Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iF233sA_6a-EhTiYUOezVhVqcPI.roa
File: iF233sA_6a-EhTiYUOezVhVqcPI.roa (raw, json)
Hash identifier: ZIwGJlp/1aFc+p7gvgvgIOno4QI9AGyKi0GUo+PihWU=
Subject key identifier: 88:5D:B7:DE:C0:3F:E9:AF:84:85:38:98:50:E7:B3:56:15:6A:70:F2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2E84083444FE3290098681FA224E3A9F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iF233sA_6a-EhTiYUOezVhVqcPI.roa
Signing time: Fri 25 Aug 2023 21:05:19 +0000
ROA not before: Fri 25 Aug 2023 21:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:2e83:5657/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2e:84:08:34:44:fe:32:90:09:86:81:fa:22:4e:3a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 25 21:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=885db7dec03fe9af8485389850e7b356156a70f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:be:bf:59:23:54:07:e4:99:33:ef:cb:97:67:
e4:29:7f:43:c1:8a:a7:ea:79:e3:33:87:b8:51:0b:
23:ba:06:0e:09:4e:fd:c2:1f:4a:cc:79:d8:ca:16:
a3:83:8a:12:99:49:cf:41:4a:06:b5:3b:0c:d6:78:
27:6f:67:ee:91:5a:15:6b:07:e3:99:88:1a:da:a8:
d2:36:99:c7:b3:4d:23:24:7f:16:a9:70:6e:f8:1d:
8f:41:60:28:b5:18:82:25:38:1b:a5:0c:c4:85:67:
f4:09:cb:61:32:48:46:72:3f:f8:f9:1c:dc:d5:04:
47:45:b5:a0:78:ba:0c:36:bd:9d:87:3f:d2:ca:f1:
1f:ea:1c:8c:9b:47:09:a2:21:e3:eb:66:e0:76:75:
33:e2:e7:5b:21:7d:42:a5:86:9c:43:e4:fd:70:e5:
d0:02:23:60:26:17:9e:2b:52:a6:af:0a:e1:68:47:
1b:25:4a:d4:83:b0:a7:f1:d4:4b:1b:06:ea:37:76:
10:d2:5c:ed:08:d6:70:a0:bd:d1:77:93:f9:7c:1c:
44:6b:cc:82:38:55:38:eb:eb:c1:b6:f4:53:4c:bc:
af:0d:7b:4d:35:f1:b2:d3:6a:7b:07:49:d6:63:45:
00:4c:22:37:b4:10:e7:6c:55:48:b7:a6:3c:1b:a3:
f3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5D:B7:DE:C0:3F:E9:AF:84:85:38:98:50:E7:B3:56:15:6A:70:F2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iF233sA_6a-EhTiYUOezVhVqcPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:7e:54:1f:d2:ff:96:04:d2:09:a5:06:dd:9b:c6:d4:9b:cf:
59:61:f3:26:27:47:3c:c0:b6:cc:68:91:42:59:48:a7:a7:29:
df:ae:57:08:31:9f:45:7c:1b:94:44:0b:bb:10:0e:10:6e:cf:
92:73:49:40:2c:08:f3:2a:a0:44:20:eb:bf:5f:a4:a4:49:7d:
15:5b:ef:62:56:de:2a:ea:f5:26:fb:a1:8b:b3:4b:38:00:aa:
d9:a2:68:5b:bf:60:21:66:8e:38:7a:3c:d2:de:35:03:32:96:
bd:6e:76:9a:dc:e1:41:df:58:ad:b5:49:50:72:22:e1:d9:84:
89:b8:43:4c:8d:fc:eb:e7:74:07:61:1e:f3:a4:b2:29:1b:d5:
96:8e:ea:bc:de:eb:c0:3c:03:31:ef:40:c2:87:a7:d7:a1:e3:
44:3a:1c:c5:37:54:73:00:0b:76:31:a6:04:32:70:5a:7d:b1:
72:29:04:6b:56:eb:22:4c:48:ce:6b:75:99:c8:20:6d:a0:fa:
20:75:c8:20:60:15:b8:fe:56:64:27:a4:76:7e:b2:a6:81:ca:
fc:5c:1e:f7:50:a1:de:f9:8c:60:a1:93:1e:94:d2:a5:ac:f1:
22:03:bf:f9:f7:02:29:68:39:ab:1f:a0:2b:26:fb:6e:9c:14:
64:dd:eb:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYouhAg0RP4ykAmGgfoiTjqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI1MjEwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODVkYjdkZWMwM2ZlOWFmODQ4NTM4OTg1MGU3YjM1NjE1NmE3MGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA176/WSNUB+SZM+/Ll2fkKX9DwYqn
6nnjM4e4UQsjugYOCU79wh9KzHnYyhajg4oSmUnPQUoGtTsM1ngnb2fukVoVawfj
mYga2qjSNpnHs00jJH8WqXBu+B2PQWAotRiCJTgbpQzEhWf0CcthMkhGcj/4+Rzc
1QRHRbWgeLoMNr2dhz/SyvEf6hyMm0cJoiHj62bgdnUz4udbIX1CpYacQ+T9cOXQ
AiNgJheeK1KmrwrhaEcbJUrUg7Cn8dRLGwbqN3YQ0lztCNZwoL3Rd5P5fBxEa8yC
OFU46+vBtvRTTLyvDXtNNfGy02p7B0nWY0UATCI3tBDnbFVIt6Y8G6Pz8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhdt97AP+mvhIU4mFDns1YVanDyMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaUYyMzNzQV82YS1FaFRpWVVPZXpWaFZxY1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFx+VB/S/5YE0gmlBt2b
xtSbz1lh8yYnRzzAtsxokUJZSKenKd+uVwgxn0V8G5REC7sQDhBuz5JzSUAsCPMq
oEQg679fpKRJfRVb72JW3irq9Sb7oYuzSzgAqtmiaFu/YCFmjjh6PNLeNQMylr1u
dprc4UHfWK21SVByIuHZhIm4Q0yN/OvndAdhHvOksikb1ZaO6rze68A8AzHvQMKH
p9eh40Q6HMU3VHMAC3YxpgQycFp9sXIpBGtW6yJMSM5rdZnIIG2g+iB1yCBgFbj+
VmQnpHZ+sqaByvxcHvdQod75jGChkx6U0qWs8SIDv/n3AiloOasfoCsm+26cFGTd
6zM=
-----END CERTIFICATE-----
Generated at Thu May 1 12:52:52 2025 by rpki-client