Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O-IqYkc6TdXFM8jfovkV_PonDQ0.roa
File: O-IqYkc6TdXFM8jfovkV_PonDQ0.roa (raw, json)
Hash identifier: SuW/nKNjAstAQxECY++DGADWwBHWr4OMcp/Nm1Hmsvo=
Subject key identifier: 3B:E2:2A:62:47:3A:4D:D5:C5:33:C8:DF:A2:F9:15:FC:FA:27:0D:0D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01899D7BDC726D4482A5BD003D93B4F5E7CC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O-IqYkc6TdXFM8jfovkV_PonDQ0.roa
Signing time: Fri 28 Jul 2023 17:11:27 +0000
ROA not before: Fri 28 Jul 2023 17:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9d:7b:dc:72:6d:44:82:a5:bd:00:3d:93:b4:f5:e7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 28 17:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3be22a62473a4dd5c533c8dfa2f915fcfa270d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a9:46:b1:c6:c3:76:eb:f7:42:b1:41:24:64:
21:e9:99:d4:fc:58:3c:c7:3f:1f:a2:a9:88:a9:85:
69:8d:1c:1e:67:2b:28:ea:4d:0b:c0:39:b0:86:75:
44:df:af:22:e0:15:d9:3b:60:ae:be:29:7f:63:f3:
20:35:ef:d4:fe:55:12:25:0b:e0:c6:be:2b:b2:b8:
39:3c:7b:c8:f6:de:c2:3e:d1:00:e9:8f:f8:7c:97:
ae:3f:da:d6:bd:b5:a3:3e:26:86:fd:e3:26:70:0e:
48:c1:0e:25:42:a6:41:4e:83:48:e3:23:b7:0e:ce:
1e:b7:9d:1b:b6:45:63:4b:c3:bb:06:5c:67:3d:11:
4f:00:6a:40:6e:da:51:d4:34:4d:82:07:5c:e6:d4:
0b:d2:60:b9:c9:b9:e5:c3:f0:87:9a:d9:b0:10:fe:
34:1f:ae:37:24:b5:4b:de:2c:5c:13:ca:b7:96:cb:
e9:41:73:53:cc:a0:ce:e4:ef:a4:bb:0f:1e:83:e5:
c7:68:53:ae:01:9a:29:de:51:52:0f:8d:c0:f9:34:
7f:09:99:a4:c0:f3:ae:9e:e7:63:32:8c:89:73:66:
64:6a:55:24:3c:71:33:09:22:54:35:57:9a:c0:aa:
56:be:ff:a4:97:a7:4a:e7:96:8d:66:c4:ba:9a:fe:
f7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E2:2A:62:47:3A:4D:D5:C5:33:C8:DF:A2:F9:15:FC:FA:27:0D:0D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O-IqYkc6TdXFM8jfovkV_PonDQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:03:a3:ff:58:15:d3:90:ec:cc:e5:18:49:60:89:d8:83:99:
89:5b:73:e0:c6:b9:ee:d6:2d:9d:19:c2:68:2a:e2:58:2b:84:
9d:d0:da:3a:ce:92:9b:00:a1:7d:a2:1c:c1:ff:3d:a5:b8:83:
01:07:a1:43:67:57:5f:eb:70:e2:77:d0:ba:ec:06:83:28:8d:
36:00:e2:db:b8:c6:06:50:b1:ce:f4:a4:36:0e:7a:2d:03:53:
bc:17:34:2a:3f:fb:f9:31:ff:d3:43:00:3c:bd:87:f5:93:d5:
52:01:d7:cf:42:cc:c3:1d:71:c8:86:16:db:c0:b0:54:0b:aa:
58:ee:b3:6c:4f:83:dc:7f:e8:77:e5:6d:9c:35:a7:19:d9:e6:
11:29:dd:e8:5b:0b:2e:34:7e:06:dd:8e:4f:1e:d5:b1:05:fb:
e9:a8:26:a8:8e:26:00:26:4d:47:bb:d1:01:c9:4f:61:f4:5a:
47:5b:02:2c:a2:39:cd:07:c8:1e:e1:9f:f7:a6:17:41:68:71:
86:dd:96:4e:da:c0:63:51:68:89:41:1e:83:bd:37:d8:f7:08:
be:b5:96:3f:36:c5:5f:4a:92:2f:9a:b3:fb:26:b0:1a:c6:cf:
63:29:af:f7:ad:06:61:63:30:5d:c0:1f:68:8e:98:25:57:d2:
63:1a:83:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmde9xybUSCpb0APZO09efMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI4MTcxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUyMmE2MjQ3M2E0ZGQ1YzUzM2M4ZGZhMmY5MTVmY2ZhMjcwZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKlGscbDduv3QrFBJGQh6ZnU/Fg8
xz8foqmIqYVpjRweZyso6k0LwDmwhnVE368i4BXZO2Cuvil/Y/MgNe/U/lUSJQvg
xr4rsrg5PHvI9t7CPtEA6Y/4fJeuP9rWvbWjPiaG/eMmcA5IwQ4lQqZBToNI4yO3
Ds4et50btkVjS8O7BlxnPRFPAGpAbtpR1DRNggdc5tQL0mC5ybnlw/CHmtmwEP40
H643JLVL3ixcE8q3lsvpQXNTzKDO5O+kuw8eg+XHaFOuAZop3lFSD43A+TR/CZmk
wPOunudjMoyJc2ZkalUkPHEzCSJUNVeawKpWvv+kl6dK55aNZsS6mv73WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDviKmJHOk3VxTPI36L5Ffz6Jw0NMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTy1JcVlrYzZUZFhGTThqZm92a1ZfUG9uRFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEADo/9YFdOQ7MzlGElg
idiDmYlbc+DGue7WLZ0Zwmgq4lgrhJ3Q2jrOkpsAoX2iHMH/PaW4gwEHoUNnV1/r
cOJ30LrsBoMojTYA4tu4xgZQsc70pDYOei0DU7wXNCo/+/kx/9NDADy9h/WT1VIB
189CzMMdcciGFtvAsFQLqljus2xPg9x/6HflbZw1pxnZ5hEp3ehbCy40fgbdjk8e
1bEF++moJqiOJgAmTUe70QHJT2H0WkdbAiyiOc0HyB7hn/emF0FocYbdlk7awGNR
aIlBHoO9N9j3CL61lj82xV9Kki+as/smsBrGz2Mpr/etBmFjMF3AH2iOmCVX0mMa
g/s=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:01:25 2025 by rpki-client