Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I5m-d2G6o8b6_agyNLYFyD24vIU.roa
File: I5m-d2G6o8b6_agyNLYFyD24vIU.roa (raw, json)
Hash identifier: ZNaeuKZURXLNtAp2Ak8JQRKVSPG5E8L/1YKEUTB8As8=
Subject key identifier: 23:99:BE:77:61:BA:A3:C6:FA:FD:A8:32:34:B6:05:C8:3D:B8:BC:85
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187B99C4ECB14F70310D1DAB080731A866B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I5m-d2G6o8b6_agyNLYFyD24vIU.roa
Signing time: Tue 25 Apr 2023 18:10:41 +0000
ROA not before: Tue 25 Apr 2023 18:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b9:9c:4e:cb:14:f7:03:10:d1:da:b0:80:73:1a:86:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 25 18:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2399be7761baa3c6fafda83234b605c83db8bc85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:09:86:97:d7:9c:a8:9d:34:62:26:d1:d6:34:
22:0f:1d:03:00:df:61:ae:47:7e:56:bd:44:be:9a:
1d:f5:8d:d7:12:49:74:2e:82:8e:ab:ce:e3:6c:6f:
4d:80:9f:f9:a2:eb:51:0e:8d:98:87:c5:eb:be:d8:
ed:3a:94:98:00:15:61:b4:6d:8f:9e:c0:0f:82:e4:
44:6e:16:c5:4a:c0:b3:a2:09:c2:20:7d:cc:9f:af:
4d:db:4d:59:5e:f1:79:93:b1:85:26:a1:24:55:66:
14:63:dc:59:73:91:d8:42:8b:c1:05:77:69:43:30:
5e:9f:42:f1:cb:58:83:a0:c7:bc:8f:a2:20:aa:9c:
74:48:5e:bc:ea:6a:1d:9a:ff:09:7e:2d:64:5a:68:
ac:eb:d8:69:1c:7e:f5:de:65:5d:8f:68:d8:4f:f8:
c4:8d:55:39:5b:d6:5c:e9:18:b8:c9:67:00:58:71:
58:3a:74:44:d9:64:44:81:a1:48:3e:e3:30:a3:0e:
72:3f:b4:ba:7d:80:dd:ff:c3:e5:f5:45:45:cf:97:
a5:e8:78:a4:4b:9b:1c:8f:34:c5:64:d9:98:3f:39:
76:84:ea:e8:53:2c:33:78:eb:8b:cd:5b:33:9d:4e:
0d:1a:e7:4f:ed:61:98:a2:e9:b1:ca:23:16:80:0a:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:99:BE:77:61:BA:A3:C6:FA:FD:A8:32:34:B6:05:C8:3D:B8:BC:85
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/I5m-d2G6o8b6_agyNLYFyD24vIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:da:c2:f2:0a:ab:38:6a:f2:25:42:ee:79:27:7f:97:e6:75:
3f:31:4c:66:6a:b8:4e:9d:35:8c:ef:f3:65:64:62:a0:9d:4a:
18:42:29:d7:63:13:67:e6:29:79:73:2b:52:7b:96:5f:db:e7:
c8:19:61:a7:00:a3:3d:69:65:65:73:91:9c:59:68:66:1c:8f:
0e:89:bc:91:24:38:26:d6:7d:ec:dc:ed:a9:d3:4e:9a:71:7e:
93:4f:cc:18:b8:c0:ce:75:10:ef:7a:a9:78:2d:5a:00:c1:ee:
a1:f4:d6:02:21:62:a7:12:81:b2:f8:aa:3f:71:e2:ce:d2:71:
af:40:05:09:63:ff:80:33:98:4e:60:88:9a:c2:ae:c7:af:eb:
fe:12:6d:ea:5a:3c:9a:84:1c:2c:f3:60:00:f8:91:3b:ab:e5:
84:a6:69:ea:5e:d2:03:05:55:a8:6b:a5:1f:0a:44:c2:69:15:
99:c7:13:4f:96:84:d1:f4:4d:1b:11:b2:02:85:12:3b:da:29:
9b:ce:62:51:73:62:77:22:75:67:4a:f3:9c:1c:82:7f:a3:c8:
1e:c2:5c:62:55:42:dd:6c:5d:90:40:5c:8b:44:6f:8d:b4:eb:
0e:05:06:95:24:16:ee:e0:05:f9:a5:cb:19:1b:8d:4a:ea:74:
03:eb:b5:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYe5nE7LFPcDENHasIBzGoZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI1MTgxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk5YmU3NzYxYmFhM2M2ZmFmZGE4MzIzNGI2MDVjODNkYjhiYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQmGl9ecqJ00YibR1jQiDx0DAN9h
rkd+Vr1Evpod9Y3XEkl0LoKOq87jbG9NgJ/5outRDo2Yh8XrvtjtOpSYABVhtG2P
nsAPguREbhbFSsCzognCIH3Mn69N201ZXvF5k7GFJqEkVWYUY9xZc5HYQovBBXdp
QzBen0Lxy1iDoMe8j6Igqpx0SF686modmv8Jfi1kWmis69hpHH713mVdj2jYT/jE
jVU5W9Zc6Ri4yWcAWHFYOnRE2WREgaFIPuMwow5yP7S6fYDd/8Pl9UVFz5el6Hik
S5scjzTFZNmYPzl2hOroUywzeOuLzVsznU4NGudP7WGYoumxyiMWgApwQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCOZvndhuqPG+v2oMjS2Bcg9uLyFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSTVtLWQyRzZvOGI2X2FneU5MWUZ5RDI0dklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALXawvIKqzhq8iVC7nkn
f5fmdT8xTGZquE6dNYzv82VkYqCdShhCKddjE2fmKXlzK1J7ll/b58gZYacAoz1p
ZWVzkZxZaGYcjw6JvJEkOCbWfezc7anTTppxfpNPzBi4wM51EO96qXgtWgDB7qH0
1gIhYqcSgbL4qj9x4s7Sca9ABQlj/4AzmE5giJrCrsev6/4SbepaPJqEHCzzYAD4
kTur5YSmaepe0gMFVahrpR8KRMJpFZnHE0+WhNH0TRsRsgKFEjvaKZvOYlFzYnci
dWdK85wcgn+jyB7CXGJVQt1sXZBAXItEb4206w4FBpUkFu7gBfmlyxkbjUrqdAPr
tYw=
-----END CERTIFICATE-----
Generated at Thu May 1 03:42:54 2025 by rpki-client