Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iE0xmm6DOLFr5U87evdp1UxfnSA.roa
File: iE0xmm6DOLFr5U87evdp1UxfnSA.roa (raw, json)
Hash identifier: tRUmyBjpVxsD9UHxvuIDGm9qqDrJ33zJxJYFZVLww74=
Subject key identifier: 88:4D:31:9A:6E:83:38:B1:6B:E5:4F:3B:7A:F7:69:D5:4C:5F:9D:20
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D7A3BAFD5748264D88907DE135675281
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iE0xmm6DOLFr5U87evdp1UxfnSA.roa
Signing time: Wed 09 Aug 2023 00:12:58 +0000
ROA not before: Wed 09 Aug 2023 00:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d7:a3:ba:fd:57:48:26:4d:88:90:7d:e1:35:67:52:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 9 00:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=884d319a6e8338b16be54f3b7af769d54c5f9d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f6:55:0a:d9:fd:39:d0:93:5e:6d:98:f1:36:
d6:c7:83:73:40:82:1b:76:0f:2d:2f:18:59:ea:ca:
04:b1:4c:82:44:8c:3c:66:07:31:d4:ed:4c:27:5a:
12:5c:72:42:76:78:ae:1c:98:dd:64:8f:5b:73:ca:
02:72:2f:b6:be:8f:42:35:5d:80:c5:cd:19:ec:30:
62:1e:5e:e7:ec:4d:94:a1:5e:84:49:7f:a7:a0:9d:
d4:f9:cf:db:80:a3:42:4f:18:96:09:f3:21:9d:cf:
13:0f:aa:be:cd:a3:3a:7c:c8:1e:de:1c:84:e5:55:
cc:68:a9:b5:8f:54:64:37:a4:54:b8:7e:b5:9f:71:
5e:a7:2c:40:70:83:ae:a8:8f:a8:95:b2:79:3f:d8:
34:4e:5a:5d:51:ec:9a:3c:8e:83:d4:fa:a4:29:f5:
53:98:ca:6e:71:e3:9f:19:d7:f4:79:ff:5b:bc:c9:
2c:f8:33:fd:b5:d4:d1:62:95:71:f6:70:d1:51:7c:
dd:5b:87:c7:c6:32:e6:7e:c0:34:a7:6a:95:68:d2:
2c:70:05:22:8e:c1:b0:b6:44:b9:41:73:5a:a9:fe:
6b:cb:a4:30:de:21:89:8b:99:68:04:e2:b8:e3:a8:
a4:ae:5a:20:c6:80:98:ed:af:f0:25:c2:73:b0:c8:
a3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4D:31:9A:6E:83:38:B1:6B:E5:4F:3B:7A:F7:69:D5:4C:5F:9D:20
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iE0xmm6DOLFr5U87evdp1UxfnSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:aa:1b:66:a0:ce:b3:c7:74:38:f0:c5:b6:8c:45:84:b2:73:
bf:5f:86:5f:a8:82:86:81:04:d3:4e:ee:53:29:cc:ab:35:2f:
17:ea:f3:e5:3a:97:5e:85:29:b7:30:00:dc:4b:09:cd:b5:f9:
d8:97:10:14:87:93:89:c1:8d:c2:4e:92:6f:7d:e3:f6:05:67:
21:5e:9a:01:d5:16:36:af:e2:76:cf:78:c8:23:8b:97:84:fa:
ab:f0:74:84:76:12:5d:d0:d4:13:0f:02:3c:d6:da:5d:da:9c:
43:2f:fb:03:ce:f7:e1:be:9a:06:85:1a:2d:31:74:c1:13:9f:
a9:a8:39:07:88:90:ed:31:22:42:a2:9f:0f:8d:02:4b:c8:5a:
23:25:e3:ab:08:6e:27:fb:56:72:22:a2:fc:be:7b:00:2e:f4:
38:1a:3e:ae:62:6e:97:09:7a:cd:5b:22:80:16:13:4a:dd:b7:
5d:1a:11:0f:53:39:fb:4b:fb:41:26:23:4e:a8:0d:f4:2d:7a:
49:22:bb:f6:90:73:f6:f5:ca:09:93:28:41:5b:5a:24:2b:5e:
98:4a:a7:3d:4e:1d:07:bc:a0:62:78:ee:d4:3c:4a:f9:ba:1b:
ac:61:5b:27:e4:71:e0:a4:4b:da:39:7d:27:0f:38:7f:db:17:
e6:7a:36:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnXo7r9V0gmTYiQfeE1Z1KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA5MDAxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRkMzE5YTZlODMzOGIxNmJlNTRmM2I3YWY3NjlkNTRjNWY5ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfZVCtn9OdCTXm2Y8TbWx4NzQIIb
dg8tLxhZ6soEsUyCRIw8Zgcx1O1MJ1oSXHJCdniuHJjdZI9bc8oCci+2vo9CNV2A
xc0Z7DBiHl7n7E2UoV6ESX+noJ3U+c/bgKNCTxiWCfMhnc8TD6q+zaM6fMge3hyE
5VXMaKm1j1RkN6RUuH61n3FepyxAcIOuqI+olbJ5P9g0TlpdUeyaPI6D1PqkKfVT
mMpuceOfGdf0ef9bvMks+DP9tdTRYpVx9nDRUXzdW4fHxjLmfsA0p2qVaNIscAUi
jsGwtkS5QXNaqf5ry6Qw3iGJi5loBOK446ikrlogxoCY7a/wJcJzsMijtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhNMZpugzixa+VPO3r3adVMX50gMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaUUweG1tNkRPTEZyNVU4N2V2ZHAxVXhmblNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA6qG2agzrPHdDjwxbaM
RYSyc79fhl+ogoaBBNNO7lMpzKs1Lxfq8+U6l16FKbcwANxLCc21+diXEBSHk4nB
jcJOkm994/YFZyFemgHVFjav4nbPeMgji5eE+qvwdIR2El3Q1BMPAjzW2l3anEMv
+wPO9+G+mgaFGi0xdMETn6moOQeIkO0xIkKinw+NAkvIWiMl46sIbif7VnIiovy+
ewAu9DgaPq5ibpcJes1bIoAWE0rdt10aEQ9TOftL+0EmI06oDfQtekkiu/aQc/b1
ygmTKEFbWiQrXphKpz1OHQe8oGJ47tQ8Svm6G6xhWyfkceCkS9o5fScPOH/bF+Z6
Nkg=
-----END CERTIFICATE-----
Generated at Thu May 1 00:42:19 2025 by rpki-client