Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IskOYEZPMtyp6jP9WlI-bKKdIAQ.roa
File: IskOYEZPMtyp6jP9WlI-bKKdIAQ.roa (raw, json)
Hash identifier: IJmV0J9krj9mgML0/N9IRrJ7WD6LSOxlHfUv24aza58=
Subject key identifier: 22:C9:0E:60:46:4F:32:DC:A9:EA:33:FD:5A:52:3E:6C:A2:9D:20:04
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01863A97BCAC0B70CF1BCB47919B276F4FE7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IskOYEZPMtyp6jP9WlI-bKKdIAQ.roa
Signing time: Fri 10 Feb 2023 09:11:08 +0000
ROA not before: Fri 10 Feb 2023 09:11:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:97:bc:ac:0b:70:cf:1b:cb:47:91:9b:27:6f:4f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 10 09:11:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22c90e60464f32dca9ea33fd5a523e6ca29d2004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c1:e6:4a:4c:2c:16:aa:fa:0e:a4:db:80:53:
46:89:f6:d8:39:50:05:bc:6b:04:57:3e:35:65:9a:
af:75:89:a3:5a:56:a1:a7:25:2d:50:6f:5e:49:b1:
50:8a:e8:a0:b2:94:75:9d:e0:2f:d1:fa:0e:ce:37:
20:04:a5:64:e2:0d:ae:e4:47:ff:a4:a0:f3:71:6f:
f6:8a:95:a8:06:5d:47:3d:1d:67:87:6e:5f:18:71:
6d:16:3d:d5:b0:2d:ec:63:ac:60:b9:38:0c:74:eb:
5c:9c:a4:e8:a3:82:07:f0:48:e4:f2:22:67:01:60:
2f:36:ca:6c:5b:ff:d3:ab:a0:6c:51:a4:4e:3f:69:
88:c1:eb:1c:42:f7:c5:d3:96:7f:54:2b:cd:bb:a6:
4f:21:0a:6c:e9:5d:b1:94:bf:e4:f2:d8:97:fe:d6:
ae:4d:4d:ec:2b:46:a2:e3:d7:d5:06:1e:6c:f4:14:
86:78:49:22:ff:fc:f1:d1:f1:41:53:6b:53:bb:5e:
b6:49:1f:78:d8:d5:34:79:89:ab:7b:40:e7:2b:b6:
0d:6f:5c:38:dd:de:4c:d5:89:f4:ad:9d:25:81:f5:
d2:d6:a0:f4:e4:2a:ce:39:bc:d8:37:88:ee:1e:12:
ee:fa:a0:0a:ad:09:08:53:7f:84:70:d9:29:0b:6a:
97:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C9:0E:60:46:4F:32:DC:A9:EA:33:FD:5A:52:3E:6C:A2:9D:20:04
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IskOYEZPMtyp6jP9WlI-bKKdIAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:7a:32:ff:cc:04:e0:02:e4:f3:79:b2:a8:1b:ab:44:ca:aa:
cb:18:96:e2:b0:7b:1d:7d:8f:0e:86:9f:cb:25:12:f3:8b:6e:
6c:78:73:65:17:3e:31:a0:ce:2c:bf:7a:3c:f9:a4:77:09:55:
9b:96:31:2d:c5:bd:0a:3a:2d:85:ae:3c:6e:cb:29:2d:ee:61:
2b:99:69:3b:18:af:3e:e1:13:78:31:5d:1a:b6:de:a0:42:77:
4a:97:1e:3f:24:5c:a5:f7:5a:2c:5e:a7:68:8e:c0:8d:0a:c7:
65:a1:53:25:6e:f5:45:6a:dd:2c:6d:4c:af:73:ef:f0:fe:ff:
be:d9:fd:6e:d2:0d:90:fe:97:34:5b:cd:eb:64:bb:3d:58:1b:
c7:89:df:f4:e8:30:87:65:14:53:a7:3e:57:73:64:04:d8:d6:
cf:6f:e5:70:ab:56:69:66:96:e2:58:af:e9:f3:bd:d7:01:4e:
f8:17:ef:82:b7:9e:e1:39:18:e4:da:e7:5d:25:b2:58:2a:d1:
65:49:3e:c7:ad:29:c6:9a:8f:01:f5:60:95:db:7e:01:3d:3e:
cd:69:67:a2:65:56:95:34:3c:08:0b:1a:44:68:c7:09:7f:f2:
23:14:21:e4:77:d0:6e:15:e7:0e:4e:01:52:05:52:cf:9d:d7:
8a:44:ec:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYY6l7ysC3DPG8tHkZsnb0/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEwMDkxMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM5MGU2MDQ2NGYzMmRjYTllYTMzZmQ1YTUyM2U2Y2EyOWQyMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18HmSkwsFqr6DqTbgFNGifbYOVAF
vGsEVz41ZZqvdYmjWlahpyUtUG9eSbFQiuigspR1neAv0foOzjcgBKVk4g2u5Ef/
pKDzcW/2ipWoBl1HPR1nh25fGHFtFj3VsC3sY6xguTgMdOtcnKToo4IH8Ejk8iJn
AWAvNspsW//Tq6BsUaROP2mIwescQvfF05Z/VCvNu6ZPIQps6V2xlL/k8tiX/tau
TU3sK0ai49fVBh5s9BSGeEki//zx0fFBU2tTu162SR942NU0eYmre0DnK7YNb1w4
3d5M1Yn0rZ0lgfXS1qD05CrOObzYN4juHhLu+qAKrQkIU3+EcNkpC2qX4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCLJDmBGTzLcqeoz/VpSPmyinSAEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSXNrT1lFWlBNdHlwNmpQOVdsSS1iS0tkSUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZ6Mv/MBOAC5PN5sqgb
q0TKqssYluKwex19jw6Gn8slEvOLbmx4c2UXPjGgziy/ejz5pHcJVZuWMS3FvQo6
LYWuPG7LKS3uYSuZaTsYrz7hE3gxXRq23qBCd0qXHj8kXKX3Wixep2iOwI0Kx2Wh
UyVu9UVq3SxtTK9z7/D+/77Z/W7SDZD+lzRbzetkuz1YG8eJ3/ToMIdlFFOnPldz
ZATY1s9v5XCrVmlmluJYr+nzvdcBTvgX74K3nuE5GOTa510lslgq0WVJPsetKcaa
jwH1YJXbfgE9Ps1pZ6JlVpU0PAgLGkRoxwl/8iMUIeR30G4V5w5OAVIFUs+d14pE
7AQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:02:54 2025 by rpki-client