Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iGWiE7MUziBcjqmu3L7KqzcZz_4.roa
File: iGWiE7MUziBcjqmu3L7KqzcZz_4.roa (raw, json)
Hash identifier: Kq18hY8ylnck5x2jPb4NABAmOFUhDJHfBDQmJrpnth8=
Subject key identifier: 88:65:A2:13:B3:14:CE:20:5C:8E:A9:AE:DC:BE:CA:AB:37:19:CF:FE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018689942DB3A5E90CF200674F3A0C7E22A3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iGWiE7MUziBcjqmu3L7KqzcZz_4.roa
Signing time: Sat 25 Feb 2023 17:17:15 +0000
ROA not before: Sat 25 Feb 2023 17:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:94:2d:b3:a5:e9:0c:f2:00:67:4f:3a:0c:7e:22:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 17:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8865a213b314ce205c8ea9aedcbecaab3719cffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:c0:20:cb:6c:41:01:cb:62:e6:60:f1:8d:
bb:37:a5:bb:60:72:94:88:4d:b5:44:47:df:d9:a8:
50:8f:e9:43:75:40:ae:52:2a:81:54:41:da:c7:80:
17:6e:eb:a2:40:0d:5b:2e:82:21:6b:c7:dd:9e:3e:
00:39:21:eb:5d:3f:11:26:48:c6:e0:a9:80:d0:06:
66:84:57:2c:d7:d0:ba:7b:31:bf:87:dd:40:25:dd:
1a:b7:64:ed:e3:2f:22:aa:0e:d4:1d:dc:4c:53:35:
43:6b:f4:bb:57:7c:18:04:58:18:0f:63:14:74:67:
de:e8:27:f2:a4:f8:d2:04:ea:de:6f:72:84:ef:ad:
cf:5c:cb:ed:a4:73:17:55:3e:5b:3e:d8:b7:ed:5b:
61:73:ef:0e:df:a7:29:64:12:89:99:f0:cb:79:bc:
06:e8:e6:e9:92:52:d4:43:44:72:12:ae:a7:c3:24:
69:fd:ec:68:1a:2a:ec:90:a4:3d:03:54:9f:3a:45:
79:a3:31:3c:62:1f:d7:96:12:54:ca:f4:ae:97:b1:
bf:09:47:3a:6a:cd:8d:5d:9b:44:67:fe:15:e6:51:
13:eb:54:ce:1e:27:11:5a:88:8b:f7:76:39:8e:a7:
2e:92:f5:25:51:eb:16:45:00:35:dd:dc:f3:09:37:
3d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:65:A2:13:B3:14:CE:20:5C:8E:A9:AE:DC:BE:CA:AB:37:19:CF:FE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iGWiE7MUziBcjqmu3L7KqzcZz_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:05:1a:c1:d1:ac:3c:13:b6:18:e1:fe:c9:9e:c5:da:6b:79:
03:2b:f6:6a:e3:c7:6d:ee:41:1c:a7:90:0a:5c:5f:14:1f:62:
9d:07:02:a8:7e:81:94:57:e3:8c:d7:5c:39:80:c0:d0:fe:73:
46:48:98:7d:87:7e:39:f9:01:ce:83:61:08:cd:85:da:26:e2:
ee:8e:85:ef:b1:fe:2b:51:ee:22:b4:68:36:1e:71:bd:67:9f:
af:af:d0:c5:47:bd:3e:3a:e2:e9:0e:72:72:49:1e:a6:22:7c:
68:a7:e2:bc:1c:79:53:5f:94:67:37:1c:0c:1c:ae:93:43:9a:
57:be:bf:10:67:1f:06:b7:65:e8:24:be:fd:be:19:04:0a:54:
9d:d0:61:31:66:d7:e3:72:4f:21:a5:1f:21:9c:12:3e:60:2a:
92:ab:6c:b4:16:ad:03:7f:64:39:39:83:bd:25:b8:f3:96:49:
a4:8a:51:48:2b:bf:80:8a:91:f8:1e:8d:46:32:4f:8a:45:84:
5b:9f:97:c2:12:7c:94:8e:36:87:86:95:9d:8f:76:9f:3f:bd:
60:1d:c0:03:f9:cf:24:da:9d:28:a5:6a:b5:db:4a:24:ba:6a:
42:33:f1:bd:09:51:31:5c:b6:10:20:61:4a:12:2b:b3:44:e1:
e1:52:a4:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaJlC2zpekM8gBnTzoMfiKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTcxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODY1YTIxM2IzMTRjZTIwNWM4ZWE5YWVkY2JlY2FhYjM3MTljZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGXAIMtsQQHLYuZg8Y27N6W7YHKU
iE21REff2ahQj+lDdUCuUiqBVEHax4AXbuuiQA1bLoIha8fdnj4AOSHrXT8RJkjG
4KmA0AZmhFcs19C6ezG/h91AJd0at2Tt4y8iqg7UHdxMUzVDa/S7V3wYBFgYD2MU
dGfe6CfypPjSBOreb3KE763PXMvtpHMXVT5bPti37Vthc+8O36cpZBKJmfDLebwG
6ObpklLUQ0RyEq6nwyRp/exoGirskKQ9A1SfOkV5ozE8Yh/XlhJUyvSul7G/CUc6
as2NXZtEZ/4V5lET61TOHicRWoiL93Y5jqcukvUlUesWRQA13dzzCTc9NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhlohOzFM4gXI6prty+yqs3Gc/+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaUdXaUU3TVV6aUJjanFtdTNMN0txemNael80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUFGsHRrDwTthjh/sme
xdpreQMr9mrjx23uQRynkApcXxQfYp0HAqh+gZRX44zXXDmAwND+c0ZImH2Hfjn5
Ac6DYQjNhdom4u6Ohe+x/itR7iK0aDYecb1nn6+v0MVHvT464ukOcnJJHqYifGin
4rwceVNflGc3HAwcrpNDmle+vxBnHwa3Zegkvv2+GQQKVJ3QYTFm1+NyTyGlHyGc
Ej5gKpKrbLQWrQN/ZDk5g70luPOWSaSKUUgrv4CKkfgejUYyT4pFhFufl8ISfJSO
NoeGlZ2Pdp8/vWAdwAP5zyTanSilarXbSiS6akIz8b0JUTFcthAgYUoSK7NE4eFS
pJo=
-----END CERTIFICATE-----
Generated at Fri May 2 21:37:21 2025 by rpki-client