Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i-caPKOmb2ig8w7ziLs5YLPTruU.roa
File: i-caPKOmb2ig8w7ziLs5YLPTruU.roa (raw, json)
Hash identifier: SkpiI8Ti6BjWLw6r57P0+9To2K+L/KduR/I3InqsXS4=
Subject key identifier: 8B:E7:1A:3C:A3:A6:6F:68:A0:F3:0E:F3:88:BB:39:60:B3:D3:AE:E5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018710503E20B7F06C02E06694B52838AAD8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i-caPKOmb2ig8w7ziLs5YLPTruU.roa
Signing time: Thu 23 Mar 2023 21:11:46 +0000
ROA not before: Thu 23 Mar 2023 21:11:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:50:3e:20:b7:f0:6c:02:e0:66:94:b5:28:38:aa:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 23 21:11:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8be71a3ca3a66f68a0f30ef388bb3960b3d3aee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7e:f0:6e:95:68:c6:48:cc:49:34:06:a7:30:
59:c3:86:d0:f7:d9:a5:d1:88:0f:55:23:69:4f:f9:
f8:9c:ce:78:d2:85:f0:98:14:04:23:f6:c2:33:0d:
30:5d:58:d5:1a:b5:26:ac:6e:e6:62:a0:d4:4a:fd:
de:cd:56:a9:37:cb:11:0b:d5:e5:fd:1a:2a:b2:13:
6a:d3:8e:66:bc:17:84:a5:e2:46:f4:b5:d5:50:b2:
4d:4a:e3:33:b6:c7:f4:2d:31:ac:a1:bc:30:2f:4a:
61:91:05:4b:b2:c7:e7:e3:83:95:4b:03:c4:04:53:
49:1a:19:30:6c:86:75:ae:70:46:7f:b7:c3:fe:13:
97:d9:4b:92:38:ef:18:2f:3c:56:ed:35:01:92:a7:
3d:dc:50:ca:94:cd:e1:cf:91:1b:6d:1d:a9:da:2f:
fc:61:1a:33:55:35:a0:37:f7:0f:77:7f:4d:4f:98:
9a:ef:db:b7:d8:bd:d6:00:70:ae:cf:0d:2d:4e:fa:
80:9c:ca:ee:68:d5:65:0b:83:74:79:2c:7c:b0:45:
cf:58:ec:81:88:a7:6d:89:44:55:cb:37:98:f6:22:
4c:43:61:d8:f3:03:aa:ef:53:fd:4a:d7:42:bc:ed:
f7:b2:78:64:88:b4:59:8c:5e:38:c2:34:69:f5:3b:
a1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E7:1A:3C:A3:A6:6F:68:A0:F3:0E:F3:88:BB:39:60:B3:D3:AE:E5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i-caPKOmb2ig8w7ziLs5YLPTruU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:90:29:58:81:fa:40:b5:29:6b:a9:52:cf:f4:a1:79:99:3a:
ba:6a:7e:55:c0:56:17:62:58:45:64:c3:6a:ed:74:65:8f:40:
94:0e:9e:1a:c8:80:8f:56:f0:ac:1a:cd:e1:f5:23:29:bb:bb:
d5:eb:99:f0:55:69:24:74:56:a6:2f:42:60:5d:7a:d9:10:4e:
ee:26:ab:d9:1f:c7:66:1d:dc:a5:24:9a:91:25:6e:a5:a0:8a:
23:31:15:5d:b8:fa:f3:37:d2:23:54:23:80:95:7c:0f:cb:83:
24:e7:1e:c0:07:0c:39:1b:be:e6:cd:6d:8d:33:51:46:da:25:
e7:53:23:23:0a:7a:d3:00:f4:22:79:78:3e:54:11:67:66:cb:
31:22:e3:ac:3c:57:0f:4e:c7:fb:64:16:d6:e8:21:be:e4:95:
4f:2e:e2:7d:b0:f7:33:39:b9:a5:e0:3b:4d:44:be:ca:14:9c:
0d:be:38:55:ce:88:6c:9c:13:54:83:64:5e:41:57:20:0a:06:
49:c1:ef:ba:c9:98:c6:ed:0d:3b:ee:cd:d9:21:73:9d:23:bd:
0d:fc:47:34:9d:71:98:a7:9c:4e:d7:f0:8f:af:35:e0:9b:1e:
4d:24:0e:ec:ae:9b:2f:72:84:8c:a6:05:e3:ec:9d:3e:28:30:
d5:43:d0:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcQUD4gt/BsAuBmlLUoOKrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIzMjExMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmU3MWEzY2EzYTY2ZjY4YTBmMzBlZjM4OGJiMzk2MGIzZDNhZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX7wbpVoxkjMSTQGpzBZw4bQ99ml
0YgPVSNpT/n4nM540oXwmBQEI/bCMw0wXVjVGrUmrG7mYqDUSv3ezVapN8sRC9Xl
/RoqshNq045mvBeEpeJG9LXVULJNSuMztsf0LTGsobwwL0phkQVLssfn44OVSwPE
BFNJGhkwbIZ1rnBGf7fD/hOX2UuSOO8YLzxW7TUBkqc93FDKlM3hz5EbbR2p2i/8
YRozVTWgN/cPd39NT5ia79u32L3WAHCuzw0tTvqAnMruaNVlC4N0eSx8sEXPWOyB
iKdtiURVyzeY9iJMQ2HY8wOq71P9StdCvO33snhkiLRZjF44wjRp9TuhZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIvnGjyjpm9ooPMO84i7OWCz067lMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaS1jYVBLT21iMmlnOHc3emlMczVZTFBUcnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC+QKViB+kC1KWupUs/0
oXmZOrpqflXAVhdiWEVkw2rtdGWPQJQOnhrIgI9W8KwazeH1Iym7u9XrmfBVaSR0
VqYvQmBdetkQTu4mq9kfx2Yd3KUkmpElbqWgiiMxFV24+vM30iNUI4CVfA/LgyTn
HsAHDDkbvubNbY0zUUbaJedTIyMKetMA9CJ5eD5UEWdmyzEi46w8Vw9Ox/tkFtbo
Ib7klU8u4n2w9zM5uaXgO01EvsoUnA2+OFXOiGycE1SDZF5BVyAKBknB77rJmMbt
DTvuzdkhc50jvQ38RzSdcZinnE7X8I+vNeCbHk0kDuyumy9yhIymBePsnT4oMNVD
0Go=
-----END CERTIFICATE-----
Generated at Fri May 2 22:05:11 2025 by rpki-client