Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/q89KfVSWIdg7s-l2oG0wmO98IdA.roa
File: q89KfVSWIdg7s-l2oG0wmO98IdA.roa (raw, json)
Hash identifier: mQ+8/iDTMdMacCvD2fgCo/lAzFK2myZeeU4W5Ra+SPM=
Subject key identifier: AB:CF:4A:7D:54:96:21:D8:3B:B3:E9:76:A0:6D:30:98:EF:7C:21:D0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F6C144AAFD233A2B29F5233E7A966250
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/q89KfVSWIdg7s-l2oG0wmO98IdA.roa
Signing time: Tue 15 Aug 2023 01:13:28 +0000
ROA not before: Tue 15 Aug 2023 01:13:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f6:c1:44:aa:fd:23:3a:2b:29:f5:23:3e:7a:96:62:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 15 01:13:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abcf4a7d549621d83bb3e976a06d3098ef7c21d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ea:86:de:a9:a0:3f:df:0f:05:84:7a:75:75:
a1:5d:14:ce:74:8c:32:71:ba:1e:70:c0:47:bb:4b:
9c:d6:65:2a:d2:24:78:65:37:b9:45:d1:4e:af:09:
d3:a8:3e:23:1c:ef:38:0a:3c:c1:bf:fc:82:d6:a9:
c3:82:58:21:94:ff:b7:0d:06:d3:f8:bf:04:52:07:
43:c8:37:a7:d1:de:ef:0b:18:5f:ac:62:06:c2:b3:
e3:3a:58:98:5a:d4:aa:24:9a:ad:da:1f:b8:a4:d6:
ac:5e:3b:d5:5b:23:8f:36:f6:db:d4:27:ac:f7:a2:
f5:41:c5:a0:1b:ae:4e:5a:50:04:3e:a6:71:a9:1c:
81:8e:c7:80:30:25:f8:43:55:9a:3f:c3:c6:17:35:
5b:57:e8:8a:ca:03:2b:1e:03:57:9c:c5:5a:61:87:
a4:c3:04:d4:2f:8d:3d:d8:50:20:66:db:ef:03:8b:
bb:5b:ec:2a:21:77:37:d2:55:a9:90:fe:45:91:71:
45:c4:ea:7e:b3:c7:25:fa:71:f1:c5:9f:4a:ab:8b:
8c:59:ad:8a:f8:ab:7d:ff:e8:e4:4f:0e:ff:85:13:
2e:07:54:a1:aa:54:24:de:13:7e:3d:74:17:b9:5a:
45:a9:c4:e1:c6:d7:12:03:f8:bb:11:e7:43:b8:f4:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:CF:4A:7D:54:96:21:D8:3B:B3:E9:76:A0:6D:30:98:EF:7C:21:D0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/q89KfVSWIdg7s-l2oG0wmO98IdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:d3:20:4e:e4:49:e4:6c:e3:93:d8:c6:bb:7a:03:41:b1:90:
35:a9:54:77:ff:67:e5:ca:b0:78:15:74:6c:57:c1:42:12:b8:
d8:dc:af:4e:bc:7b:14:d8:4e:da:d8:c8:78:ca:f7:8a:a9:c8:
29:65:c7:d1:67:20:e3:10:16:e9:4d:43:74:32:0f:82:82:56:
a9:f3:b8:ab:7d:a1:b9:31:cc:bf:df:bb:40:bb:51:f1:ea:c5:
20:dc:20:aa:48:ca:59:4a:9e:34:88:e3:bd:f5:3b:1b:7a:12:
27:a6:cd:c7:89:7a:8e:ff:84:27:67:3e:74:5a:df:df:38:87:
06:51:29:d5:38:9f:a9:4b:fa:2f:f5:e9:ad:e4:6b:c0:3f:27:
0d:25:07:79:84:98:34:5e:e0:0a:37:2b:36:07:d4:d5:0a:4c:
07:39:5b:72:26:e6:9f:3c:08:0b:60:58:e6:6e:b0:25:5a:97:
88:7a:60:5d:dd:23:4e:1e:67:e2:d6:fc:3a:a2:45:db:8c:7b:
bf:f1:44:8f:6b:17:ba:09:b7:4b:d2:26:27:81:64:b9:9e:7e:
67:a7:b1:63:6f:db:0b:f6:20:3b:d9:ba:63:fa:41:92:c7:a1:
59:28:c3:35:56:c7:e9:05:ab:48:ad:e5:5d:c2:17:d9:c2:8b:
48:49:c7:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn2wUSq/SM6Kyn1Iz56lmJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE1MDExMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmNmNGE3ZDU0OTYyMWQ4M2JiM2U5NzZhMDZkMzA5OGVmN2MyMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOqG3qmgP98PBYR6dXWhXRTOdIwy
cboecMBHu0uc1mUq0iR4ZTe5RdFOrwnTqD4jHO84CjzBv/yC1qnDglghlP+3DQbT
+L8EUgdDyDen0d7vCxhfrGIGwrPjOliYWtSqJJqt2h+4pNasXjvVWyOPNvbb1Ces
96L1QcWgG65OWlAEPqZxqRyBjseAMCX4Q1WaP8PGFzVbV+iKygMrHgNXnMVaYYek
wwTUL4092FAgZtvvA4u7W+wqIXc30lWpkP5FkXFFxOp+s8cl+nHxxZ9Kq4uMWa2K
+Kt9/+jkTw7/hRMuB1ShqlQk3hN+PXQXuVpFqcThxtcSA/i7EedDuPQZSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKvPSn1UliHYO7PpdqBtMJjvfCHQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcTg5S2ZWU1dJZGc3cy1sMm9HMHdtTzk4SWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEPTIE7kSeRs45PYxrt6
A0GxkDWpVHf/Z+XKsHgVdGxXwUISuNjcr068exTYTtrYyHjK94qpyCllx9FnIOMQ
FulNQ3QyD4KCVqnzuKt9obkxzL/fu0C7UfHqxSDcIKpIyllKnjSI4731Oxt6Eiem
zceJeo7/hCdnPnRa3984hwZRKdU4n6lL+i/16a3ka8A/Jw0lB3mEmDRe4Ao3KzYH
1NUKTAc5W3Im5p88CAtgWOZusCVal4h6YF3dI04eZ+LW/DqiRduMe7/xRI9rF7oJ
t0vSJieBZLmefmensWNv2wv2IDvZumP6QZLHoVkowzVWx+kFq0it5V3CF9nCi0hJ
x7Q=
-----END CERTIFICATE-----
Generated at Sat May 3 08:59:18 2025 by rpki-client