Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T-IroklwJcI6icbt1STOQW3DTEw.roa
File: T-IroklwJcI6icbt1STOQW3DTEw.roa (raw, json)
Hash identifier: lM+sfDc8swxd3bvc4ojKP3LtBlq8sBCfYEsR0pmQ9Wg=
Subject key identifier: 4F:E2:2B:A2:49:70:25:C2:3A:89:C6:ED:D5:24:CE:41:6D:C3:4C:4C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185D69A090DB0BE9D6334904E54B2A07837
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T-IroklwJcI6icbt1STOQW3DTEw.roa
Signing time: Sat 21 Jan 2023 23:11:37 +0000
ROA not before: Sat 21 Jan 2023 23:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d6:9a:09:0d:b0:be:9d:63:34:90:4e:54:b2:a0:78:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 21 23:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fe22ba2497025c23a89c6edd524ce416dc34c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a5:ba:7a:0e:04:5f:32:38:5b:53:1a:58:c3:
8e:e0:f1:bb:32:75:9a:c5:c3:c8:6b:fa:1f:60:95:
37:a1:5c:c3:d3:b1:5c:9f:76:91:f8:a1:b2:f5:a1:
d7:67:b1:59:80:df:26:c6:08:1e:eb:03:fb:05:76:
bd:64:5e:91:c6:2c:88:94:86:a2:05:7a:d9:2b:7f:
b8:dc:83:26:d1:56:da:94:9d:00:67:70:69:59:d0:
9c:90:65:7c:d6:c0:49:55:8f:27:f2:2d:ee:db:c0:
2f:fd:a7:51:c0:f5:2b:eb:67:8c:9b:44:d1:8d:d0:
2e:0e:eb:5d:b3:9c:bf:f8:26:d2:8e:1e:03:08:66:
18:4e:90:ab:6f:a0:f8:66:3e:d4:57:dc:2c:7d:a9:
5e:49:ae:9a:35:d2:ea:bb:0e:b4:9a:c4:92:b0:66:
05:1f:45:f3:40:b1:70:4c:35:74:27:a2:14:8e:a8:
1b:d7:46:e3:37:44:4d:93:da:2d:10:66:5f:62:29:
8f:10:cb:68:d2:63:83:01:10:a4:e3:1c:d0:b0:63:
12:1e:96:d7:a1:07:1d:1b:a5:64:48:b8:7e:f5:d5:
5f:06:ec:6f:f4:95:45:86:98:f0:a4:51:e8:15:cd:
13:93:6c:9c:c4:d0:f1:6e:7e:92:ee:70:d9:6a:71:
68:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E2:2B:A2:49:70:25:C2:3A:89:C6:ED:D5:24:CE:41:6D:C3:4C:4C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T-IroklwJcI6icbt1STOQW3DTEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:38:5f:ce:e5:34:01:02:21:d5:61:1a:fb:e7:c7:12:9a:fc:
bf:af:f6:f1:84:14:59:31:37:08:88:e5:80:88:ec:35:d1:22:
7a:4f:7e:10:68:d7:7d:97:70:b3:14:b1:40:ec:f5:74:48:db:
a3:ec:72:8e:73:fc:8d:37:56:8f:f1:c4:1d:a7:a0:54:74:d3:
9e:28:34:10:90:01:38:81:e7:53:4d:30:5e:00:74:a0:0c:8d:
de:fa:2a:65:d4:9a:05:32:db:6e:b0:10:c7:55:33:fc:47:e4:
43:55:44:c2:50:58:58:4d:5c:c1:f3:5e:f5:b5:6a:4c:55:58:
a7:8b:93:05:e8:9d:8b:32:49:a8:8f:f4:c4:be:08:b9:1d:2a:
ee:a9:10:10:a5:12:ab:ae:17:3e:42:74:fa:b0:07:ef:05:c3:
18:fd:a2:2e:9a:66:41:23:62:b6:cd:81:bf:23:f3:5e:91:61:
18:7c:17:2b:01:7e:b6:1e:e9:ea:72:85:30:ff:24:74:11:54:
f8:c1:fc:66:16:32:4c:60:6d:82:b7:e6:37:3a:65:6d:48:e6:
4e:1d:dc:24:98:64:6b:88:ee:fa:a9:4d:76:e4:5b:df:ee:08:
d3:46:4e:7f:92:f7:9e:24:30:ec:5b:e3:d8:9f:da:a8:d5:de:
6d:7d:59:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXWmgkNsL6dYzSQTlSyoHg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIxMjMxMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUyMmJhMjQ5NzAyNWMyM2E4OWM2ZWRkNTI0Y2U0MTZkYzM0YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKW6eg4EXzI4W1MaWMOO4PG7MnWa
xcPIa/ofYJU3oVzD07Fcn3aR+KGy9aHXZ7FZgN8mxgge6wP7BXa9ZF6RxiyIlIai
BXrZK3+43IMm0VbalJ0AZ3BpWdCckGV81sBJVY8n8i3u28Av/adRwPUr62eMm0TR
jdAuDutds5y/+CbSjh4DCGYYTpCrb6D4Zj7UV9wsfaleSa6aNdLquw60msSSsGYF
H0XzQLFwTDV0J6IUjqgb10bjN0RNk9otEGZfYimPEMto0mODARCk4xzQsGMSHpbX
oQcdG6VkSLh+9dVfBuxv9JVFhpjwpFHoFc0Tk2ycxNDxbn6S7nDZanForQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE/iK6JJcCXCOonG7dUkzkFtw0xMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVC1Jcm9rbHdKY0k2aWNidDFTVE9RVzNEVEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHM4X87lNAECIdVhGvvn
xxKa/L+v9vGEFFkxNwiI5YCI7DXRInpPfhBo132XcLMUsUDs9XRI26Psco5z/I03
Vo/xxB2noFR0054oNBCQATiB51NNMF4AdKAMjd76KmXUmgUy226wEMdVM/xH5ENV
RMJQWFhNXMHzXvW1akxVWKeLkwXonYsySaiP9MS+CLkdKu6pEBClEquuFz5CdPqw
B+8Fwxj9oi6aZkEjYrbNgb8j816RYRh8FysBfrYe6epyhTD/JHQRVPjB/GYWMkxg
bYK35jc6ZW1I5k4d3CSYZGuI7vqpTXbkW9/uCNNGTn+S954kMOxb49if2qjV3m19
Wew=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:51:53 2025 by rpki-client