Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ikMHtSq8YWTSJEkPfWQatVZgmB0.roa
File: ikMHtSq8YWTSJEkPfWQatVZgmB0.roa (raw, json)
Hash identifier: qCWI+4efZLQepNapioOdD2omlQYPA3wvIENP5MkR034=
Subject key identifier: 8A:43:07:B5:2A:BC:61:64:D2:24:49:0F:7D:64:1A:B5:56:60:98:1D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01858D6BAD54279E61CA21F7A68B484A2B6E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ikMHtSq8YWTSJEkPfWQatVZgmB0.roa
Signing time: Sat 07 Jan 2023 18:08:42 +0000
ROA not before: Sat 07 Jan 2023 18:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8d:6b:ad:54:27:9e:61:ca:21:f7:a6:8b:48:4a:2b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 7 18:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a4307b52abc6164d224490f7d641ab55660981d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:22:9f:32:ea:5f:1e:0a:03:47:63:53:e7:c7:
e8:b1:f0:7d:6a:b8:b3:8f:db:25:71:f8:0a:25:84:
48:69:f0:a4:60:4a:79:2c:f8:57:ee:18:76:f5:9d:
19:7e:09:8c:e5:79:a4:ef:15:3f:0e:77:aa:37:c4:
1d:ab:65:d3:59:3f:5c:c5:51:56:2e:11:7e:6d:b8:
96:d6:aa:34:8f:02:f0:d1:14:a8:18:d5:48:33:8d:
ef:08:cc:02:78:4c:41:f9:42:d6:ad:3a:4d:c5:6c:
5b:bd:92:2f:12:8f:6d:43:6c:9e:73:47:bc:07:fd:
f7:be:98:fb:f8:42:67:df:46:d0:d6:ba:65:48:54:
25:29:5a:67:72:be:fe:e6:d1:8a:2f:63:9d:a2:22:
e4:8a:29:c9:ae:90:e7:6b:e5:3a:c5:0d:68:62:59:
6c:09:0d:30:ae:eb:d7:b8:18:ee:1e:b5:15:08:ef:
f1:6d:8c:79:22:a7:29:29:b2:6e:ff:35:dd:9d:c1:
ed:21:42:03:6e:3f:3b:4e:99:e7:2d:25:a6:53:17:
fc:69:3b:82:ff:e0:3a:59:7f:5b:46:0c:74:d3:dc:
99:bb:50:ef:ba:e8:03:b6:93:58:43:26:75:58:85:
26:af:79:12:93:ff:61:f3:f9:3a:a4:b1:c4:ab:cb:
d0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:43:07:B5:2A:BC:61:64:D2:24:49:0F:7D:64:1A:B5:56:60:98:1D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ikMHtSq8YWTSJEkPfWQatVZgmB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:11:13:23:cf:99:2f:f8:2a:55:b4:0d:a4:76:9f:15:59:a6:
86:4e:9f:9a:74:05:d3:44:6c:de:52:20:77:ee:c1:f2:e8:12:
35:bb:09:62:0c:3a:e2:a3:5e:b0:62:e5:3a:7b:1b:d6:92:e9:
c4:57:97:63:10:83:49:38:6f:ba:58:35:e2:f9:d3:49:34:68:
94:ee:05:98:34:96:63:e1:39:53:36:35:d5:5d:aa:32:a7:dc:
4d:a2:fc:32:7c:51:7f:17:65:73:46:12:e7:79:35:7d:67:1f:
50:2d:c4:b4:d0:85:bd:a0:74:4c:4d:94:c1:ab:2d:ea:2b:0d:
8f:55:91:c1:b8:f2:8f:80:3b:f7:39:81:59:5f:38:77:4f:2e:
d6:44:71:78:a4:0d:f0:e7:8a:c4:52:b5:72:7a:cc:41:0d:52:
c1:f9:98:0b:d4:d6:1b:5e:6e:d3:75:11:99:a5:39:7e:c9:83:
a8:f8:ec:21:4b:1b:45:83:3d:d2:39:ec:84:fe:e1:9a:42:48:
f0:55:a7:f9:ac:bc:cc:c0:d4:32:8e:d1:50:77:7d:85:de:f1:
d1:d7:a1:ad:4e:75:86:b1:df:2f:e7:fe:43:f6:1c:dc:bb:23:
19:14:57:3e:be:4f:b8:82:e9:cc:6a:a9:09:1b:dc:1b:e5:97:
ed:6a:79:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWNa61UJ55hyiH3potISituMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA3MTgwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQzMDdiNTJhYmM2MTY0ZDIyNDQ5MGY3ZDY0MWFiNTU2NjA5ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyKfMupfHgoDR2NT58fosfB9ariz
j9slcfgKJYRIafCkYEp5LPhX7hh29Z0ZfgmM5Xmk7xU/DneqN8Qdq2XTWT9cxVFW
LhF+bbiW1qo0jwLw0RSoGNVIM43vCMwCeExB+ULWrTpNxWxbvZIvEo9tQ2yec0e8
B/33vpj7+EJn30bQ1rplSFQlKVpncr7+5tGKL2OdoiLkiinJrpDna+U6xQ1oYlls
CQ0wruvXuBjuHrUVCO/xbYx5IqcpKbJu/zXdncHtIUIDbj87TpnnLSWmUxf8aTuC
/+A6WX9bRgx009yZu1DvuugDtpNYQyZ1WIUmr3kSk/9h8/k6pLHEq8vQvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIpDB7UqvGFk0iRJD31kGrVWYJgdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaWtNSHRTcThZV1RTSkVrUGZXUWF0VlpnbUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB4REyPPmS/4KlW0DaR2
nxVZpoZOn5p0BdNEbN5SIHfuwfLoEjW7CWIMOuKjXrBi5Tp7G9aS6cRXl2MQg0k4
b7pYNeL500k0aJTuBZg0lmPhOVM2NdVdqjKn3E2i/DJ8UX8XZXNGEud5NX1nH1At
xLTQhb2gdExNlMGrLeorDY9VkcG48o+AO/c5gVlfOHdPLtZEcXikDfDnisRStXJ6
zEENUsH5mAvU1htebtN1EZmlOX7Jg6j47CFLG0WDPdI57IT+4ZpCSPBVp/msvMzA
1DKO0VB3fYXe8dHXoa1OdYax3y/n/kP2HNy7IxkUVz6+T7iC6cxqqQkb3Bvll+1q
eRU=
-----END CERTIFICATE-----
Generated at Thu May 1 05:37:40 2025 by rpki-client