Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iLMPBtIZPLcUeKy8sOOrTHt092w.roa
File: iLMPBtIZPLcUeKy8sOOrTHt092w.roa (raw, json)
Hash identifier: vDCTz+fCiQsv6I/wudVJGzI5qk0w+MNdJu3Zsdfuw7U=
Subject key identifier: 88:B3:0F:06:D2:19:3C:B7:14:78:AC:BC:B0:E3:AB:4C:7B:74:F7:6C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C0771BE3872A3404D09898B07C2F96A5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iLMPBtIZPLcUeKy8sOOrTHt092w.roa
Signing time: Fri 04 Aug 2023 12:12:58 +0000
ROA not before: Fri 04 Aug 2023 12:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:77:1b:e3:87:2a:34:04:d0:98:98:b0:7c:2f:96:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 12:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88b30f06d2193cb71478acbcb0e3ab4c7b74f76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4e:cd:13:ed:88:06:0c:b5:3d:3a:30:00:0d:
b4:93:97:fa:84:31:89:50:09:09:0a:f1:9a:77:a6:
7e:65:69:a4:09:4b:d0:d9:ce:c8:ca:86:e7:fe:fd:
e0:cc:93:bb:cb:f2:83:c8:d7:fa:9b:58:44:ad:4d:
ce:57:51:da:a5:e1:ab:a4:1b:fb:cd:bc:0f:8e:de:
33:af:b5:d5:53:a1:d7:f1:1c:2e:d0:25:cd:7f:17:
eb:f6:c4:f4:bb:f4:c8:29:b2:ad:b9:29:0c:82:77:
b7:39:24:d1:03:a2:fb:a4:16:d6:d0:93:2f:f2:de:
25:ed:2b:17:4c:93:58:3f:75:e9:1b:9f:a4:16:fc:
14:92:08:1d:55:fc:36:94:51:e0:cb:a6:7e:ee:5e:
d5:17:c9:7f:35:18:b8:0a:0d:6f:97:df:3c:33:5e:
d5:03:ed:e9:a6:5a:ce:ae:5d:78:e7:31:0a:78:6c:
6f:07:a1:0c:ea:cf:ac:9d:79:6c:82:c6:d9:64:8f:
83:f3:68:f1:56:18:20:fb:1e:9a:06:2b:c3:ec:45:
dd:5c:ad:3a:38:25:97:90:92:af:75:f5:ee:2e:18:
c7:b7:e1:f6:c9:ec:f5:b9:5a:07:fe:a6:dc:97:5b:
6c:d8:1c:4f:7e:83:cb:e6:c6:7d:36:21:6b:45:03:
d3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B3:0F:06:D2:19:3C:B7:14:78:AC:BC:B0:E3:AB:4C:7B:74:F7:6C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iLMPBtIZPLcUeKy8sOOrTHt092w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:21:7b:ad:67:b1:ef:49:05:70:6a:16:1e:81:86:9c:e4:da:
e7:b5:c9:b1:8a:2d:d9:91:7e:f8:df:e1:c8:09:74:1d:1f:fd:
44:96:85:a0:d6:e2:67:f2:de:fb:0c:c2:00:85:2f:c2:5b:b7:
be:51:d3:fb:a7:99:6e:d6:4d:7d:c1:8a:c6:27:e6:8f:8a:31:
18:eb:b1:02:ad:a1:1f:e8:a9:de:7a:4f:b6:70:27:b2:37:7d:
a6:e2:96:9e:be:20:d8:92:78:91:e9:9d:30:5f:90:78:b1:e1:
2d:e5:13:b9:17:5c:6d:7e:a3:fe:37:13:a7:fd:e5:c7:5a:80:
32:07:df:55:94:0c:17:82:fb:e0:d7:e9:78:a6:1a:85:88:15:
3d:c7:a9:3f:12:a6:f6:71:93:38:97:b6:3a:08:67:02:07:c1:
b0:6e:e2:13:b4:62:ce:e5:e0:24:7a:26:be:1b:73:24:0c:fa:
b1:83:40:75:1f:95:fd:fe:25:f3:8f:72:cc:44:73:02:21:99:
dd:5a:60:ed:3c:8b:67:26:88:38:38:35:a2:8e:10:34:64:40:
f2:58:ba:6c:f8:bd:b5:3b:17:26:2d:6a:ac:5d:cc:88:02:d8:
3f:a5:a6:1b:bc:67:ff:44:8e:7c:c5:c1:51:b9:42:9e:69:46:
72:6e:d5:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnAdxvjhyo0BNCYmLB8L5alMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MTIxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGIzMGYwNmQyMTkzY2I3MTQ3OGFjYmNiMGUzYWI0YzdiNzRmNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE7NE+2IBgy1PTowAA20k5f6hDGJ
UAkJCvGad6Z+ZWmkCUvQ2c7Iyobn/v3gzJO7y/KDyNf6m1hErU3OV1HapeGrpBv7
zbwPjt4zr7XVU6HX8Rwu0CXNfxfr9sT0u/TIKbKtuSkMgne3OSTRA6L7pBbW0JMv
8t4l7SsXTJNYP3XpG5+kFvwUkggdVfw2lFHgy6Z+7l7VF8l/NRi4Cg1vl988M17V
A+3pplrOrl145zEKeGxvB6EM6s+snXlsgsbZZI+D82jxVhgg+x6aBivD7EXdXK06
OCWXkJKvdfXuLhjHt+H2yez1uVoH/qbcl1ts2BxPfoPL5sZ9NiFrRQPTYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIizDwbSGTy3FHisvLDjq0x7dPdsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaUxNUEJ0SVpQTGNVZUt5OHNPT3JUSHQwOTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACwhe61nse9JBXBqFh6B
hpzk2ue1ybGKLdmRfvjf4cgJdB0f/USWhaDW4mfy3vsMwgCFL8Jbt75R0/unmW7W
TX3BisYn5o+KMRjrsQKtoR/oqd56T7ZwJ7I3fabilp6+INiSeJHpnTBfkHix4S3l
E7kXXG1+o/43E6f95cdagDIH31WUDBeC++DX6XimGoWIFT3HqT8SpvZxkziXtjoI
ZwIHwbBu4hO0Ys7l4CR6Jr4bcyQM+rGDQHUflf3+JfOPcsxEcwIhmd1aYO08i2cm
iDg4NaKOEDRkQPJYumz4vbU7FyYtaqxdzIgC2D+lphu8Z/9EjnzFwVG5Qp5pRnJu
1YA=
-----END CERTIFICATE-----
Generated at Thu May 1 01:26:52 2025 by rpki-client