3KJcd2+r58i4AzrcP8TdkCmHLn/MRYCoddubj0M=
Subject key identifier: 23:8C:1C:3B:EC:6E:01:2E:F7:67:3C:D7:79:25:84:83:BD:21:81:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F53880FA20055B3249A559AC4D5FEE8C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I4wcO-xuAS73ZzzXeSWEg70hgYc.roa
Signing time: Mon 14 Aug 2023 18:04:28 +0000
ROA not before: Mon 14 Aug 2023 18:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:f538:70d7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f5:38:80:fa:20:05:5b:32:49:a5:59:ac:4d:5f:ee:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 14 18:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=238c1c3bec6e012ef7673cd779258483bd218187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a1:ac:97:c4:d8:42:38:f8:6b:b5:82:4a:fe:
fe:c8:09:4b:cb:52:2c:4d:89:3a:54:ca:9d:93:ce:
64:50:5d:4a:d2:ce:b3:69:3a:43:2a:15:46:fc:e0:
14:10:dc:84:23:0d:56:71:88:52:9c:30:e6:68:42:
53:9f:32:a2:c9:b0:1c:c0:a5:cc:49:7d:f4:e5:1b:
e7:0d:ba:78:30:57:0d:e8:87:f2:37:a0:0c:a9:29:
08:13:14:da:04:cd:09:96:a3:44:a7:6b:f7:35:bf:
41:fa:d1:ad:cf:84:b3:c1:e5:f8:2c:98:a3:92:cf:
a0:6c:96:5a:81:a0:4d:f9:78:ad:40:ab:01:7c:1a:
03:e6:3c:14:19:5a:03:58:59:49:e8:59:bc:83:fc:
a3:86:62:0a:09:51:5b:e2:29:09:62:55:43:08:af:
31:73:e2:b9:16:8f:77:53:7e:a5:a3:22:43:f1:ec:
57:a6:9b:62:e4:6f:8a:3d:c6:4e:8a:83:fb:b0:7c:
95:db:a6:0d:a8:5b:d5:04:4d:0f:06:a5:a4:74:3d:
53:e4:fd:ef:f3:b1:22:3a:98:15:f2:9c:91:8b:ce:
8d:07:4b:ba:1f:e3:fa:17:1a:42:6a:69:91:17:fb:
9d:a2:53:38:65:2a:d2:72:f4:ce:f6:05:c1:25:b6:
ca:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8C:1C:3B:EC:6E:01:2E:F7:67:3C:D7:79:25:84:83:BD:21:81:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I4wcO-xuAS73ZzzXeSWEg70hgYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:d4:16:5d:72:cc:57:e9:71:5f:a8:a1:8a:8d:f3:ea:7c:2a:
4e:83:07:48:36:e4:e3:0f:9e:ff:df:ed:09:ca:05:ab:af:f3:
95:d0:69:53:f8:8a:e2:a6:fc:a8:36:ec:a5:92:3f:43:e3:ef:
79:94:8e:b1:76:3f:b4:3e:02:85:96:72:71:6e:e0:1b:a2:1d:
e5:e9:a7:f4:55:70:5e:6c:15:e5:16:82:5d:7b:02:5f:c0:65:
4a:66:78:20:51:bb:d8:10:4e:c2:9d:04:06:a8:37:ba:fe:4a:
49:5a:4d:c5:48:4a:63:2a:9a:f9:37:5a:a7:b5:cf:cf:13:92:
0a:de:b9:75:b0:30:2e:ce:93:58:10:94:f6:93:4e:ae:f4:fe:
3f:8c:7f:8d:06:0a:a6:26:e5:a4:28:20:3b:d6:ff:4b:4a:d9:
8a:69:56:7f:55:2a:0b:c2:96:00:b7:13:29:1d:48:4b:6d:f0:
e9:69:8c:e0:e4:0b:e7:1c:06:61:64:1e:42:a8:db:b2:47:4d:
16:54:8f:d5:bc:e9:29:11:b8:38:84:25:f0:0e:eb:12:5b:5b:
25:c1:9d:86:48:89:ec:b1:b6:e1:60:cc:79:4e:4d:b6:c9:b5:
79:df:c5:39:0e:99:0f:1c:56:ff:b4:10:5a:1b:61:03:56:e0:
79:86:b0:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn1OID6IAVbMkmlWaxNX+6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE0MTgwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhjMWMzYmVjNmUwMTJlZjc2NzNjZDc3OTI1ODQ4M2JkMjE4MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Gsl8TYQjj4a7WCSv7+yAlLy1Is
TYk6VMqdk85kUF1K0s6zaTpDKhVG/OAUENyEIw1WcYhSnDDmaEJTnzKiybAcwKXM
SX305RvnDbp4MFcN6IfyN6AMqSkIExTaBM0JlqNEp2v3Nb9B+tGtz4SzweX4LJij
ks+gbJZagaBN+XitQKsBfBoD5jwUGVoDWFlJ6Fm8g/yjhmIKCVFb4ikJYlVDCK8x
c+K5Fo93U36loyJD8exXppti5G+KPcZOioP7sHyV26YNqFvVBE0PBqWkdD1T5P3v
87EiOpgV8pyRi86NB0u6H+P6FxpCammRF/udolM4ZSrScvTO9gXBJbbK0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCOMHDvsbgEu92c813klhIO9IYGHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSTR3Y08teHVBUzczWnp6WGVTV0VnNzBoZ1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEXUFl1yzFfpcV+ooYqN
8+p8Kk6DB0g25OMPnv/f7QnKBauv85XQaVP4iuKm/Kg27KWSP0Pj73mUjrF2P7Q+
AoWWcnFu4BuiHeXpp/RVcF5sFeUWgl17Al/AZUpmeCBRu9gQTsKdBAaoN7r+Skla
TcVISmMqmvk3Wqe1z88TkgreuXWwMC7Ok1gQlPaTTq70/j+Mf40GCqYm5aQoIDvW
/0tK2YppVn9VKgvClgC3EykdSEtt8OlpjODkC+ccBmFkHkKo27JHTRZUj9W86SkR
uDiEJfAO6xJbWyXBnYZIieyxtuFgzHlOTbbJtXnfxTkOmQ8cVv+0EFobYQNW4HmG
sB0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:24:19 2025 by rpki-client