Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iVzNfEl8MTzbsge8rtxBitsOVgw.roa
File: iVzNfEl8MTzbsge8rtxBitsOVgw.roa (raw, json)
Hash identifier: 0L2JDIioW0mVe5c9mOd47qmrN8rdYAYVHhpD4UwiUL4=
Subject key identifier: 89:5C:CD:7C:49:7C:31:3C:DB:B2:07:BC:AE:DC:41:8A:DB:0E:56:0C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A217C77728CEBF9E267F88A21B4457EB8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iVzNfEl8MTzbsge8rtxBitsOVgw.roa
Signing time: Wed 23 Aug 2023 08:21:59 +0000
ROA not before: Wed 23 Aug 2023 08:21:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:7c:77:72:8c:eb:f9:e2:67:f8:8a:21:b4:45:7e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 23 08:21:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=895ccd7c497c313cdbb207bcaedc418adb0e560c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:e9:fb:f8:7b:63:1b:ad:ac:11:6d:79:17:
28:79:3c:61:e4:bc:d6:54:be:80:35:39:d6:62:8e:
0d:05:9f:8d:7f:2e:2b:31:c0:20:70:1e:24:44:13:
7e:63:aa:48:a6:dc:13:e5:15:39:5d:98:c3:bc:5f:
ed:dd:a9:58:67:a5:bf:7c:63:2d:a1:0f:14:af:ba:
9d:ee:85:12:38:c6:3c:44:d9:92:0b:4f:ab:32:4a:
d5:cf:c6:39:c5:c0:8b:c3:94:2f:2e:e4:fb:d2:f8:
3f:74:b0:b5:d4:81:cf:ca:b4:04:ea:e2:77:b7:6f:
8f:21:c7:6c:38:91:d6:3b:87:76:51:9e:14:7d:6c:
92:64:26:a6:db:17:a2:d7:cb:54:e1:09:6f:50:d4:
93:aa:b2:08:25:fd:91:c2:ee:85:3f:20:7a:e7:da:
01:b7:71:06:dc:47:18:af:17:1c:14:77:2f:de:02:
a0:41:49:58:65:fa:6d:ef:f8:ca:a9:27:ec:6c:de:
42:78:f8:40:7c:a5:8f:0d:a9:b9:5c:43:d0:69:84:
39:ed:a7:fc:10:3c:00:12:24:34:19:e8:6b:46:a8:
b9:34:a8:d2:c3:23:2f:a3:90:6a:89:39:c5:08:44:
4c:7e:12:e1:50:f0:7e:d3:f8:7b:41:5f:22:d2:60:
f6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5C:CD:7C:49:7C:31:3C:DB:B2:07:BC:AE:DC:41:8A:DB:0E:56:0C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iVzNfEl8MTzbsge8rtxBitsOVgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:f1:33:37:ab:ec:08:30:c7:2b:eb:df:88:a8:b9:ff:5d:d3:
90:98:36:c2:b2:e3:f1:5d:65:16:73:87:91:ed:85:cc:f6:d5:
e5:0d:da:cf:06:fa:f3:42:28:3f:0f:b1:3b:9f:d0:f2:e6:98:
62:5c:dc:72:ab:6b:b2:8d:74:27:d7:f0:ae:7a:db:e7:b7:ad:
50:ee:07:5b:73:63:65:44:07:13:a3:08:f4:d3:29:4b:1c:e6:
1b:cc:c9:ec:ae:b7:0f:d7:48:e6:3a:84:43:00:6c:3e:b5:7a:
6d:94:01:a8:26:e0:6a:f8:d9:55:88:0c:a3:9c:2a:18:f1:6f:
c0:c5:a8:d1:70:64:da:df:a4:c0:b2:4a:eb:31:c5:90:4c:aa:
6f:de:7d:ee:40:06:72:22:f3:97:4b:6b:76:15:f8:e8:94:8a:
b8:1d:ee:49:ba:4e:74:5f:b5:ee:2c:fe:27:db:c7:5e:ec:3f:
2e:2a:2b:c0:a3:18:f8:2c:85:17:7c:30:c2:ac:13:3f:43:b2:
3b:ac:c4:48:57:97:7b:89:da:34:ba:5f:84:67:f3:05:6b:8b:
7b:d8:ee:b3:2a:55:7b:2e:1e:47:b7:6d:15:0a:77:22:7f:6d:
b8:0e:1d:f8:97:86:91:2d:bb:f1:3c:81:b6:47:37:09:8c:01:
bb:63:92:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYohfHdyjOv54mf4iiG0RX64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIzMDgyMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVjY2Q3YzQ5N2MzMTNjZGJiMjA3YmNhZWRjNDE4YWRiMGU1NjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUPp+/h7YxutrBFteRcoeTxh5LzW
VL6ANTnWYo4NBZ+Nfy4rMcAgcB4kRBN+Y6pIptwT5RU5XZjDvF/t3alYZ6W/fGMt
oQ8Ur7qd7oUSOMY8RNmSC0+rMkrVz8Y5xcCLw5QvLuT70vg/dLC11IHPyrQE6uJ3
t2+PIcdsOJHWO4d2UZ4UfWySZCam2xei18tU4QlvUNSTqrIIJf2Rwu6FPyB659oB
t3EG3EcYrxccFHcv3gKgQUlYZfpt7/jKqSfsbN5CePhAfKWPDam5XEPQaYQ57af8
EDwAEiQ0GehrRqi5NKjSwyMvo5BqiTnFCERMfhLhUPB+0/h7QV8i0mD2OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIlczXxJfDE827IHvK7cQYrbDlYMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaVZ6TmZFbDhNVHpic2dlOHJ0eEJpdHNPVmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAHxMzer7Agwxyvr34io
uf9d05CYNsKy4/FdZRZzh5Hthcz21eUN2s8G+vNCKD8PsTuf0PLmmGJc3HKra7KN
dCfX8K562+e3rVDuB1tzY2VEBxOjCPTTKUsc5hvMyeyutw/XSOY6hEMAbD61em2U
Aagm4Gr42VWIDKOcKhjxb8DFqNFwZNrfpMCySusxxZBMqm/efe5ABnIi85dLa3YV
+OiUirgd7km6TnRfte4s/ifbx17sPy4qK8CjGPgshRd8MMKsEz9DsjusxEhXl3uJ
2jS6X4Rn8wVri3vY7rMqVXsuHke3bRUKdyJ/bbgOHfiXhpEtu/E8gbZHNwmMAbtj
kgE=
-----END CERTIFICATE-----
Generated at Thu May 1 06:11:17 2025 by rpki-client