Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iqtYsz8ni06x3qSr-V2tz1Fo0MM.roa
File: iqtYsz8ni06x3qSr-V2tz1Fo0MM.roa (raw, json)
Hash identifier: xTog/h7bM5x+tUF/bhz/UGkr/IYmb39wOVmPzv1Dq8U=
Subject key identifier: 8A:AB:58:B3:3F:27:8B:4E:B1:DE:A4:AB:F9:5D:AD:CF:51:68:D0:C3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018639B683F76DC87A61876FFEBCA509874E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iqtYsz8ni06x3qSr-V2tz1Fo0MM.roa
Signing time: Fri 10 Feb 2023 05:05:08 +0000
ROA not before: Fri 10 Feb 2023 05:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:39b5:cfa3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:39:b6:83:f7:6d:c8:7a:61:87:6f:fe:bc:a5:09:87:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 10 05:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aab58b33f278b4eb1dea4abf95dadcf5168d0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:1d:38:d5:3c:c1:fe:2e:c0:68:62:37:47:
34:7b:af:0f:79:ec:bf:b9:10:6c:f1:ae:c4:ea:57:
cd:3c:f6:a5:24:1d:30:ce:77:b5:b1:a1:7d:1b:78:
7c:48:22:3b:ef:b6:5d:ac:63:50:ac:4d:d9:12:2a:
3d:29:f9:70:a1:02:ba:c9:b3:2f:7e:2d:e6:be:c6:
60:27:aa:76:25:a0:f0:72:dc:d7:34:1a:cd:50:d2:
8b:24:44:3b:89:4d:bf:03:ea:a1:59:f0:14:bd:43:
8e:c6:dc:a9:54:e8:4a:04:da:d1:8a:05:de:93:25:
23:e7:b7:cb:59:c1:a1:c3:13:b5:08:49:ff:46:04:
f0:a9:1c:f7:8b:52:25:05:72:7b:b2:cb:03:93:88:
79:d2:82:62:a2:49:3c:9d:43:ff:cf:5e:86:69:c6:
1b:e1:e9:27:1d:c3:1c:8a:e7:ab:ff:e7:59:50:2b:
45:fc:ac:43:58:61:3f:50:e4:a2:aa:8b:14:df:57:
83:d9:00:65:8f:84:31:63:71:2a:0d:3e:aa:5a:a4:
20:82:39:e4:f7:c2:37:4e:87:a9:af:b0:58:bc:94:
a6:ce:5b:d2:c2:d6:24:9c:7d:67:31:72:79:40:05:
31:58:85:27:54:3c:f0:89:4e:0a:81:a8:df:8a:67:
87:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AB:58:B3:3F:27:8B:4E:B1:DE:A4:AB:F9:5D:AD:CF:51:68:D0:C3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iqtYsz8ni06x3qSr-V2tz1Fo0MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:a4:71:5f:13:c7:6c:66:a4:58:02:9e:f4:7d:36:e3:c8:b8:
e7:22:79:77:93:29:c0:81:cb:7b:f8:fe:f4:da:0e:5e:43:63:
b6:ce:fd:9c:a6:7b:fb:9d:4c:ce:8c:d4:d8:11:37:3b:c6:fc:
78:14:e1:6f:a9:4e:f2:43:92:c9:05:e6:a5:e9:f5:3a:d2:18:
b1:42:a8:ed:c8:ad:63:ac:ea:a7:48:ef:fc:21:25:4d:f8:24:
0a:b6:56:94:dd:23:67:1d:11:dc:e1:f0:f3:5e:f9:e1:08:27:
47:13:f0:db:04:c8:31:0a:0e:77:0c:a3:5a:95:c5:42:63:44:
87:2f:dc:96:c8:21:b0:12:03:90:e3:07:ab:1b:3e:5d:ea:0c:
d6:23:c3:9f:c0:00:23:43:a5:61:97:84:91:bb:92:b1:01:b0:
08:4a:92:be:aa:53:39:dd:09:3b:ce:c2:4c:1c:ca:99:e4:44:
0e:2c:be:bf:ff:81:ec:20:c4:5c:59:86:2c:3e:dc:10:a8:05:
4d:d9:1a:53:04:1e:28:90:90:10:c6:0f:8e:09:26:29:92:bf:
7b:cf:ba:d7:dc:96:ef:ca:cd:bb:3d:00:1d:db:65:08:c7:59:
27:84:39:0f:73:69:d3:e9:35:be:0b:4b:4c:4f:3e:e5:32:28:
b7:88:0e:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYY5toP3bch6YYdv/rylCYdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEwMDUwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFiNThiMzNmMjc4YjRlYjFkZWE0YWJmOTVkYWRjZjUxNjhkMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovYdONU8wf4uwGhiN0c0e68Peey/
uRBs8a7E6lfNPPalJB0wzne1saF9G3h8SCI777ZdrGNQrE3ZEio9KflwoQK6ybMv
fi3mvsZgJ6p2JaDwctzXNBrNUNKLJEQ7iU2/A+qhWfAUvUOOxtypVOhKBNrRigXe
kyUj57fLWcGhwxO1CEn/RgTwqRz3i1IlBXJ7sssDk4h50oJiokk8nUP/z16GacYb
4eknHcMciuer/+dZUCtF/KxDWGE/UOSiqosU31eD2QBlj4QxY3EqDT6qWqQggjnk
98I3Toepr7BYvJSmzlvSwtYknH1nMXJ5QAUxWIUnVDzwiU4KgajfimeHfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIqrWLM/J4tOsd6kq/ldrc9RaNDDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaXF0WXN6OG5pMDZ4M3FTci1WMnR6MUZvME1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJCkcV8Tx2xmpFgCnvR9
NuPIuOcieXeTKcCBy3v4/vTaDl5DY7bO/Zyme/udTM6M1NgRNzvG/HgU4W+pTvJD
kskF5qXp9TrSGLFCqO3IrWOs6qdI7/whJU34JAq2VpTdI2cdEdzh8PNe+eEIJ0cT
8NsEyDEKDncMo1qVxUJjRIcv3JbIIbASA5DjB6sbPl3qDNYjw5/AACNDpWGXhJG7
krEBsAhKkr6qUzndCTvOwkwcypnkRA4svr//gewgxFxZhiw+3BCoBU3ZGlMEHiiQ
kBDGD44JJimSv3vPutfclu/Kzbs9AB3bZQjHWSeEOQ9zadPpNb4LS0xPPuUyKLeI
Dq4=
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:04:50 2025 by rpki-client