Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/27OyVKqkPLSc4wZz-2BXAyp-ims.roa
File: 27OyVKqkPLSc4wZz-2BXAyp-ims.roa (raw, json)
Hash identifier: v4ka3A97Tqw3bf1TUEh2vHRhDPPu5v1536hnF6Mr5+I=
Subject key identifier: DB:B3:B2:54:AA:A4:3C:B4:9C:E3:06:73:FB:60:57:03:2A:7E:8A:6B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185729CDFC342DAF03D6A7E8615032C9C1E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/27OyVKqkPLSc4wZz-2BXAyp-ims.roa
Signing time: Mon 02 Jan 2023 13:12:41 +0000
ROA not before: Mon 02 Jan 2023 13:12:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9c:df:c3:42:da:f0:3d:6a:7e:86:15:03:2c:9c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 2 13:12:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbb3b254aaa43cb49ce30673fb6057032a7e8a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:77:d4:af:16:3d:14:1e:12:cb:84:bf:d1:
f2:6c:91:74:e1:d8:69:b0:17:79:1e:ec:ca:73:36:
9e:c5:79:1e:6c:51:0a:1d:77:3e:a6:81:84:70:93:
b9:14:8f:1e:ec:75:76:8f:65:81:8c:af:f9:04:5d:
f3:1a:f1:a9:2b:1e:a7:85:ee:71:f1:09:64:6e:07:
f8:27:21:4b:8e:3a:9e:5f:e6:70:a2:8f:45:81:28:
88:45:e4:6a:a4:e6:bf:a2:62:a7:f8:82:95:0f:3d:
24:f1:db:25:72:00:3a:15:93:f0:80:b6:72:ca:e3:
20:56:f9:91:41:4a:78:e8:77:f7:88:12:44:c7:c5:
b1:e9:a6:e5:d8:9a:a9:e5:aa:d4:ff:bf:34:16:26:
d3:f6:8f:35:f2:68:09:cf:73:ae:3c:d8:cb:9e:6d:
ef:ea:5a:99:fa:3b:55:d1:06:44:72:2e:5c:a4:2b:
39:42:61:16:a8:d9:c3:e5:55:c6:ac:bb:3a:97:22:
84:84:49:11:28:72:e7:52:a0:d2:a5:7b:34:4a:f6:
42:6c:33:7d:c9:22:ba:72:d9:3a:f0:b3:b2:f9:3f:
3d:a7:e7:fe:6b:a9:a6:d4:75:5b:78:f3:20:1c:2d:
af:98:75:5b:ad:88:ea:30:45:e9:3d:f1:01:11:27:
02:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B3:B2:54:AA:A4:3C:B4:9C:E3:06:73:FB:60:57:03:2A:7E:8A:6B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/27OyVKqkPLSc4wZz-2BXAyp-ims.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:1d:3d:5e:af:65:f0:a1:c6:6e:23:fc:01:0a:b1:c5:1f:cf:
8e:c8:7d:29:a7:de:70:27:aa:42:fc:12:d7:ee:e4:dc:aa:f6:
96:f1:84:d5:6a:c5:d9:88:24:c0:d5:80:b3:80:57:ab:fe:95:
83:b4:f9:45:5c:fe:b1:af:29:e1:49:29:2c:8e:50:b5:53:19:
64:3a:0e:7c:e2:dc:52:03:f6:85:de:63:70:80:6a:bb:9a:47:
39:e5:c2:fb:4a:3c:07:92:a9:e3:ff:76:9c:1a:57:a9:a2:de:
4f:d7:bf:69:55:25:58:25:b5:7e:fd:c1:3d:c1:9a:b7:ad:7d:
a6:9f:cb:45:b7:1f:06:d5:7c:82:57:81:be:ff:d5:72:8c:0b:
d9:a9:cf:de:30:16:68:b1:63:33:75:ea:e8:f3:84:17:67:1e:
74:9d:0a:58:16:b0:e7:b9:80:71:9e:5f:a2:4c:3f:fd:bf:75:
e0:da:70:92:3a:c8:f9:3d:ac:46:ca:fb:36:c6:b9:57:40:ee:
bb:9a:fd:c5:7e:04:15:2e:cc:ec:55:70:45:22:d0:20:9f:06:
2f:b9:ef:92:72:3a:c3:b2:8d:0b:73:4c:fd:71:8f:ed:ac:33:
ed:86:dc:43:73:54:a7:cf:af:ba:8c:c0:98:c0:80:30:80:95:
dc:48:10:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVynN/DQtrwPWp+hhUDLJweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAyMTMxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmIzYjI1NGFhYTQzY2I0OWNlMzA2NzNmYjYwNTcwMzJhN2U4YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraB31K8WPRQeEsuEv9HybJF04dhp
sBd5HuzKczaexXkebFEKHXc+poGEcJO5FI8e7HV2j2WBjK/5BF3zGvGpKx6nhe5x
8Qlkbgf4JyFLjjqeX+Zwoo9FgSiIReRqpOa/omKn+IKVDz0k8dslcgA6FZPwgLZy
yuMgVvmRQUp46Hf3iBJEx8Wx6abl2Jqp5arU/780FibT9o818mgJz3OuPNjLnm3v
6lqZ+jtV0QZEci5cpCs5QmEWqNnD5VXGrLs6lyKEhEkRKHLnUqDSpXs0SvZCbDN9
ySK6ctk68LOy+T89p+f+a6mm1HVbePMgHC2vmHVbrYjqMEXpPfEBEScCQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNuzslSqpDy0nOMGc/tgVwMqfoprMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMjdPeVZLcWtQTFNjNHdaei0yQlhBeXAtaW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAIdPV6vZfChxm4j/AEK
scUfz47IfSmn3nAnqkL8Etfu5Nyq9pbxhNVqxdmIJMDVgLOAV6v+lYO0+UVc/rGv
KeFJKSyOULVTGWQ6Dnzi3FID9oXeY3CAaruaRznlwvtKPAeSqeP/dpwaV6mi3k/X
v2lVJVgltX79wT3Bmretfaafy0W3HwbVfIJXgb7/1XKMC9mpz94wFmixYzN16ujz
hBdnHnSdClgWsOe5gHGeX6JMP/2/deDacJI6yPk9rEbK+zbGuVdA7rua/cV+BBUu
zOxVcEUi0CCfBi+575JyOsOyjQtzTP1xj+2sM+2G3ENzVKfPr7qMwJjAgDCAldxI
EEk=
-----END CERTIFICATE-----
Generated at Thu May 1 20:41:27 2025 by rpki-client