Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ishLM4iSeUImfHFia4E39EWtpUQ.roa
File: ishLM4iSeUImfHFia4E39EWtpUQ.roa (raw, json)
Hash identifier: cFCx2gwHBP8z9Ds9A0qZAI9mnyuuiFXHCxJzN2GKOg4=
Subject key identifier: 8A:C8:4B:33:88:92:79:42:26:7C:71:62:6B:81:37:F4:45:AD:A5:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F15C331692EB92FB80F8FA9D43191F90
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ishLM4iSeUImfHFia4E39EWtpUQ.roa
Signing time: Mon 14 Aug 2023 00:04:58 +0000
ROA not before: Mon 14 Aug 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:f15b:910f/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f1:5c:33:16:92:eb:92:fb:80:f8:fa:9d:43:19:1f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 14 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ac84b3388927942267c71626b8137f445ada544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:58:c5:3f:fd:fd:0d:5d:36:70:56:11:56:28:
c9:e2:88:2e:ad:fa:a8:d5:e0:70:61:8a:99:ac:00:
01:55:fa:92:04:64:f7:1e:dd:71:36:a1:22:6d:4d:
9c:c9:d7:5d:62:79:93:4f:dc:d5:84:21:3e:9b:15:
03:02:49:fe:b1:5c:77:bf:6d:ce:2f:d2:6d:b7:43:
a6:40:7f:10:1e:77:45:b2:96:9d:8d:e8:f6:52:95:
34:69:43:a1:f8:c5:de:de:7e:60:82:1a:05:31:4f:
5a:f3:16:02:23:0a:7e:91:3d:3d:3c:df:5a:a7:b7:
b3:e9:ec:19:58:27:4d:a3:0b:d6:9e:4f:49:7f:14:
2c:09:3e:f3:80:35:e5:32:73:52:ab:51:2d:c9:d7:
d7:88:3a:5e:40:e8:cf:ed:71:1f:e7:c0:33:c3:46:
bd:10:7a:a4:68:f1:b6:63:27:25:1a:b4:ed:a6:2e:
f1:c2:17:ec:24:8c:d9:6e:89:47:39:43:ba:55:be:
50:1c:df:35:2f:25:20:82:9e:90:cc:71:af:b6:a2:
77:0f:33:ae:44:1b:3e:4c:e9:d8:ab:39:ef:37:e0:
19:d8:e5:bc:2a:1a:9c:49:de:39:eb:82:3f:96:71:
21:2d:34:5d:38:7f:67:da:8b:db:cf:d3:5b:67:4c:
af:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C8:4B:33:88:92:79:42:26:7C:71:62:6B:81:37:F4:45:AD:A5:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ishLM4iSeUImfHFia4E39EWtpUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:60:41:3b:ef:4c:d8:70:ab:9c:34:40:86:c4:38:e3:f2:95:
c0:2f:f8:25:63:27:c6:7e:06:10:05:fc:d0:b4:ee:51:a3:91:
22:c7:92:dd:b6:67:dc:a4:02:7b:fa:87:73:0b:5a:ab:dc:03:
5a:47:cb:ba:64:59:4f:e5:32:a9:fb:d7:7f:2e:22:7e:dd:b7:
70:76:ac:a1:cb:0b:a7:cc:37:a4:c7:d8:60:fa:33:a7:1c:a8:
93:f9:d1:57:66:f0:b1:ed:bd:96:db:78:e3:23:8f:de:8e:08:
e0:9d:98:30:f3:5f:88:db:72:73:30:ce:58:6e:ab:32:cc:a7:
9a:d0:ae:41:0f:aa:ed:ac:6e:b9:34:dc:06:2e:f4:11:e8:16:
a9:c6:6b:33:00:78:02:98:51:e2:f6:ae:ba:be:94:f3:35:5e:
50:77:0b:40:78:2b:67:b4:92:a8:06:f6:ed:fd:9e:62:2f:c7:
d0:fa:40:00:84:d2:d4:54:5f:d0:56:40:34:64:72:2d:6f:e7:
70:9e:24:2a:9c:69:71:81:d5:8f:30:54:9c:e1:30:63:8b:8c:
ed:1d:48:f0:fd:80:27:78:9f:61:ea:2c:6b:53:eb:ff:55:10:
b3:92:c1:ea:43:e4:d0:1f:4d:84:7c:5a:61:30:0d:c5:fb:f1:
9d:28:f4:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnxXDMWkuuS+4D4+p1DGR+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE0MDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWM4NGIzMzg4OTI3OTQyMjY3YzcxNjI2YjgxMzdmNDQ1YWRhNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgljFP/39DV02cFYRVijJ4ogurfqo
1eBwYYqZrAABVfqSBGT3Ht1xNqEibU2cydddYnmTT9zVhCE+mxUDAkn+sVx3v23O
L9Jtt0OmQH8QHndFspadjej2UpU0aUOh+MXe3n5gghoFMU9a8xYCIwp+kT09PN9a
p7ez6ewZWCdNowvWnk9JfxQsCT7zgDXlMnNSq1EtydfXiDpeQOjP7XEf58Azw0a9
EHqkaPG2YyclGrTtpi7xwhfsJIzZbolHOUO6Vb5QHN81LyUggp6QzHGvtqJ3DzOu
RBs+TOnYqznvN+AZ2OW8KhqcSd4564I/lnEhLTRdOH9n2ovbz9NbZ0yvdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrISzOIknlCJnxxYmuBN/RFraVEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaXNoTE00aVNlVUltZkhGaWE0RTM5RVd0cFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1gQTvvTNhwq5w0QIbE
OOPylcAv+CVjJ8Z+BhAF/NC07lGjkSLHkt22Z9ykAnv6h3MLWqvcA1pHy7pkWU/l
Mqn7138uIn7dt3B2rKHLC6fMN6TH2GD6M6ccqJP50Vdm8LHtvZbbeOMjj96OCOCd
mDDzX4jbcnMwzlhuqzLMp5rQrkEPqu2sbrk03AYu9BHoFqnGazMAeAKYUeL2rrq+
lPM1XlB3C0B4K2e0kqgG9u39nmIvx9D6QACE0tRUX9BWQDRkci1v53CeJCqcaXGB
1Y8wVJzhMGOLjO0dSPD9gCd4n2HqLGtT6/9VELOSwepD5NAfTYR8WmEwDcX78Z0o
9LQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:24:24 2025 by rpki-client