Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IUAhUhe18HlLd5KNaHmtEgZTd10.roa
File: IUAhUhe18HlLd5KNaHmtEgZTd10.roa (raw, json)
Hash identifier: M8J/VBVAz/RpVtCz8ospMZ3IrAY92hWAJ8zVFS76UVQ=
Subject key identifier: 21:40:21:52:17:B5:F0:79:4B:77:92:8D:68:79:AD:12:06:53:77:5D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183B6D787C5AD6C66DEFB0EA6DEF76B7D22
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IUAhUhe18HlLd5KNaHmtEgZTd10.roa
Signing time: Sat 08 Oct 2022 09:05:21 +0000
ROA not before: Sat 08 Oct 2022 09:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:b6d6:fe9b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b6:d7:87:c5:ad:6c:66:de:fb:0e:a6:de:f7:6b:7d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 8 09:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2140215217b5f0794b77928d6879ad120653775d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:20:94:ea:3b:84:fa:b8:2f:bd:1c:41:18:11:
aa:cc:23:f7:7a:c1:bb:01:c4:1d:20:18:7e:d6:b6:
34:67:47:cf:01:e5:dc:db:f2:0c:2f:a4:e5:f5:80:
58:13:3f:d6:60:8a:c5:ae:c2:ea:fb:81:c6:c4:9b:
c4:f5:f4:b0:e1:02:36:ec:73:52:00:db:d6:ff:2a:
89:26:ad:70:3e:71:cf:d7:9c:06:86:2b:80:24:d5:
e8:f6:ae:4c:e1:a4:f4:7e:b3:dd:0d:cb:0b:65:66:
e0:9c:25:b0:4f:20:47:ff:ab:ec:77:dd:56:5b:d3:
54:4a:3e:36:ca:6c:cf:33:4e:31:3a:ec:79:e2:21:
60:fb:76:f2:98:b7:b7:43:55:94:10:e1:16:47:aa:
8a:aa:9a:82:56:84:3d:1e:59:6b:66:74:40:00:35:
87:0e:8e:9c:70:21:89:90:50:fd:d1:f4:87:53:93:
75:68:b1:24:4b:d0:e8:08:da:ac:52:cc:ae:30:36:
d2:29:73:54:11:ca:a6:f9:3f:ec:30:f0:99:88:1b:
26:59:09:de:94:a6:70:47:a0:71:4d:a3:eb:71:7b:
40:83:23:ab:22:2f:9c:c8:24:b7:46:5c:ee:cc:e2:
b8:61:16:02:82:ff:38:ea:96:a7:0e:3f:f7:2e:8b:
81:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:40:21:52:17:B5:F0:79:4B:77:92:8D:68:79:AD:12:06:53:77:5D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IUAhUhe18HlLd5KNaHmtEgZTd10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:4b:d5:52:7d:ad:92:0f:8d:d3:1c:1a:7a:9c:57:28:41:cd:
6b:13:1b:51:46:88:33:c5:ea:9a:5e:78:dd:26:f5:b9:47:98:
67:9e:67:66:50:bd:cc:3a:24:82:f2:4b:3a:49:4d:0a:46:08:
db:51:6c:93:af:a8:f9:e9:57:9f:0e:09:1e:77:6f:46:75:a7:
d8:de:b1:ef:72:ab:bd:57:c3:c6:a8:64:37:98:e9:45:b8:19:
34:ad:39:3d:07:28:ae:43:6f:49:ef:20:72:5f:ac:f6:7e:cb:
57:37:68:06:78:61:63:c8:04:cb:10:20:a1:c9:7e:9b:ec:1f:
4a:9e:a3:40:f9:df:4b:e5:24:c4:ff:09:4a:18:bd:dd:dc:d4:
65:9d:89:4a:50:98:34:5f:af:18:53:ab:21:c2:c6:f6:c2:fb:
42:a0:8e:62:f4:10:20:a2:4f:c2:38:b8:46:3b:5b:be:00:a0:
cd:f4:fb:1a:f9:3b:9c:31:09:95:4b:4d:4f:e0:47:9b:66:1a:
a1:e5:3e:c4:6a:7a:42:1b:64:50:7e:3a:42:5e:d1:35:f5:09:
b7:60:db:29:c3:48:a5:f9:59:4b:56:3a:ce:65:fb:10:fb:c7:
05:3c:3e:e1:b6:10:62:53:1d:aa:50:e3:a0:30:20:d9:0f:fb:
ec:bb:ef:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYO214fFrWxm3vsOpt73a30iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDA4MDkwNTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQwMjE1MjE3YjVmMDc5NGI3NzkyOGQ2ODc5YWQxMjA2NTM3NzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSCU6juE+rgvvRxBGBGqzCP3esG7
AcQdIBh+1rY0Z0fPAeXc2/IML6Tl9YBYEz/WYIrFrsLq+4HGxJvE9fSw4QI27HNS
ANvW/yqJJq1wPnHP15wGhiuAJNXo9q5M4aT0frPdDcsLZWbgnCWwTyBH/6vsd91W
W9NUSj42ymzPM04xOux54iFg+3bymLe3Q1WUEOEWR6qKqpqCVoQ9HllrZnRAADWH
Do6ccCGJkFD90fSHU5N1aLEkS9DoCNqsUsyuMDbSKXNUEcqm+T/sMPCZiBsmWQne
lKZwR6BxTaPrcXtAgyOrIi+cyCS3RlzuzOK4YRYCgv846panDj/3LouBcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCFAIVIXtfB5S3eSjWh5rRIGU3ddMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSVVBaFVoZTE4SGxMZDVLTmFIbXRFZ1pUZDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZL1VJ9rZIPjdMcGnqc
VyhBzWsTG1FGiDPF6ppeeN0m9blHmGeeZ2ZQvcw6JILySzpJTQpGCNtRbJOvqPnp
V58OCR53b0Z1p9jese9yq71Xw8aoZDeY6UW4GTStOT0HKK5Db0nvIHJfrPZ+y1c3
aAZ4YWPIBMsQIKHJfpvsH0qeo0D530vlJMT/CUoYvd3c1GWdiUpQmDRfrxhTqyHC
xvbC+0KgjmL0ECCiT8I4uEY7W74AoM30+xr5O5wxCZVLTU/gR5tmGqHlPsRqekIb
ZFB+OkJe0TX1Cbdg2ynDSKX5WUtWOs5l+xD7xwU8PuG2EGJTHapQ46AwINkP++y7
7xo=
-----END CERTIFICATE-----
Generated at Thu May 1 10:05:54 2025 by rpki-client