Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2gmhmGJkhBwDuj7ueqvBEySqf8.roa
File: i2gmhmGJkhBwDuj7ueqvBEySqf8.roa (raw, json)
Hash identifier: AzwoIIQUmoXCJQ1RQ7x77vVZlkQC8TExd1Gc9iOAtjI=
Subject key identifier: 8B:68:26:86:61:89:92:10:70:0E:E8:FB:B9:EA:AF:04:4C:92:A9:FF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185A9BEB5F1C5B6A82E0A178AD56FEDF445
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2gmhmGJkhBwDuj7ueqvBEySqf8.roa
Signing time: Fri 13 Jan 2023 06:08:45 +0000
ROA not before: Fri 13 Jan 2023 06:08:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a9:be:b5:f1:c5:b6:a8:2e:0a:17:8a:d5:6f:ed:f4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 13 06:08:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b68268661899210700ee8fbb9eaaf044c92a9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:66:9f:c9:1b:a2:15:43:20:56:95:b3:42:9d:
13:dd:b7:e9:14:61:cc:54:e3:6a:c6:9c:53:86:de:
84:df:3c:fb:fe:f8:64:1b:60:58:ed:58:92:b1:51:
68:2f:ea:10:3a:ba:81:1c:e3:a8:66:91:6d:e5:e4:
26:5d:88:3d:31:3f:bd:c6:91:0a:20:63:14:33:1c:
80:7b:58:40:4b:c5:25:2e:05:97:ab:22:45:1b:0b:
ca:7e:c4:ff:93:da:70:b7:f6:88:55:30:26:70:00:
e0:99:6c:dc:2b:d9:57:e3:3c:89:2d:37:43:25:41:
24:b0:5f:7b:cc:ce:3a:9a:39:1b:c6:69:f8:ff:64:
10:86:6e:8c:b2:3e:1a:c4:57:8a:6d:c4:65:b6:ff:
22:5f:00:86:02:0d:85:02:0b:4e:65:58:43:89:50:
a0:dd:a5:30:67:38:ba:0b:0d:b3:e6:5a:d6:ce:4d:
fa:cc:a0:5a:ab:cc:76:17:31:42:ee:20:3b:cc:ae:
27:f8:9d:5a:8d:cd:80:1e:1f:a0:16:5a:53:7c:de:
6e:64:06:07:12:00:94:41:6a:62:2b:44:73:48:ee:
cb:da:03:4d:74:f2:41:ed:3e:36:dd:62:79:9c:00:
07:82:b6:8e:6d:bf:f3:cc:d6:43:8e:78:ab:1b:b1:
e3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:68:26:86:61:89:92:10:70:0E:E8:FB:B9:EA:AF:04:4C:92:A9:FF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2gmhmGJkhBwDuj7ueqvBEySqf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:0a:b9:81:cb:94:18:e1:e5:d3:d7:d1:02:ec:29:68:dc:69:
c9:dc:c6:d0:b7:2f:dc:ac:12:fe:68:9c:c6:85:46:01:54:2f:
2b:53:fb:14:35:b8:cf:b2:d1:37:0e:39:04:c1:8c:24:cf:4f:
15:51:13:9b:74:10:ac:f8:44:12:03:50:b7:a1:45:b9:34:52:
7b:ee:0e:2b:73:41:ba:5e:f0:8e:08:7c:be:7b:40:fb:34:05:
10:86:e4:8a:3c:72:c6:ed:23:5a:67:76:35:98:08:32:14:0a:
2c:28:da:26:ae:b4:2b:6f:bd:41:03:61:23:f5:3d:e9:a9:78:
24:11:cb:e2:4c:d3:b4:63:24:a2:0b:f8:2d:e3:61:73:d0:36:
49:95:62:0a:a2:55:1b:a0:e2:c1:ac:5e:9f:8b:7f:34:0a:c5:
c0:06:b7:06:5c:ea:6f:d6:3c:ca:9d:e8:87:68:cd:77:88:02:
a7:2d:32:87:ed:19:0a:fd:d0:a8:3b:8d:fd:27:cf:98:81:c1:
11:a3:1c:ea:8f:cb:49:66:53:ba:13:38:cd:c1:a2:0d:38:94:
97:58:90:85:b4:64:97:d1:ff:f2:62:77:70:af:54:81:e8:d6:
05:2a:25:43:be:a4:1d:ff:78:5a:68:4a:c3:ce:62:f3:23:6b:
00:11:da:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWpvrXxxbaoLgoXitVv7fRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEzMDYwODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY4MjY4NjYxODk5MjEwNzAwZWU4ZmJiOWVhYWYwNDRjOTJhOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGafyRuiFUMgVpWzQp0T3bfpFGHM
VONqxpxTht6E3zz7/vhkG2BY7ViSsVFoL+oQOrqBHOOoZpFt5eQmXYg9MT+9xpEK
IGMUMxyAe1hAS8UlLgWXqyJFGwvKfsT/k9pwt/aIVTAmcADgmWzcK9lX4zyJLTdD
JUEksF97zM46mjkbxmn4/2QQhm6Msj4axFeKbcRltv8iXwCGAg2FAgtOZVhDiVCg
3aUwZzi6Cw2z5lrWzk36zKBaq8x2FzFC7iA7zK4n+J1ajc2AHh+gFlpTfN5uZAYH
EgCUQWpiK0RzSO7L2gNNdPJB7T423WJ5nAAHgraObb/zzNZDjnirG7HjFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFItoJoZhiZIQcA7o+7nqrwRMkqn/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaTJnbWhtR0praEJ3RHVqN3VlcXZCRXlTcWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAwKuYHLlBjh5dPX0QLs
KWjcacncxtC3L9ysEv5onMaFRgFULytT+xQ1uM+y0TcOOQTBjCTPTxVRE5t0EKz4
RBIDULehRbk0UnvuDitzQbpe8I4IfL57QPs0BRCG5Io8csbtI1pndjWYCDIUCiwo
2iautCtvvUEDYSP1PempeCQRy+JM07RjJKIL+C3jYXPQNkmVYgqiVRug4sGsXp+L
fzQKxcAGtwZc6m/WPMqd6IdozXeIAqctMoftGQr90Kg7jf0nz5iBwRGjHOqPy0lm
U7oTOM3Bog04lJdYkIW0ZJfR//Jid3CvVIHo1gUqJUO+pB3/eFpoSsPOYvMjawAR
2lw=
-----END CERTIFICATE-----
Generated at Thu May 1 23:44:29 2025 by rpki-client