Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2kQ6kwGK8kEGeARSMBX90ZSVBc.roa
File: i2kQ6kwGK8kEGeARSMBX90ZSVBc.roa (raw, json)
Hash identifier: mHQ5dkWit8Mn9zl/b47qJhgPAQQW13qyZXw78xpMwjg=
Subject key identifier: 8B:69:10:EA:4C:06:2B:C9:04:19:E0:11:48:C0:57:F7:46:52:54:17
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189BE50DEDFB726D355AA078BAF244813F8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2kQ6kwGK8kEGeARSMBX90ZSVBc.roa
Signing time: Fri 04 Aug 2023 02:11:58 +0000
ROA not before: Fri 04 Aug 2023 02:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:be:50:de:df:b7:26:d3:55:aa:07:8b:af:24:48:13:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 02:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b6910ea4c062bc90419e01148c057f746525417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c2:f5:2e:a1:b8:4d:f7:9e:ef:c8:4b:0a:95:
3f:92:ae:26:37:19:7b:b1:10:21:f9:b9:09:69:9e:
01:24:a8:9e:96:90:50:0c:bf:16:fd:ae:5e:f7:93:
a9:50:db:90:01:71:23:bc:bd:dc:be:83:e7:75:7c:
49:66:e0:1a:38:c2:9c:3b:c4:1e:a5:1a:da:e4:8a:
69:2f:11:e4:4a:8d:c0:98:82:88:92:90:ec:7b:42:
6d:7d:2c:ad:8c:94:dd:e1:7d:95:9d:ab:92:58:8e:
c7:b6:91:59:7d:52:13:6b:e9:68:2f:74:16:c2:ee:
14:7f:f5:96:6f:6e:c3:6c:61:72:6d:ad:e7:ae:88:
8e:49:65:99:40:c2:28:ed:8b:b6:22:78:d9:b8:41:
92:00:ca:8e:6a:43:30:13:ce:a1:28:78:58:6c:b7:
f3:a0:7d:65:d6:a7:b5:07:8b:dc:f5:dd:93:d2:57:
1b:02:1d:b6:52:28:91:70:24:29:7f:2e:68:34:c4:
31:c6:56:ca:a6:08:12:77:18:7e:ae:e8:f5:33:24:
47:76:68:43:b6:c5:1f:57:2a:97:f8:5b:65:dc:6c:
dd:16:c5:88:b7:2f:ff:71:32:0e:d4:ff:89:4b:7a:
93:d4:56:eb:75:45:14:3d:3c:7f:a5:a4:d5:50:50:
78:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:69:10:EA:4C:06:2B:C9:04:19:E0:11:48:C0:57:F7:46:52:54:17
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i2kQ6kwGK8kEGeARSMBX90ZSVBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:07:e7:7b:26:8a:79:85:db:ff:9a:d6:b9:f3:28:0f:f4:ae:
1a:f8:4c:22:23:68:b4:28:41:27:86:ab:b3:8f:cd:4c:e0:57:
77:38:5a:0d:d7:2f:98:e7:3a:12:ca:b1:96:8d:cc:38:a8:40:
72:06:fd:da:bf:fc:4b:07:60:40:7a:89:3a:1a:57:ae:3a:d9:
da:52:f0:ea:80:f7:fa:03:ee:ec:74:ab:86:55:0c:4e:0c:03:
09:d2:1a:4d:ac:00:ad:f5:2d:2a:79:31:b0:b3:18:34:66:25:
65:56:72:fd:f9:cf:73:e8:4d:11:86:0b:e0:97:57:4f:9c:c3:
19:38:9f:12:ae:63:ce:fe:6d:3b:6f:97:a2:de:12:8f:79:29:
65:5c:56:8b:28:de:f9:da:98:b5:ab:71:fd:6f:a2:12:34:82:
c9:a5:9e:28:4e:4b:d1:f4:13:b6:55:58:bf:ed:f2:b5:7c:a6:
f7:8b:90:31:fc:a8:97:61:6d:90:10:b6:7b:fe:84:ae:0f:2e:
44:b7:4a:7c:db:96:cd:1b:0d:1d:61:6c:cc:43:83:7f:8b:3f:
eb:23:e5:80:b5:56:60:75:32:f2:2a:63:f1:6e:a0:92:1a:1c:
ac:5d:54:e6:6c:f8:47:75:4a:61:00:f6:03:34:c7:67:4b:ad:
f4:a7:5b:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm+UN7ftybTVaoHi68kSBP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MDIxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY5MTBlYTRjMDYyYmM5MDQxOWUwMTE0OGMwNTdmNzQ2NTI1NDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8L1LqG4Tfee78hLCpU/kq4mNxl7
sRAh+bkJaZ4BJKielpBQDL8W/a5e95OpUNuQAXEjvL3cvoPndXxJZuAaOMKcO8Qe
pRra5IppLxHkSo3AmIKIkpDse0JtfSytjJTd4X2VnauSWI7HtpFZfVITa+loL3QW
wu4Uf/WWb27DbGFyba3nroiOSWWZQMIo7Yu2InjZuEGSAMqOakMwE86hKHhYbLfz
oH1l1qe1B4vc9d2T0lcbAh22UiiRcCQpfy5oNMQxxlbKpggSdxh+ruj1MyRHdmhD
tsUfVyqX+Ftl3GzdFsWIty//cTIO1P+JS3qT1FbrdUUUPTx/paTVUFB4KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFItpEOpMBivJBBngEUjAV/dGUlQXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaTJrUTZrd0dLOGtFR2VBUlNNQlg5MFpTVkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIsH53sminmF2/+a1rnz
KA/0rhr4TCIjaLQoQSeGq7OPzUzgV3c4Wg3XL5jnOhLKsZaNzDioQHIG/dq//EsH
YEB6iToaV6462dpS8OqA9/oD7ux0q4ZVDE4MAwnSGk2sAK31LSp5MbCzGDRmJWVW
cv35z3PoTRGGC+CXV0+cwxk4nxKuY87+bTtvl6LeEo95KWVcVoso3vnamLWrcf1v
ohI0gsmlnihOS9H0E7ZVWL/t8rV8pveLkDH8qJdhbZAQtnv+hK4PLkS3Snzbls0b
DR1hbMxDg3+LP+sj5YC1VmB1MvIqY/FuoJIaHKxdVOZs+Ed1SmEA9gM0x2dLrfSn
W4w=
-----END CERTIFICATE-----
Generated at Thu May 1 06:47:05 2025 by rpki-client