Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ioa956J0hHpctjLfSGXiO6jyedM.roa
File: ioa956J0hHpctjLfSGXiO6jyedM.roa (raw, json)
Hash identifier: BUQ1A4klJRn/im/hh723KX43bduJrqKc24KnE/lQGvk=
Subject key identifier: 8A:86:BD:E7:A2:74:84:7A:5C:B6:32:DF:48:65:E2:3B:A8:F2:79:D3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B8250AC44AB1ED51347B8A4E0D074314
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ioa956J0hHpctjLfSGXiO6jyedM.roa
Signing time: Mon 06 Mar 2023 18:18:00 +0000
ROA not before: Mon 06 Mar 2023 18:18:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:25:0a:c4:4a:b1:ed:51:34:7b:8a:4e:0d:07:43:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 6 18:18:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a86bde7a274847a5cb632df4865e23ba8f279d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ce:22:b6:c6:69:db:f4:07:61:a5:bb:c3:34:
97:81:c8:b7:0e:7b:21:33:d6:24:e7:73:4b:1f:1c:
97:b6:75:0f:ad:14:88:b0:1a:6a:ab:ee:ed:97:9e:
0e:32:34:a3:15:95:18:59:c2:45:b8:ca:90:1e:50:
a2:2f:08:1f:3b:40:0c:eb:c4:f2:db:01:82:20:7b:
55:3d:21:e7:d3:b7:88:53:04:c8:07:3d:c8:90:f3:
f7:e5:0e:94:ee:b4:c4:b2:8c:e9:4f:ae:9a:ee:cd:
ff:d6:68:d8:e7:85:1b:9d:ef:10:4c:23:9c:3a:57:
4e:2d:66:cc:51:d8:a2:af:00:06:04:e9:25:f3:30:
35:f7:20:ed:51:ef:31:bb:d9:85:34:c2:74:71:a3:
ec:8d:2d:07:74:cf:9d:11:62:62:fb:fc:3e:1d:7a:
39:23:28:98:16:6c:1b:92:f8:3f:68:7a:d8:57:39:
2c:b3:a4:f8:82:f6:d0:f4:92:de:bf:58:8c:da:07:
e2:93:21:0e:19:ec:1b:09:76:40:97:c6:28:5b:f0:
ee:4b:f9:96:bb:b5:54:b9:a1:e4:22:5f:62:01:f9:
24:b4:1a:70:6a:fc:fa:03:c3:68:3c:5e:2a:66:61:
cf:a9:1c:eb:eb:6c:60:cb:e7:f0:90:b3:74:5a:2e:
ad:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:86:BD:E7:A2:74:84:7A:5C:B6:32:DF:48:65:E2:3B:A8:F2:79:D3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ioa956J0hHpctjLfSGXiO6jyedM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:a5:a0:45:52:37:52:b8:b2:11:a3:63:20:f0:27:12:f6:f8:
ce:f9:17:96:ad:5c:df:01:c2:17:57:31:8f:45:ba:e3:12:22:
f5:41:b9:08:93:1e:52:6b:3d:2f:a3:78:cb:bf:6c:b8:c8:46:
f4:8f:7a:ea:de:a9:38:0a:d9:5f:6a:14:ee:31:34:64:ab:7d:
1c:0f:25:0b:4f:ec:09:de:52:92:6a:20:70:9f:d3:f4:c0:e4:
74:52:db:40:cd:69:3d:7d:3d:90:c8:3f:38:53:c8:15:89:c1:
59:69:2c:c0:9e:56:63:1c:be:55:5f:d2:c1:f6:68:d8:aa:37:
34:a2:25:42:1f:8d:73:96:c7:1d:77:12:e2:10:cc:1c:03:d3:
b5:5a:1f:65:04:35:16:08:bf:78:00:af:d2:54:10:5a:ea:61:
21:e6:ca:54:1f:fe:35:8b:c7:4e:ae:9b:a6:01:cf:f2:6f:bf:
70:3c:f1:fe:00:47:61:39:10:d7:2d:c2:65:d4:20:3b:d0:f4:
bf:4a:7d:ea:91:df:70:b3:e4:14:c0:e1:66:db:8a:cc:98:b9:
ee:59:78:c8:42:7a:47:2f:26:c5:e3:62:8b:f9:22:a6:f8:af:
85:85:a4:47:29:c9:b0:b4:1b:84:0f:05:52:b7:51:4c:cc:8f:
d0:58:50:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa4JQrESrHtUTR7ik4NB0MUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA2MTgxODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTg2YmRlN2EyNzQ4NDdhNWNiNjMyZGY0ODY1ZTIzYmE4ZjI3OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM4itsZp2/QHYaW7wzSXgci3Dnsh
M9Yk53NLHxyXtnUPrRSIsBpqq+7tl54OMjSjFZUYWcJFuMqQHlCiLwgfO0AM68Ty
2wGCIHtVPSHn07eIUwTIBz3IkPP35Q6U7rTEsozpT66a7s3/1mjY54Ubne8QTCOc
OldOLWbMUdiirwAGBOkl8zA19yDtUe8xu9mFNMJ0caPsjS0HdM+dEWJi+/w+HXo5
IyiYFmwbkvg/aHrYVzkss6T4gvbQ9JLev1iM2gfikyEOGewbCXZAl8YoW/DuS/mW
u7VUuaHkIl9iAfkktBpwavz6A8NoPF4qZmHPqRzr62xgy+fwkLN0Wi6t0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIqGveeidIR6XLYy30hl4juo8nnTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaW9hOTU2SjBoSHBjdGpMZlNHWGlPNmp5ZWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIiloEVSN1K4shGjYyDw
JxL2+M75F5atXN8BwhdXMY9FuuMSIvVBuQiTHlJrPS+jeMu/bLjIRvSPeureqTgK
2V9qFO4xNGSrfRwPJQtP7AneUpJqIHCf0/TA5HRS20DNaT19PZDIPzhTyBWJwVlp
LMCeVmMcvlVf0sH2aNiqNzSiJUIfjXOWxx13EuIQzBwD07VaH2UENRYIv3gAr9JU
EFrqYSHmylQf/jWLx06um6YBz/Jvv3A88f4AR2E5ENctwmXUIDvQ9L9KfeqR33Cz
5BTA4WbbisyYue5ZeMhCekcvJsXjYov5Iqb4r4WFpEcpybC0G4QPBVK3UUzMj9BY
UBw=
-----END CERTIFICATE-----
Generated at Sun May 4 01:53:16 2025 by rpki-client