Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IoQ2_-n0AYDSyy9zzXN9g7mCWEo.roa
File: IoQ2_-n0AYDSyy9zzXN9g7mCWEo.roa (raw, json)
Hash identifier: bfGfTOVxe6ovL8PpG9JmXXRk7lyg8oVJvyNeufD2swE=
Subject key identifier: 22:84:36:FF:E9:F4:01:80:D2:CB:2F:73:CD:73:7D:83:B9:82:58:4A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189EA7E6134619A3D19A6ACF18B676C7F56
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IoQ2_-n0AYDSyy9zzXN9g7mCWEo.roa
Signing time: Sat 12 Aug 2023 16:04:58 +0000
ROA not before: Sat 12 Aug 2023 16:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:ea7d:c1c9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ea:7e:61:34:61:9a:3d:19:a6:ac:f1:8b:67:6c:7f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 12 16:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=228436ffe9f40180d2cb2f73cd737d83b982584a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bd:8c:49:30:42:3b:b1:31:57:7a:5b:3b:ee:
d2:cd:0e:80:b5:07:1d:b9:55:0d:9b:4a:a3:b2:ac:
55:5d:06:95:64:54:c6:e2:1d:62:a3:ff:8c:9d:aa:
9f:06:53:5c:95:46:50:3c:ed:02:1a:6f:85:97:81:
1a:84:a7:90:5d:2f:48:26:d0:15:b6:17:3f:6a:8d:
3b:7e:3a:eb:2d:f0:77:e0:6a:b5:72:84:68:13:31:
71:03:20:c5:2d:23:7d:cd:ae:c9:84:69:53:a7:ce:
0c:a9:27:97:71:d8:0b:60:8e:ca:1f:3f:46:8f:a0:
02:54:a2:0f:8a:51:51:33:f7:05:ab:3e:b3:45:db:
cb:de:d5:93:08:b8:23:17:91:4f:84:4b:51:1f:45:
12:31:b4:8e:83:e2:5f:07:0b:5b:f0:87:b9:11:fb:
9f:b2:bf:75:ba:da:4f:68:ce:da:8a:db:d0:bb:b1:
96:9f:8c:8c:af:73:e1:b8:6e:0c:dc:85:db:31:1e:
b9:b8:19:c9:a6:b7:4d:10:d1:fa:5a:e1:0a:5c:8c:
8e:85:15:80:eb:c1:7c:d6:d7:3c:3d:39:38:da:8f:
c7:12:f4:4d:0c:5c:c5:11:15:b3:3d:e3:64:23:ed:
0f:5e:9c:5d:1e:40:9f:59:99:e4:43:59:a9:16:c3:
aa:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:84:36:FF:E9:F4:01:80:D2:CB:2F:73:CD:73:7D:83:B9:82:58:4A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IoQ2_-n0AYDSyy9zzXN9g7mCWEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:6c:05:40:ca:a3:e0:bd:09:e1:11:1f:67:09:ac:34:0b:8e:
3d:8b:07:55:99:47:59:3d:42:4e:d1:6a:9d:02:0d:71:64:97:
57:f2:45:b1:42:40:00:c9:78:29:1d:a2:ae:5c:9e:5f:24:5d:
30:28:14:c9:65:a3:e4:70:f8:52:b8:0a:48:2d:8a:22:bb:2b:
f8:b6:b8:d9:6b:11:5b:e6:ce:0e:1d:db:3f:e9:29:30:32:7b:
14:3a:96:64:52:20:3e:05:19:53:d2:4b:67:da:6d:b1:ac:b7:
dd:64:a9:63:04:e5:ea:f9:cc:c9:4e:28:42:d9:03:4b:55:84:
95:b0:bf:b3:8d:46:61:cf:90:d9:e3:6a:17:cd:1b:65:6b:83:
f5:53:b4:b1:0b:79:07:15:9d:06:22:82:e9:1a:be:19:da:51:
1b:90:97:ed:24:90:47:2e:27:19:dd:8f:18:99:3c:6e:e6:8a:
a8:e9:17:69:4f:6c:b2:55:38:56:af:bb:34:88:b1:cb:bb:a0:
60:f3:e6:72:1a:2a:56:b3:e4:8a:c3:8b:15:91:e0:ce:8d:e1:
1c:df:2f:d9:1a:91:e0:6f:c6:19:89:0f:55:f2:71:6a:b4:55:
ad:5e:01:2c:fb:e8:c5:fe:c3:87:8b:3f:51:33:34:0c:bc:44:
1a:5c:16:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnqfmE0YZo9Gaas8YtnbH9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEyMTYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg0MzZmZmU5ZjQwMTgwZDJjYjJmNzNjZDczN2Q4M2I5ODI1ODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk72MSTBCO7ExV3pbO+7SzQ6AtQcd
uVUNm0qjsqxVXQaVZFTG4h1io/+MnaqfBlNclUZQPO0CGm+Fl4EahKeQXS9IJtAV
thc/ao07fjrrLfB34Gq1coRoEzFxAyDFLSN9za7JhGlTp84MqSeXcdgLYI7KHz9G
j6ACVKIPilFRM/cFqz6zRdvL3tWTCLgjF5FPhEtRH0USMbSOg+JfBwtb8Ie5Efuf
sr91utpPaM7aitvQu7GWn4yMr3PhuG4M3IXbMR65uBnJprdNENH6WuEKXIyOhRWA
68F81tc8PTk42o/HEvRNDFzFERWzPeNkI+0PXpxdHkCfWZnkQ1mpFsOq2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCKENv/p9AGA0ssvc81zfYO5glhKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSW9RMl8tbjBBWURTeXk5enpYTjlnN21DV0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1sBUDKo+C9CeERH2cJ
rDQLjj2LB1WZR1k9Qk7Rap0CDXFkl1fyRbFCQADJeCkdoq5cnl8kXTAoFMllo+Rw
+FK4CkgtiiK7K/i2uNlrEVvmzg4d2z/pKTAyexQ6lmRSID4FGVPSS2fabbGst91k
qWME5er5zMlOKELZA0tVhJWwv7ONRmHPkNnjahfNG2Vrg/VTtLELeQcVnQYiguka
vhnaURuQl+0kkEcuJxndjxiZPG7miqjpF2lPbLJVOFavuzSIscu7oGDz5nIaKlaz
5IrDixWR4M6N4RzfL9kakeBvxhmJD1XycWq0Va1eASz76MX+w4eLP1EzNAy8RBpc
Fvk=
-----END CERTIFICATE-----
Generated at Thu May 1 11:19:27 2025 by rpki-client