Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tI0HUE6c9O_1VD6biT8t3eIRJGY.roa
File: tI0HUE6c9O_1VD6biT8t3eIRJGY.roa (raw, json)
Hash identifier: WtxxaEbbnpS5GtA2oEhcdRz7PnuArEU6UGHboYhaN+A=
Subject key identifier: B4:8D:07:50:4E:9C:F4:EF:F5:54:3E:9B:89:3F:2D:DD:E2:11:24:66
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188A49117823AE17BC4F888F281EDE1C563
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tI0HUE6c9O_1VD6biT8t3eIRJGY.roa
Signing time: Sat 10 Jun 2023 09:09:12 +0000
ROA not before: Sat 10 Jun 2023 09:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:91:17:82:3a:e1:7b:c4:f8:88:f2:81:ed:e1:c5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 10 09:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b48d07504e9cf4eff5543e9b893f2ddde2112466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9a:4e:3d:b5:48:96:4f:66:a1:80:7d:07:6a:
21:fe:1f:46:ab:8d:b4:c8:20:25:f4:f5:4d:be:fe:
f9:f7:b8:70:4a:42:85:80:fd:60:19:ed:8d:4d:c2:
43:12:08:b6:00:26:e0:4f:66:06:3a:b9:6b:05:9c:
45:e2:68:b8:b6:c8:5e:a1:dd:b3:c6:a6:d8:ef:7f:
c1:db:e6:cb:b7:6b:c3:b7:b4:e6:62:dd:28:38:3e:
58:e9:af:e5:94:b0:54:89:6e:84:15:0e:ac:15:a4:
63:d3:bb:95:75:7f:f0:31:1d:36:47:dc:1f:8c:35:
e3:a7:fe:b1:c2:63:c8:af:51:e4:6e:3a:4e:0a:d5:
f1:e9:a2:c2:09:ea:af:7f:c5:5f:58:e4:a8:39:2d:
fc:57:df:c1:92:8d:3d:89:ad:43:a5:6c:0f:e6:7e:
93:28:0a:93:94:5b:d2:c6:3f:04:50:16:7b:dc:1b:
c4:66:43:df:ee:2f:fd:78:d1:8b:7e:0f:da:1b:c8:
3d:9b:84:c4:2a:21:2b:c4:6c:1f:2f:c3:09:40:40:
c2:bc:04:dd:4d:63:27:f8:37:91:66:c2:2a:f2:68:
b4:29:8a:c9:ab:c1:42:25:e8:df:b1:88:4b:97:43:
75:e5:13:95:74:64:f3:83:01:26:a9:3e:2e:ee:4c:
db:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8D:07:50:4E:9C:F4:EF:F5:54:3E:9B:89:3F:2D:DD:E2:11:24:66
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tI0HUE6c9O_1VD6biT8t3eIRJGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:2d:cf:46:de:b2:bd:52:7e:a5:81:58:eb:8e:1e:c1:61:d4:
32:8b:92:0b:21:5d:86:09:16:34:5e:14:07:59:64:d4:95:cc:
e6:f5:d5:39:dd:43:ec:62:7e:fa:0b:8c:b0:73:7c:ae:42:a7:
4d:3e:e9:70:cc:ca:ea:c2:2c:33:18:71:d3:cc:b3:cc:5c:3f:
94:fb:95:b0:b6:f9:6e:ba:a4:0b:0f:d8:90:ad:17:cd:47:78:
af:12:56:ce:01:40:cf:b0:da:08:4d:e3:de:fd:06:ef:36:55:
75:91:a7:fe:9f:be:aa:55:c7:0b:cc:3a:56:0d:5c:fc:8b:d9:
08:bf:e2:cb:e4:82:7f:fc:8e:5b:67:8b:59:12:11:f3:8d:64:
09:25:92:c1:0e:36:c5:6d:63:e0:5d:a5:66:0b:0e:30:42:e7:
b7:93:5e:da:20:a5:32:6c:48:5d:1e:19:7d:d9:2f:0d:36:82:
a6:98:c4:28:cc:f8:5f:ea:24:2c:69:d0:d3:d8:74:55:09:ad:
e7:c3:05:50:6a:10:31:d9:8f:a5:36:8a:f1:86:f9:cb:9b:f3:
70:08:5a:cb:9f:06:8a:ab:97:35:d9:70:83:78:85:5c:2a:77:
ea:96:93:ea:54:21:0c:c5:1e:d3:fc:31:90:31:5d:a3:f0:d3:
b3:89:f9:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYikkReCOuF7xPiI8oHt4cVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjEwMDkwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhkMDc1MDRlOWNmNGVmZjU1NDNlOWI4OTNmMmRkZGUyMTEyNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxppOPbVIlk9moYB9B2oh/h9Gq420
yCAl9PVNvv7597hwSkKFgP1gGe2NTcJDEgi2ACbgT2YGOrlrBZxF4mi4tsheod2z
xqbY73/B2+bLt2vDt7TmYt0oOD5Y6a/llLBUiW6EFQ6sFaRj07uVdX/wMR02R9wf
jDXjp/6xwmPIr1HkbjpOCtXx6aLCCeqvf8VfWOSoOS38V9/Bko09ia1DpWwP5n6T
KAqTlFvSxj8EUBZ73BvEZkPf7i/9eNGLfg/aG8g9m4TEKiErxGwfL8MJQEDCvATd
TWMn+DeRZsIq8mi0KYrJq8FCJejfsYhLl0N15ROVdGTzgwEmqT4u7kzbowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLSNB1BOnPTv9VQ+m4k/Ld3iESRmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdEkwSFVFNmM5T18xVkQ2YmlUOHQzZUlSSkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABotz0besr1SfqWBWOuO
HsFh1DKLkgshXYYJFjReFAdZZNSVzOb11TndQ+xifvoLjLBzfK5Cp00+6XDMyurC
LDMYcdPMs8xcP5T7lbC2+W66pAsP2JCtF81HeK8SVs4BQM+w2ghN4979Bu82VXWR
p/6fvqpVxwvMOlYNXPyL2Qi/4svkgn/8jltni1kSEfONZAklksEONsVtY+BdpWYL
DjBC57eTXtogpTJsSF0eGX3ZLw02gqaYxCjM+F/qJCxp0NPYdFUJrefDBVBqEDHZ
j6U2ivGG+cub83AIWsufBoqrlzXZcIN4hVwqd+qWk+pUIQzFHtP8MZAxXaPw07OJ
+Zs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:37:01 2025 by rpki-client