Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iqj6ivXVRh1f964qzvuqRIUO1bo.roa
File: iqj6ivXVRh1f964qzvuqRIUO1bo.roa (raw, json)
Hash identifier: XDOwBl09XMUA4gwrDShNf1qIg8Ql3xruWexvP/dK0+g=
Subject key identifier: 8A:A8:FA:8A:F5:D5:46:1D:5F:F7:AE:2A:CE:FB:AA:44:85:0E:D5:BA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868498D983E97E6A705DCA13DF59D6B419
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iqj6ivXVRh1f964qzvuqRIUO1bo.roa
Signing time: Fri 24 Feb 2023 18:04:15 +0000
ROA not before: Fri 24 Feb 2023 18:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:8498:cedd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:84:98:d9:83:e9:7e:6a:70:5d:ca:13:df:59:d6:b4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 18:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aa8fa8af5d5461d5ff7ae2acefbaa44850ed5ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1e:87:f4:99:d4:a9:82:9e:87:d5:56:2f:db:
45:93:fc:29:c1:a0:97:96:22:4d:2f:47:dc:7d:e4:
2f:b1:86:e3:2b:90:82:c2:d7:6f:da:4c:8c:88:67:
05:f4:69:f7:8a:76:c5:31:bf:59:a9:5e:0b:a1:fb:
7c:6c:69:fb:ae:f7:85:ba:f2:c0:03:8d:a4:f8:94:
25:e7:40:0e:2a:1b:7e:3a:0b:ad:52:84:87:22:53:
c0:82:f9:ba:30:50:e9:34:f0:e2:23:b3:6c:84:c7:
50:20:75:4f:a3:23:1a:23:17:fa:ce:ab:c5:79:8b:
c4:1a:47:e8:6f:fc:28:7f:14:10:61:c8:3f:29:4b:
c5:a4:a7:2b:a5:57:d7:8b:53:c4:30:c6:5f:b1:c2:
56:f8:08:de:4a:64:02:f8:ce:a8:f9:74:ff:fe:3f:
0b:cc:6f:28:12:05:f5:4c:d2:ca:23:e1:c3:f0:a7:
b7:98:77:7d:aa:2a:65:81:c8:71:3e:e3:1c:da:0a:
4a:9d:45:29:30:58:f0:47:ab:75:94:3a:68:5d:2f:
77:31:2c:04:46:fa:0c:fe:25:9d:f6:fc:34:56:84:
e6:02:9a:2e:67:d8:7c:c7:29:fc:7f:39:7f:f3:b2:
dd:77:34:c8:c3:3b:19:1c:57:73:9d:bb:f2:c0:2c:
60:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A8:FA:8A:F5:D5:46:1D:5F:F7:AE:2A:CE:FB:AA:44:85:0E:D5:BA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iqj6ivXVRh1f964qzvuqRIUO1bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:79:5c:55:d3:d3:f0:26:53:e7:de:2a:3d:80:64:97:65:ba:
2f:2d:1e:d9:e3:4e:40:77:54:6c:16:83:91:6f:eb:08:b7:0c:
30:6c:ca:21:8f:a9:0d:86:0d:9a:a1:0b:65:55:b4:40:77:53:
81:62:a7:fb:76:1c:25:cc:fe:94:b0:ae:4f:3c:23:0b:19:c6:
54:e9:45:14:7e:4c:8f:c8:ca:f7:e7:ad:60:2a:6a:16:34:93:
44:8c:50:6b:10:18:45:1e:18:1f:04:19:67:fb:65:06:34:52:
32:0a:55:0a:33:58:fe:d6:f6:26:cd:ef:7a:54:b0:0e:b9:8b:
3f:38:aa:ee:3b:21:56:48:68:66:c4:fe:1f:f9:f6:24:aa:54:
47:fe:d6:d5:0b:e1:bd:08:ec:97:b1:be:9a:b5:c4:f6:5c:ad:
a2:a8:62:aa:cf:88:2c:09:eb:db:20:26:a0:9c:1b:74:75:82:
7f:3f:42:3b:a1:24:42:16:8a:43:22:21:2b:d6:35:28:0b:86:
0d:1b:f2:a8:7c:1c:ac:28:3e:4c:62:ca:31:aa:38:05:dc:d8:
e8:08:8d:2f:a8:46:93:ae:64:80:34:3c:cc:d1:14:a2:7a:23:
03:91:4e:27:0c:1e:ee:ee:15:bb:c8:1e:18:fa:6b:aa:6a:77:
63:47:18:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaEmNmD6X5qcF3KE99Z1rQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MTgwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE4ZmE4YWY1ZDU0NjFkNWZmN2FlMmFjZWZiYWE0NDg1MGVkNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR6H9JnUqYKeh9VWL9tFk/wpwaCX
liJNL0fcfeQvsYbjK5CCwtdv2kyMiGcF9Gn3inbFMb9ZqV4Loft8bGn7rveFuvLA
A42k+JQl50AOKht+OgutUoSHIlPAgvm6MFDpNPDiI7NshMdQIHVPoyMaIxf6zqvF
eYvEGkfob/wofxQQYcg/KUvFpKcrpVfXi1PEMMZfscJW+AjeSmQC+M6o+XT//j8L
zG8oEgX1TNLKI+HD8Ke3mHd9qiplgchxPuMc2gpKnUUpMFjwR6t1lDpoXS93MSwE
RvoM/iWd9vw0VoTmApouZ9h8xyn8fzl/87LddzTIwzsZHFdznbvywCxgUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIqo+or11UYdX/euKs77qkSFDtW6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaXFqNml2WFZSaDFmOTY0cXp2dXFSSVVPMWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABB5XFXT0/AmU+feKj2A
ZJdlui8tHtnjTkB3VGwWg5Fv6wi3DDBsyiGPqQ2GDZqhC2VVtEB3U4Fip/t2HCXM
/pSwrk88IwsZxlTpRRR+TI/IyvfnrWAqahY0k0SMUGsQGEUeGB8EGWf7ZQY0UjIK
VQozWP7W9ibN73pUsA65iz84qu47IVZIaGbE/h/59iSqVEf+1tUL4b0I7Jexvpq1
xPZcraKoYqrPiCwJ69sgJqCcG3R1gn8/QjuhJEIWikMiISvWNSgLhg0b8qh8HKwo
PkxiyjGqOAXc2OgIjS+oRpOuZIA0PMzRFKJ6IwORTicMHu7uFbvIHhj6a6pqd2NH
GII=
-----END CERTIFICATE-----
Generated at Fri May 2 16:47:30 2025 by rpki-client