Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iioOAmo9fIklqADAJI3uLY7CnN4.roa
File: iioOAmo9fIklqADAJI3uLY7CnN4.roa (raw, json)
Hash identifier: r1Ob7mTiE6H+kDcbnOsbU1G2dgUmeUsHmMkB9POshZs=
Subject key identifier: 8A:2A:0E:02:6A:3D:7C:89:25:A8:00:C0:24:8D:EE:2D:8E:C2:9C:DE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186955DEBF443638F0B1F615EE2EBE987FF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iioOAmo9fIklqADAJI3uLY7CnN4.roa
Signing time: Tue 28 Feb 2023 00:13:25 +0000
ROA not before: Tue 28 Feb 2023 00:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:95:5d:eb:f4:43:63:8f:0b:1f:61:5e:e2:eb:e9:87:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 00:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a2a0e026a3d7c8925a800c0248dee2d8ec29cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1e:cb:4f:de:a2:01:70:e6:7b:ba:89:2c:f7:
9f:3b:ef:44:62:74:a0:3a:69:72:2b:25:83:8c:ae:
56:40:ff:7a:c6:8c:55:6f:8f:9f:32:60:27:2e:97:
2e:de:28:76:df:91:c5:d3:a6:7f:c1:05:1f:3a:06:
75:fe:4b:14:30:44:44:e5:61:83:f6:d5:78:b4:07:
f5:59:d0:a5:a0:8a:27:ac:57:83:43:f4:1d:58:49:
78:1b:61:16:66:a4:a0:7c:74:9e:01:25:f7:f7:59:
57:0d:d3:46:b2:e7:09:a0:fc:3c:60:35:46:40:a0:
5e:66:aa:89:a3:ae:6b:2f:72:84:a2:11:1d:9e:7a:
74:d1:64:32:27:47:0b:ba:1e:bd:7b:54:62:57:c9:
6b:a6:76:83:47:ca:64:dd:9c:7f:08:85:33:69:f7:
e7:3d:db:e9:9a:75:0b:74:63:06:ce:7c:3c:c2:e5:
83:19:32:da:32:20:89:a4:6d:cb:8e:2e:5b:84:b5:
c3:b4:9d:f3:71:23:98:c9:8a:17:ff:76:34:93:27:
e7:cd:da:e6:f2:85:da:16:d0:61:8f:b7:89:f0:db:
6c:73:51:93:ff:68:9b:bc:30:d1:85:a4:64:b3:e9:
6a:51:dc:de:fa:76:cb:04:ea:04:4f:82:e0:2e:d8:
a5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2A:0E:02:6A:3D:7C:89:25:A8:00:C0:24:8D:EE:2D:8E:C2:9C:DE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iioOAmo9fIklqADAJI3uLY7CnN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:1d:3a:9c:16:db:99:8a:17:91:7a:9f:2b:be:d4:65:8d:f1:
c1:70:c3:48:72:9a:94:94:00:cd:85:01:a7:ee:25:e4:78:20:
85:be:9a:ee:e1:68:aa:60:38:c6:f7:f9:14:97:d5:3c:54:ca:
b1:2f:b1:c1:ec:92:7e:90:c0:83:4a:df:b9:54:7a:30:35:ea:
01:61:62:c9:2a:22:2d:32:a4:46:6c:16:e1:87:e8:00:e2:59:
c3:5f:1a:7b:64:19:37:8b:e9:2d:f5:79:eb:a6:bc:37:da:54:
c3:5b:d3:67:31:d2:bc:92:68:3f:22:5c:b7:f3:38:52:75:01:
54:ec:e9:4d:cd:b6:70:91:21:06:2b:79:44:4b:7e:7d:38:7d:
cc:26:dc:cd:69:16:cf:e6:b8:4b:aa:74:b5:14:ed:54:ee:de:
60:5d:1f:d3:36:25:3e:ec:3e:85:14:0f:dd:51:8c:d6:a4:89:
a4:2c:6a:e8:1a:d1:ea:e3:43:a6:e0:65:2d:bf:4e:ba:93:db:
60:4f:d8:f5:ca:2a:33:8c:24:5a:33:c7:dc:e7:2e:ae:1a:a6:
b2:e2:3a:6c:f0:af:7e:d7:23:7d:1e:24:04:3e:ce:4c:21:04:
76:be:91:de:3d:ba:ba:79:88:d1:0d:b0:d3:87:f9:70:27:3c:
0a:ff:7c:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaVXev0Q2OPCx9hXuLr6Yf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MDAxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJhMGUwMjZhM2Q3Yzg5MjVhODAwYzAyNDhkZWUyZDhlYzI5Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR7LT96iAXDme7qJLPefO+9EYnSg
OmlyKyWDjK5WQP96xoxVb4+fMmAnLpcu3ih235HF06Z/wQUfOgZ1/ksUMERE5WGD
9tV4tAf1WdCloIonrFeDQ/QdWEl4G2EWZqSgfHSeASX391lXDdNGsucJoPw8YDVG
QKBeZqqJo65rL3KEohEdnnp00WQyJ0cLuh69e1RiV8lrpnaDR8pk3Zx/CIUzaffn
PdvpmnULdGMGznw8wuWDGTLaMiCJpG3Lji5bhLXDtJ3zcSOYyYoX/3Y0kyfnzdrm
8oXaFtBhj7eJ8Ntsc1GT/2ibvDDRhaRks+lqUdze+nbLBOoET4LgLtilywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIoqDgJqPXyJJagAwCSN7i2OwpzeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaWlvT0FtbzlmSWtscUFEQUpJM3VMWTdDbk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACkdOpwW25mKF5F6nyu+
1GWN8cFww0hympSUAM2FAafuJeR4IIW+mu7haKpgOMb3+RSX1TxUyrEvscHskn6Q
wINK37lUejA16gFhYskqIi0ypEZsFuGH6ADiWcNfGntkGTeL6S31eeumvDfaVMNb
02cx0rySaD8iXLfzOFJ1AVTs6U3NtnCRIQYreURLfn04fcwm3M1pFs/muEuqdLUU
7VTu3mBdH9M2JT7sPoUUD91RjNakiaQsauga0erjQ6bgZS2/TrqT22BP2PXKKjOM
JFozx9znLq4aprLiOmzwr37XI30eJAQ+zkwhBHa+kd49urp5iNENsNOH+XAnPAr/
fHU=
-----END CERTIFICATE-----
Generated at Sat May 3 06:46:13 2025 by rpki-client