Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ia1iVvFfjAsPLr6fklLiMLaocYE.roa
File: ia1iVvFfjAsPLr6fklLiMLaocYE.roa (raw, json)
Hash identifier: xQBoG5odBIBs/2usHkO+tvVhUZUUqtVAY4xjUIslhto=
Subject key identifier: 89:AD:62:56:F1:5F:8C:0B:0F:2E:BE:9F:92:52:E2:30:B6:A8:71:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185376723CC314744F6DCFD9718964A504A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ia1iVvFfjAsPLr6fklLiMLaocYE.roa
Signing time: Thu 22 Dec 2022 01:16:24 +0000
ROA not before: Thu 22 Dec 2022 01:16:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:37:67:23:cc:31:47:44:f6:dc:fd:97:18:96:4a:50:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 22 01:16:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89ad6256f15f8c0b0f2ebe9f9252e230b6a87181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:87:f5:98:6b:ff:c8:f9:df:7f:4e:b2:55:33:
a8:a5:bf:e8:6c:03:c6:ed:8f:b2:dc:d9:af:84:a0:
47:2c:89:37:5e:69:4d:35:8e:21:a2:1c:2a:30:cd:
53:45:b9:fa:f1:70:f4:e9:06:2f:64:cf:d4:ed:60:
98:aa:b2:ff:09:fe:7c:f9:f4:e5:ab:9c:09:09:d1:
21:2c:1c:7e:df:67:c1:83:45:36:a8:62:54:ca:5a:
93:13:88:1f:92:02:bb:cf:62:fd:9d:87:b1:56:16:
0a:68:ab:06:da:9d:05:25:28:ce:f2:5e:c5:b4:ec:
41:56:a9:b1:95:b7:ba:c7:eb:a7:f5:2c:21:e4:20:
c4:2f:4c:e1:f1:42:77:f1:cd:c6:1a:6c:ca:00:50:
62:54:17:9b:68:19:f2:19:21:ce:3f:29:ef:e0:d1:
d2:cf:77:5b:72:af:ca:46:11:09:3a:e3:8a:e9:32:
05:5b:39:b6:9f:33:5e:2b:e9:d4:68:3c:2b:56:ba:
de:a7:53:f2:13:05:57:e9:ff:f0:2d:1b:98:94:3c:
a1:04:ba:8c:46:cb:31:74:c7:94:17:36:1d:2c:c4:
59:ec:77:48:d2:61:91:b3:39:b1:5c:ee:5f:74:57:
80:eb:e3:a0:51:1b:27:1f:e5:01:6f:d1:a7:57:a5:
53:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AD:62:56:F1:5F:8C:0B:0F:2E:BE:9F:92:52:E2:30:B6:A8:71:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ia1iVvFfjAsPLr6fklLiMLaocYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:db:0a:ae:c5:85:2e:46:4b:4c:68:ee:a8:ed:09:54:7e:d4:
79:c5:26:e4:63:da:2d:02:cd:ac:4c:ba:0b:aa:62:ec:5d:64:
c2:c8:fd:bc:0c:f3:5f:64:4f:c3:2a:15:3e:fd:d4:47:95:0b:
9b:44:44:43:d5:11:4b:f9:2d:b6:ae:c8:c5:7c:b5:2b:54:c1:
13:86:86:b9:36:1c:ce:a9:03:a5:e1:de:6c:ac:35:0e:51:c3:
cf:78:96:44:65:c6:28:96:23:bf:eb:f8:ca:16:d3:49:18:00:
38:cb:b7:bd:73:b6:6f:b1:ff:36:74:b2:c1:af:1b:d8:e1:9b:
fe:14:ef:ec:11:0c:89:60:2f:89:17:0d:87:6b:b8:12:54:3a:
81:aa:57:28:f4:21:44:fb:36:b5:0b:6b:34:80:7b:5e:40:ab:
b6:77:78:54:70:ff:99:da:a6:6e:ae:8f:7a:56:2f:e1:ae:aa:
9e:b7:30:19:6d:5d:d6:53:92:b4:e5:95:d1:b2:41:26:c4:c4:
55:4d:8f:f4:d6:61:57:35:81:d7:23:44:c9:c9:b5:57:67:98:
7d:d7:a4:4e:0f:cb:f4:7e:9b:4b:85:5a:0b:93:1a:35:9d:71:
8b:5b:36:a4:48:2b:e7:81:75:89:e4:39:1f:fc:ee:91:44:fd:
50:9b:52:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYU3ZyPMMUdE9tz9lxiWSlBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIyMDExNjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFkNjI1NmYxNWY4YzBiMGYyZWJlOWY5MjUyZTIzMGI2YTg3MTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4f1mGv/yPnff06yVTOopb/obAPG
7Y+y3NmvhKBHLIk3XmlNNY4hohwqMM1TRbn68XD06QYvZM/U7WCYqrL/Cf58+fTl
q5wJCdEhLBx+32fBg0U2qGJUylqTE4gfkgK7z2L9nYexVhYKaKsG2p0FJSjO8l7F
tOxBVqmxlbe6x+un9Swh5CDEL0zh8UJ38c3GGmzKAFBiVBebaBnyGSHOPynv4NHS
z3dbcq/KRhEJOuOK6TIFWzm2nzNeK+nUaDwrVrrep1PyEwVX6f/wLRuYlDyhBLqM
RssxdMeUFzYdLMRZ7HdI0mGRszmxXO5fdFeA6+OgURsnH+UBb9GnV6VT1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFImtYlbxX4wLDy6+n5JS4jC2qHGBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaWExaVZ2RmZqQXNQTHI2ZmtsTGlNTGFvY1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAvbCq7FhS5GS0xo7qjt
CVR+1HnFJuRj2i0CzaxMuguqYuxdZMLI/bwM819kT8MqFT791EeVC5tEREPVEUv5
LbauyMV8tStUwROGhrk2HM6pA6Xh3mysNQ5Rw894lkRlxiiWI7/r+MoW00kYADjL
t71ztm+x/zZ0ssGvG9jhm/4U7+wRDIlgL4kXDYdruBJUOoGqVyj0IUT7NrULazSA
e15Aq7Z3eFRw/5napm6uj3pWL+Guqp63MBltXdZTkrTlldGyQSbExFVNj/TWYVc1
gdcjRMnJtVdnmH3XpE4Py/R+m0uFWguTGjWdcYtbNqRIK+eBdYnkOR/87pFE/VCb
Uoo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:45:43 2025 by rpki-client