Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1IcoLu1lnJq_DWaivl1lUHFvIE.roa
File: a1IcoLu1lnJq_DWaivl1lUHFvIE.roa (raw, json)
Hash identifier: dKVh6iOcL3QiHER6aRJSGfebFS30KDDAn7nD6D9q2k8=
Subject key identifier: 6B:52:1C:A0:BB:B5:96:72:6A:FC:35:9A:8A:F9:75:95:41:C5:BC:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864F620B4FBA562299DED96E0E60A42210
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1IcoLu1lnJq_DWaivl1lUHFvIE.roa
Signing time: Tue 14 Feb 2023 10:04:30 +0000
ROA not before: Tue 14 Feb 2023 10:04:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:4f61:f322/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:62:0b:4f:ba:56:22:99:de:d9:6e:0e:60:a4:22:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 14 10:04:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b521ca0bbb596726afc359a8af9759541c5bc81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5c:de:73:b3:e4:2e:69:4c:49:b7:ac:dc:c9:
2a:18:61:2b:14:3e:e4:ca:8e:98:a4:e7:1b:a5:5b:
dd:df:65:d4:5e:57:8d:69:bd:40:0c:19:63:2a:c9:
15:38:79:c0:98:ac:7a:eb:25:fc:52:c2:42:d9:e9:
6c:ce:89:55:fc:0a:31:1e:9c:26:e2:29:17:18:f3:
83:04:74:e0:a8:ea:4a:4d:86:77:13:fa:92:55:0f:
fc:36:0a:a6:f5:0a:ae:de:b1:3f:32:ba:c3:3b:12:
51:03:d6:dd:29:28:ec:4f:36:77:2d:dd:18:a3:1a:
fd:ea:16:0f:f7:e0:4b:51:b5:0c:28:b3:fc:50:f4:
9e:56:38:6d:ad:e6:98:58:ea:cc:2a:fb:d4:08:bb:
48:9f:81:72:cf:1f:24:7a:4c:1e:3e:7b:97:10:de:
aa:a9:32:2b:54:38:bb:e4:6a:5e:08:c8:47:55:0e:
65:19:61:e1:49:3f:b3:a8:e5:7b:59:84:37:b1:b3:
89:36:f1:86:ab:1b:39:2e:b7:08:9e:34:63:4f:3b:
37:65:05:0f:cf:7d:03:d9:80:89:3a:2e:01:22:fe:
bb:61:59:f8:df:9d:95:a0:5e:b0:73:0e:49:dd:04:
8e:a1:13:48:93:44:d6:63:95:e2:44:64:9d:f4:2c:
53:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:52:1C:A0:BB:B5:96:72:6A:FC:35:9A:8A:F9:75:95:41:C5:BC:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1IcoLu1lnJq_DWaivl1lUHFvIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:d8:38:9f:4a:16:ca:38:ae:4b:aa:02:b9:32:f1:1a:44:e6:
55:19:7d:63:47:69:e2:f8:ef:59:43:42:dc:3e:87:33:1f:c1:
4d:70:a2:76:70:2d:7a:d7:dd:8e:1f:f2:6e:44:90:a1:74:ed:
23:47:b1:0b:9d:d8:ef:82:fe:80:63:52:ea:fe:3f:b4:5d:70:
8b:02:ca:4b:f6:01:c5:82:39:b2:f2:cc:64:61:9c:45:42:30:
15:b3:40:f6:1e:2a:07:ff:0a:9e:3c:2b:e9:3f:8a:d7:3a:a0:
b0:fa:1f:0b:aa:5b:96:e6:c7:0c:41:dd:94:33:43:c0:d2:da:
58:bf:7f:3d:40:f0:a2:68:10:4e:08:f6:61:e4:c1:51:d7:bc:
1d:31:fc:f1:b3:d4:b9:cb:5c:b0:5d:27:3b:fe:35:a1:f4:ac:
5a:a2:0f:89:bf:20:76:c1:98:ea:fe:4f:de:74:59:1f:ef:96:
de:5d:27:46:d3:48:19:ee:8d:93:5b:21:88:d4:d8:3f:11:90:
73:a0:7b:7d:4f:9a:e7:cb:11:d8:26:a8:cf:bd:3d:4d:46:e3:
49:5d:4b:eb:c1:f0:cb:8f:9c:7c:83:67:95:b6:5b:9a:1d:19:
89:a5:1e:56:f3:db:e2:c2:e1:97:80:52:12:02:1d:7e:2c:d8:
12:f6:01:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZPYgtPulYimd7Zbg5gpCIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE0MTAwNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjUyMWNhMGJiYjU5NjcyNmFmYzM1OWE4YWY5NzU5NTQxYzViYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVzec7PkLmlMSbes3MkqGGErFD7k
yo6YpOcbpVvd32XUXleNab1ADBljKskVOHnAmKx66yX8UsJC2elszolV/AoxHpwm
4ikXGPODBHTgqOpKTYZ3E/qSVQ/8Ngqm9Qqu3rE/MrrDOxJRA9bdKSjsTzZ3Ld0Y
oxr96hYP9+BLUbUMKLP8UPSeVjhtreaYWOrMKvvUCLtIn4Fyzx8kekwePnuXEN6q
qTIrVDi75GpeCMhHVQ5lGWHhST+zqOV7WYQ3sbOJNvGGqxs5LrcInjRjTzs3ZQUP
z30D2YCJOi4BIv67YVn4352VoF6wcw5J3QSOoRNIk0TWY5XiRGSd9CxTVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGtSHKC7tZZyavw1mor5dZVBxbyBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYTFJY29MdTFsbkpxX0RXYWl2bDFsVUhGdklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJXYOJ9KFso4rkuqArky
8RpE5lUZfWNHaeL471lDQtw+hzMfwU1wonZwLXrX3Y4f8m5EkKF07SNHsQud2O+C
/oBjUur+P7RdcIsCykv2AcWCObLyzGRhnEVCMBWzQPYeKgf/Cp48K+k/itc6oLD6
HwuqW5bmxwxB3ZQzQ8DS2li/fz1A8KJoEE4I9mHkwVHXvB0x/PGz1LnLXLBdJzv+
NaH0rFqiD4m/IHbBmOr+T950WR/vlt5dJ0bTSBnujZNbIYjU2D8RkHOge31PmufL
EdgmqM+9PU1G40ldS+vB8MuPnHyDZ5W2W5odGYmlHlbz2+LC4ZeAUhICHX4s2BL2
ASk=
-----END CERTIFICATE-----
Generated at Thu May 1 01:55:27 2025 by rpki-client