Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i9obGPTsgasCEw6mm_iIIk45Xfg.roa
File: i9obGPTsgasCEw6mm_iIIk45Xfg.roa (raw, json)
Hash identifier: c9S6vE1kGwnTcD2QKTgEQOz988hIOd451dw8clxlw3s=
Subject key identifier: 8B:DA:1B:18:F4:EC:81:AB:02:13:0E:A6:9B:F8:88:22:4E:39:5D:F8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018296E8E66B9BC2B275A9EDF3ACC2E992FB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i9obGPTsgasCEw6mm_iIIk45Xfg.roa
Signing time: Sat 13 Aug 2022 11:13:41 +0000
ROA not before: Sat 13 Aug 2022 11:13:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:96:e8:e6:6b:9b:c2:b2:75:a9:ed:f3:ac:c2:e9:92:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 11:13:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bda1b18f4ec81ab02130ea69bf888224e395df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7e:4a:01:21:54:a1:ef:f6:ce:d5:4f:4c:f8:
33:d0:b0:44:47:e1:f5:dc:c5:c7:bc:60:07:c5:b7:
bf:b6:80:c4:ef:39:1c:f1:97:53:7a:d3:d1:2b:58:
5b:9e:93:a8:40:55:6f:5f:7b:2e:4d:53:bc:69:e1:
d5:5e:f7:2b:36:7b:42:c3:d3:bb:46:88:b5:df:9f:
a2:86:06:2c:ad:29:ed:7e:9a:f3:81:35:bc:6f:83:
dd:c7:6a:46:76:bb:b5:c4:ed:b7:8e:91:df:36:17:
d4:13:b8:a0:32:90:11:1c:f8:26:c3:be:5a:ff:02:
d8:1d:79:f1:03:1e:94:b1:ac:a3:da:35:6c:bd:8d:
39:2a:34:ce:cf:5d:fc:74:4f:c7:1d:fa:d7:64:76:
f2:bb:6e:87:03:41:40:d6:91:2d:44:ea:da:5f:15:
26:6b:d6:24:af:e4:55:c2:81:fb:0b:6a:5a:1c:5d:
f5:1b:eb:69:02:d6:e7:f7:27:b1:4a:08:88:6a:62:
b8:da:f4:67:91:1f:36:ac:b8:1e:4e:07:e3:ca:ed:
01:95:ef:8c:91:dd:75:31:51:ed:da:e3:f4:86:b1:
8f:65:ef:0d:1b:88:5b:89:e6:68:ac:4b:19:9e:45:
78:3d:6d:a3:18:2a:f7:ae:5e:01:7a:c7:1e:29:c2:
6e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DA:1B:18:F4:EC:81:AB:02:13:0E:A6:9B:F8:88:22:4E:39:5D:F8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i9obGPTsgasCEw6mm_iIIk45Xfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:b9:2b:55:19:c4:7c:fd:44:4c:14:30:ff:6e:49:24:b5:b0:
53:b3:fb:ec:65:e4:96:79:4a:85:f8:60:12:99:45:09:28:13:
c8:f1:fc:19:c9:09:c6:19:b4:ad:fb:71:9f:c3:fc:10:7c:bd:
79:ac:b6:2f:07:64:88:72:d0:85:16:78:c7:2a:e9:be:64:14:
75:8d:57:29:74:86:60:1f:c4:34:0c:dd:84:d4:42:e0:ae:53:
39:38:26:63:e2:02:5c:a7:ba:b8:5e:bd:4a:9d:65:fd:71:63:
92:c5:3f:08:65:b6:b1:27:b0:35:b4:83:03:70:9f:55:49:ef:
97:e4:24:6d:33:4f:37:5d:3a:64:e9:26:5b:6f:e4:d7:14:48:
a6:4e:9e:6a:94:ca:b0:2b:69:fd:f6:62:89:fb:0a:e7:48:fe:
99:48:db:81:60:60:0d:e1:7c:73:54:bc:a4:95:ea:01:2a:f4:
45:06:ee:08:c3:01:ba:4d:c2:b0:c9:9b:e5:92:9f:b0:ea:3f:
41:a8:c5:11:e9:3d:29:ab:2b:1f:b8:ff:dd:1d:e6:37:f8:dd:
b6:1f:fa:dc:20:55:62:7b:b0:d1:c6:26:c6:b7:90:81:14:7b:
5a:1c:c4:60:eb:86:e7:01:ce:c4:85:1a:94:7d:40:42:f7:de:
14:8e:37:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKW6OZrm8Kydant86zC6ZL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODEzMTExMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRhMWIxOGY0ZWM4MWFiMDIxMzBlYTY5YmY4ODgyMjRlMzk1ZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn5KASFUoe/2ztVPTPgz0LBER+H1
3MXHvGAHxbe/toDE7zkc8ZdTetPRK1hbnpOoQFVvX3suTVO8aeHVXvcrNntCw9O7
Roi135+ihgYsrSntfprzgTW8b4Pdx2pGdru1xO23jpHfNhfUE7igMpARHPgmw75a
/wLYHXnxAx6Usayj2jVsvY05KjTOz138dE/HHfrXZHbyu26HA0FA1pEtROraXxUm
a9Ykr+RVwoH7C2paHF31G+tpAtbn9yexSgiIamK42vRnkR82rLgeTgfjyu0Ble+M
kd11MVHt2uP0hrGPZe8NG4hbieZorEsZnkV4PW2jGCr3rl4BesceKcJuxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIvaGxj07IGrAhMOppv4iCJOOV34MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaTlvYkdQVHNnYXNDRXc2bW1faUlJazQ1WGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJG5K1UZxHz9REwUMP9u
SSS1sFOz++xl5JZ5SoX4YBKZRQkoE8jx/BnJCcYZtK37cZ/D/BB8vXmsti8HZIhy
0IUWeMcq6b5kFHWNVyl0hmAfxDQM3YTUQuCuUzk4JmPiAlynurhevUqdZf1xY5LF
PwhltrEnsDW0gwNwn1VJ75fkJG0zTzddOmTpJltv5NcUSKZOnmqUyrAraf32Yon7
CudI/plI24FgYA3hfHNUvKSV6gEq9EUG7gjDAbpNwrDJm+WSn7DqP0GoxRHpPSmr
Kx+4/90d5jf43bYf+twgVWJ7sNHGJsa3kIEUe1ocxGDrhucBzsSFGpR9QEL33hSO
N6Q=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:08:55 2025 by rpki-client