Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iYOwhRDikYu3luXfLmD5O_vTrfo.roa
File: iYOwhRDikYu3luXfLmD5O_vTrfo.roa (raw, json)
Hash identifier: suYc1f/ewBih5EAqro00eYRQKv+YfcTg0OMJoegC7vQ=
Subject key identifier: 89:83:B0:85:10:E2:91:8B:B7:96:E5:DF:2E:60:F9:3B:FB:D3:AD:FA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B5C5216A20D363F70F57039DB51AD3D2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iYOwhRDikYu3luXfLmD5O_vTrfo.roa
Signing time: Mon 06 Mar 2023 07:14:00 +0000
ROA not before: Mon 06 Mar 2023 07:14:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:c5:21:6a:20:d3:63:f7:0f:57:03:9d:b5:1a:d3:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 6 07:14:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8983b08510e2918bb796e5df2e60f93bfbd3adfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c5:9e:02:2c:e9:e2:ad:8e:d9:ef:cc:81:31:
a9:bb:10:1a:94:2d:21:1b:00:e5:03:e1:cf:55:d4:
8d:cd:83:4a:93:f8:15:5d:38:73:94:c8:ec:6f:bb:
82:41:eb:fb:19:9c:06:69:c9:26:c3:f0:5f:25:af:
77:ef:a9:49:6d:8d:31:9b:05:96:c6:21:3f:a0:15:
36:8e:25:01:13:3c:60:0a:3e:19:20:f8:35:af:9a:
20:0c:c3:10:25:00:9f:05:1c:fe:30:dd:cf:35:5f:
6c:61:66:c4:9d:bd:7b:bf:0d:58:18:65:72:a7:36:
52:f6:e8:a9:c4:b6:70:2c:e8:f6:e6:3c:84:40:12:
7d:cc:cf:a1:85:32:82:e8:fc:97:48:f3:60:6e:f9:
cb:80:ae:80:59:c2:d5:2d:fb:77:e8:aa:f5:66:13:
59:1a:dc:f1:dc:9d:93:1a:9a:12:9b:a8:8f:dc:70:
fb:98:57:2e:43:cd:a5:55:95:74:0d:fd:e8:f0:d6:
d7:12:55:21:55:59:c1:64:f7:51:ca:fc:1e:c9:e7:
df:f1:b7:7b:8b:6b:8d:5f:33:af:91:56:9e:6d:95:
de:a5:b7:67:22:c2:75:14:b8:ac:d2:11:2a:2f:b1:
df:4e:bb:e4:4c:a6:58:2f:94:fc:4f:d4:47:7b:da:
7c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:83:B0:85:10:E2:91:8B:B7:96:E5:DF:2E:60:F9:3B:FB:D3:AD:FA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iYOwhRDikYu3luXfLmD5O_vTrfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:3d:03:6d:9d:22:2c:ef:c0:e1:37:d9:a5:4a:e3:f2:5b:b2:
85:f3:e3:89:e7:1a:72:b9:cc:81:f2:0b:e9:ca:ca:01:e3:cc:
cf:ce:2e:e1:df:41:68:46:bf:24:2e:33:04:d1:09:2a:fc:87:
8a:ff:b0:db:14:bd:1c:19:ee:bd:36:a7:36:a0:c3:da:8a:b9:
6a:c0:03:13:8b:34:81:a9:9a:27:4e:9d:17:52:dc:67:16:a4:
37:0b:ce:9c:2c:8d:37:77:a0:cd:7e:e2:95:58:1d:e1:6c:e1:
06:24:85:c9:0b:c2:17:a9:55:f1:48:3d:53:d8:e0:53:a6:42:
34:83:b7:44:88:fc:b9:99:e5:ab:c4:f3:b8:dd:e2:dc:b9:5b:
67:59:e4:13:c5:75:dd:91:fc:7b:36:cf:2b:bf:40:c5:c6:e1:
72:c3:67:03:4c:4e:52:a7:8b:7d:26:32:bc:4f:e7:27:16:fe:
93:9c:c2:ca:2b:eb:9e:de:21:f1:b7:9f:30:c8:fa:f5:bb:7a:
5b:98:e6:50:63:4a:1a:fe:97:0e:58:9d:cb:1e:cb:ac:d9:37:
30:db:c5:df:fe:8c:ce:a9:7f:33:1e:73:0c:4d:1d:d1:23:cf:
78:62:c0:0a:97:ad:00:d9:9e:90:bc:a6:ca:61:62:25:a2:1e:
30:27:50:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa1xSFqINNj9w9XA521GtPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA2MDcxNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgzYjA4NTEwZTI5MThiYjc5NmU1ZGYyZTYwZjkzYmZiZDNhZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcWeAizp4q2O2e/MgTGpuxAalC0h
GwDlA+HPVdSNzYNKk/gVXThzlMjsb7uCQev7GZwGackmw/BfJa9376lJbY0xmwWW
xiE/oBU2jiUBEzxgCj4ZIPg1r5ogDMMQJQCfBRz+MN3PNV9sYWbEnb17vw1YGGVy
pzZS9uipxLZwLOj25jyEQBJ9zM+hhTKC6PyXSPNgbvnLgK6AWcLVLft36Kr1ZhNZ
Gtzx3J2TGpoSm6iP3HD7mFcuQ82lVZV0Df3o8NbXElUhVVnBZPdRyvweyeff8bd7
i2uNXzOvkVaebZXepbdnIsJ1FLis0hEqL7HfTrvkTKZYL5T8T9RHe9p8YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFImDsIUQ4pGLt5bl3y5g+Tv70636MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaVlPd2hSRGlrWXUzbHVYZkxtRDVPX3ZUcmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEA9A22dIizvwOE32aVK
4/JbsoXz44nnGnK5zIHyC+nKygHjzM/OLuHfQWhGvyQuMwTRCSr8h4r/sNsUvRwZ
7r02pzagw9qKuWrAAxOLNIGpmidOnRdS3GcWpDcLzpwsjTd3oM1+4pVYHeFs4QYk
hckLwhepVfFIPVPY4FOmQjSDt0SI/LmZ5avE87jd4ty5W2dZ5BPFdd2R/Hs2zyu/
QMXG4XLDZwNMTlKni30mMrxP5ycW/pOcwsor657eIfG3nzDI+vW7eluY5lBjShr+
lw5Yncsey6zZNzDbxd/+jM6pfzMecwxNHdEjz3hiwAqXrQDZnpC8psphYiWiHjAn
UBA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:45 2025 by rpki-client