Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iWMSAlCKeVTU3mGGcxM1qz7TRMM.roa
File: iWMSAlCKeVTU3mGGcxM1qz7TRMM.roa (raw, json)
Hash identifier: PH/ioujZq+AkB6Ti24v/Mw4QTFnEPSiJXMlNc6tNAyw=
Subject key identifier: 89:63:12:02:50:8A:79:54:D4:DE:61:86:73:13:35:AB:3E:D3:44:C3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E7F285D229C6A85B740B939E4592D610
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iWMSAlCKeVTU3mGGcxM1qz7TRMM.roa
Signing time: Sat 12 Aug 2023 04:12:58 +0000
ROA not before: Sat 12 Aug 2023 04:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e7:f2:85:d2:29:c6:a8:5b:74:0b:93:9e:45:92:d6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 12 04:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89631202508a7954d4de6186731335ab3ed344c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c4:fb:a4:28:df:0b:bf:5e:53:74:70:76:ae:
a6:bb:34:0e:eb:c8:94:d6:84:f4:a3:41:d5:b4:ed:
5a:df:15:44:ff:48:82:38:53:60:72:d7:b5:3e:ef:
a4:6d:53:88:86:5a:32:57:64:af:8e:98:d7:e3:5f:
ae:37:92:8f:c7:5e:64:32:60:07:86:78:4f:2f:11:
1e:7e:56:c6:3b:cd:39:21:43:29:c2:46:e9:62:61:
c6:dd:86:7f:c7:2d:bb:a5:5e:a6:05:60:00:ce:bc:
45:d6:1b:47:c4:38:ec:86:93:f9:5b:15:4a:57:91:
65:51:2e:c0:0f:d4:e5:29:df:c9:83:f4:92:a1:f3:
03:00:28:8d:d1:e3:e3:ee:0b:97:ef:4b:d4:86:df:
36:34:fd:1f:02:19:29:1b:4c:b6:46:01:17:ea:23:
8a:4e:89:73:87:1f:76:17:10:01:03:9b:60:85:53:
99:85:eb:b3:6b:3a:e6:55:4c:e1:b8:50:5f:cd:be:
61:84:c7:d7:b8:17:bc:38:0b:f2:ae:96:dd:99:d8:
d7:24:e2:31:12:2f:c6:e8:70:4f:f1:bc:f3:bb:92:
c6:ea:f2:66:74:40:3d:16:0a:f8:e8:d9:97:cd:b7:
0f:87:c6:6b:62:32:7b:21:8d:0e:f0:e4:c2:11:ec:
1f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:63:12:02:50:8A:79:54:D4:DE:61:86:73:13:35:AB:3E:D3:44:C3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iWMSAlCKeVTU3mGGcxM1qz7TRMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:fb:dc:03:f3:79:8c:c4:e3:a3:a5:44:44:f8:c4:3d:70:fb:
bd:63:01:26:a6:48:6a:da:73:45:72:94:6c:5c:95:d2:e9:21:
a4:f1:3a:4c:01:b8:76:d0:cc:e4:d2:4a:cb:ec:e6:9d:c9:a9:
6b:3e:02:ba:d9:7b:25:8b:eb:cd:72:34:c8:56:f1:a0:5d:2f:
ad:7e:a6:71:c4:d2:7f:c6:c1:4c:39:e5:d2:dd:d3:22:43:86:
15:96:be:c8:21:36:b4:3b:e4:55:18:b5:75:b2:cc:57:10:22:
68:fa:5d:bd:dc:32:1a:a0:95:5b:c9:bd:89:c6:f0:be:ee:68:
30:d9:71:ec:74:f0:54:80:fb:2a:be:fe:8f:8d:a4:f1:86:a0:
90:86:e0:a4:a9:7c:9d:c5:52:bf:7d:87:74:ae:b4:1a:a7:62:
76:ca:54:70:8b:a3:a9:33:20:50:ca:56:ce:2d:c6:ae:9f:42:
21:51:db:96:7c:1d:af:08:24:99:6e:de:bd:2d:ce:84:14:e0:
be:ca:3a:43:d0:f1:ec:5d:ed:48:30:b2:1f:d6:d2:97:1e:4d:
76:11:86:4d:da:98:2b:ff:b6:a0:d6:6b:fc:b9:a2:11:0e:ed:
50:f8:f1:f9:92:51:5e:0b:fb:1f:8e:81:c0:62:9f:10:fe:e2:
1c:3d:2f:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnn8oXSKcaoW3QLk55FktYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEyMDQxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTYzMTIwMjUwOGE3OTU0ZDRkZTYxODY3MzEzMzVhYjNlZDM0NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8T7pCjfC79eU3Rwdq6muzQO68iU
1oT0o0HVtO1a3xVE/0iCOFNgcte1Pu+kbVOIhloyV2SvjpjX41+uN5KPx15kMmAH
hnhPLxEeflbGO805IUMpwkbpYmHG3YZ/xy27pV6mBWAAzrxF1htHxDjshpP5WxVK
V5FlUS7AD9TlKd/Jg/SSofMDACiN0ePj7guX70vUht82NP0fAhkpG0y2RgEX6iOK
Tolzhx92FxABA5tghVOZheuzazrmVUzhuFBfzb5hhMfXuBe8OAvyrpbdmdjXJOIx
Ei/G6HBP8bzzu5LG6vJmdEA9Fgr46NmXzbcPh8ZrYjJ7IY0O8OTCEewfuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIljEgJQinlU1N5hhnMTNas+00TDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaVdNU0FsQ0tlVlRVM21HR2N4TTFxejdUUk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGH73APzeYzE46OlRET4
xD1w+71jASamSGrac0VylGxcldLpIaTxOkwBuHbQzOTSSsvs5p3JqWs+ArrZeyWL
681yNMhW8aBdL61+pnHE0n/GwUw55dLd0yJDhhWWvsghNrQ75FUYtXWyzFcQImj6
Xb3cMhqglVvJvYnG8L7uaDDZcex08FSA+yq+/o+NpPGGoJCG4KSpfJ3FUr99h3Su
tBqnYnbKVHCLo6kzIFDKVs4txq6fQiFR25Z8Ha8IJJlu3r0tzoQU4L7KOkPQ8exd
7Ugwsh/W0pceTXYRhk3amCv/tqDWa/y5ohEO7VD48fmSUV4L+x+OgcBinxD+4hw9
L8o=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:31 2025 by rpki-client