Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IMHQw4qE6wz0vbwKx7KUnOEbH1Q.roa
File: IMHQw4qE6wz0vbwKx7KUnOEbH1Q.roa (raw, json)
Hash identifier: PYyVwjFTG2c866HVmDdCEqOHcdWsSh4bsBvg/Ip6XVE=
Subject key identifier: 20:C1:D0:C3:8A:84:EB:0C:F4:BD:BC:0A:C7:B2:94:9C:E1:1B:1F:54
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186465F7D728B2EF677395879DE55A09FA5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IMHQw4qE6wz0vbwKx7KUnOEbH1Q.roa
Signing time: Sun 12 Feb 2023 16:05:08 +0000
ROA not before: Sun 12 Feb 2023 16:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:465e:b308/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:46:5f:7d:72:8b:2e:f6:77:39:58:79:de:55:a0:9f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 12 16:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20c1d0c38a84eb0cf4bdbc0ac7b2949ce11b1f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:69:64:a0:82:fd:37:70:f1:e6:88:d8:9c:2a:
ca:50:f7:2f:3a:b3:b7:70:96:16:38:a7:19:83:f4:
9b:fa:0b:05:c1:f7:0e:26:9d:70:fd:26:89:76:85:
36:76:0d:6a:e0:74:7c:7e:3f:42:c8:be:44:6c:e5:
28:c4:3d:ad:72:73:a6:5c:c5:bf:64:99:3a:de:55:
91:3d:eb:0a:93:e8:08:15:ea:33:01:74:25:c4:87:
68:98:23:98:4b:da:63:c4:8c:60:62:af:7d:86:4c:
f3:ee:67:71:56:83:d6:ec:5f:7b:25:64:9a:92:54:
e7:08:f0:20:46:e3:60:a2:8c:f9:a4:f1:4b:7e:54:
eb:e9:94:38:62:0e:41:d1:b1:a9:bf:ba:7a:43:5c:
53:f5:67:a0:7e:7b:3e:d0:97:56:e5:ea:8a:25:06:
af:2d:d3:5c:46:14:62:fa:b1:89:ac:53:b5:b2:ee:
7a:a2:4b:1e:4c:b2:80:be:a0:e0:52:3e:d4:35:61:
51:2b:98:f5:4e:dd:a0:19:b2:c6:26:17:31:0e:e1:
ec:51:71:cc:c2:93:ec:98:c8:95:72:14:54:51:64:
17:3b:7f:e0:8f:bd:69:9b:37:01:9c:21:59:17:15:
db:72:67:9d:57:74:43:71:24:b2:cc:26:d5:fc:9c:
d4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C1:D0:C3:8A:84:EB:0C:F4:BD:BC:0A:C7:B2:94:9C:E1:1B:1F:54
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IMHQw4qE6wz0vbwKx7KUnOEbH1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:80:b6:16:10:9e:75:42:3d:cd:a6:81:cc:74:6c:b6:22:b5:
c3:30:57:c0:c9:1f:c4:41:b5:fe:b6:03:bc:76:10:f6:64:4d:
af:26:a7:68:1b:f4:93:78:52:18:f0:ed:f1:b3:ca:9a:07:8c:
68:e4:9e:36:52:0f:0d:5e:09:86:4b:aa:e0:da:e6:d1:8b:dc:
d8:aa:10:e9:22:5b:0d:f4:cb:75:0f:2d:f6:3c:4d:05:a3:13:
83:18:c2:01:a5:cc:8b:cb:1b:c0:2c:75:80:05:8a:6c:6a:45:
b2:08:67:4a:6a:25:cf:3c:e5:3f:c3:e5:e0:8f:f2:07:4b:05:
36:e5:1b:5b:32:63:91:78:af:c6:2f:da:19:d0:02:7b:fc:5a:
67:d0:81:38:25:c3:3b:0e:52:4b:c0:d1:7d:1b:ad:8e:aa:95:
2d:90:12:a8:a2:02:7f:28:9e:9e:f3:8e:6c:a5:01:c7:7e:bd:
51:f7:24:35:a3:25:fc:a0:9c:10:83:8c:ce:ab:d2:27:19:f7:
ff:a2:91:5e:70:a2:90:c6:dc:50:5a:24:a6:45:ab:93:50:a3:
98:ff:c9:76:b2:d8:e0:37:e1:e2:ba:3b:d2:22:e3:6c:6a:7e:
70:78:ca:78:96:3c:c5:ef:2b:51:e8:ed:83:fa:86:85:74:ca:
c5:80:d5:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZGX31yiy72dzlYed5VoJ+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEyMTYwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGMxZDBjMzhhODRlYjBjZjRiZGJjMGFjN2IyOTQ5Y2UxMWIxZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWlkoIL9N3Dx5ojYnCrKUPcvOrO3
cJYWOKcZg/Sb+gsFwfcOJp1w/SaJdoU2dg1q4HR8fj9CyL5EbOUoxD2tcnOmXMW/
ZJk63lWRPesKk+gIFeozAXQlxIdomCOYS9pjxIxgYq99hkzz7mdxVoPW7F97JWSa
klTnCPAgRuNgooz5pPFLflTr6ZQ4Yg5B0bGpv7p6Q1xT9Wegfns+0JdW5eqKJQav
LdNcRhRi+rGJrFO1su56okseTLKAvqDgUj7UNWFRK5j1Tt2gGbLGJhcxDuHsUXHM
wpPsmMiVchRUUWQXO3/gj71pmzcBnCFZFxXbcmedV3RDcSSyzCbV/JzUoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCDB0MOKhOsM9L28CseylJzhGx9UMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSU1IUXc0cUU2d3owdmJ3S3g3S1VuT0ViSDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJqAthYQnnVCPc2mgcx0
bLYitcMwV8DJH8RBtf62A7x2EPZkTa8mp2gb9JN4Uhjw7fGzypoHjGjknjZSDw1e
CYZLquDa5tGL3NiqEOkiWw30y3UPLfY8TQWjE4MYwgGlzIvLG8AsdYAFimxqRbII
Z0pqJc885T/D5eCP8gdLBTblG1syY5F4r8Yv2hnQAnv8WmfQgTglwzsOUkvA0X0b
rY6qlS2QEqiiAn8onp7zjmylAcd+vVH3JDWjJfygnBCDjM6r0icZ9/+ikV5wopDG
3FBaJKZFq5NQo5j/yXay2OA34eK6O9Ii42xqfnB4yniWPMXvK1Ho7YP6hoV0ysWA
1fI=
-----END CERTIFICATE-----
Generated at Thu May 1 11:12:08 2025 by rpki-client