Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IAwChKehAQyrqTVa5jxElPC-Khs.roa
File: IAwChKehAQyrqTVa5jxElPC-Khs.roa (raw, json)
Hash identifier: oa1EfUCpMg0BbWCHjw7ZXnLGG8pw3HHUl9dsFmV1P3w=
Subject key identifier: 20:0C:02:84:A7:A1:01:0C:AB:A9:35:5A:E6:3C:44:94:F0:BE:2A:1B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018692CE673097F61AB8C0E4DC73FE02A363
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IAwChKehAQyrqTVa5jxElPC-Khs.roa
Signing time: Mon 27 Feb 2023 12:17:25 +0000
ROA not before: Mon 27 Feb 2023 12:17:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:ce:67:30:97:f6:1a:b8:c0:e4:dc:73:fe:02:a3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 12:17:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=200c0284a7a1010caba9355ae63c4494f0be2a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9e:e9:e8:ef:f2:94:d5:86:04:0c:38:1c:8b:
8c:f8:b9:8f:6c:0f:bc:0d:d1:09:b0:ff:0c:7b:43:
b8:90:d6:9e:1a:af:a4:9c:0e:1d:bc:14:96:63:6b:
8b:8b:34:3b:fc:f1:bf:ac:14:54:c8:cf:3a:e7:cb:
69:11:ea:c4:99:b3:8e:3c:8b:a1:b6:86:e0:01:5f:
96:40:0b:8d:64:c1:f0:e5:b0:6d:14:96:3e:93:d7:
fb:27:2f:b1:54:ce:e3:5f:3c:0e:10:b7:2a:d6:d1:
6a:1c:33:48:97:e0:cf:ba:7d:25:3d:71:93:12:e3:
2d:14:81:0f:c5:ea:c2:87:1f:5e:68:22:93:9e:bf:
1c:50:8b:d8:41:6b:df:7a:17:4c:ee:a4:d8:87:3d:
88:36:0d:95:ca:5e:86:a0:74:94:8a:2b:6c:85:62:
0e:76:b9:3e:6e:d2:53:53:d8:47:9f:06:69:a6:25:
bc:f8:37:12:da:ec:17:5c:3d:f5:44:21:cd:85:f6:
d2:31:7e:1f:b9:e5:73:85:9f:51:b3:21:ca:b6:2f:
d4:0b:3c:9f:2b:13:ea:5d:0f:51:4b:5a:6a:b5:42:
66:a7:e8:03:7e:68:49:fb:72:17:75:69:30:d5:7b:
1a:ab:30:fb:fa:bf:5b:9d:29:bf:b4:4e:7c:fb:3f:
37:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0C:02:84:A7:A1:01:0C:AB:A9:35:5A:E6:3C:44:94:F0:BE:2A:1B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IAwChKehAQyrqTVa5jxElPC-Khs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:2a:53:69:d5:89:53:5e:10:83:36:66:1b:34:5b:b9:15:72:
ee:a1:e2:50:6b:eb:db:46:a6:7a:a8:9a:a3:84:e6:6b:c0:a8:
e9:f7:2a:2f:a5:15:2e:22:2c:3b:45:76:11:a7:70:47:33:03:
81:2f:3c:38:55:72:17:20:48:ab:79:23:b5:cc:03:bc:90:9d:
44:76:b5:8c:55:08:83:82:ec:92:73:58:63:78:0f:33:da:1e:
c5:ad:af:65:fa:fa:30:91:e8:e2:6f:00:35:7d:07:d2:54:7a:
30:99:f3:e7:c7:e0:17:bf:22:cf:95:f5:43:2c:10:ee:ca:b2:
99:75:5c:08:e3:99:12:f0:0b:98:e7:ff:d2:54:84:e8:d2:76:
76:16:69:d9:ac:cc:41:fb:c0:51:31:e3:69:48:0c:ac:15:56:
d3:34:8d:b3:a8:2c:4f:d0:79:97:26:fa:10:ff:5b:3f:13:b0:
32:df:0b:fd:ef:33:e2:da:3a:cd:3a:1b:36:d2:86:6f:99:cf:
4a:ec:36:bf:dd:e8:55:ba:48:90:75:5c:65:21:24:3c:c0:da:
2a:45:83:f6:62:b2:09:76:4e:92:ff:10:b9:e4:e0:73:42:7f:
ce:70:60:0e:40:76:96:71:e1:94:a2:76:d1:83:78:d2:9c:6d:
5c:f1:03:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaSzmcwl/YauMDk3HP+AqNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MTIxNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBjMDI4NGE3YTEwMTBjYWJhOTM1NWFlNjNjNDQ5NGYwYmUyYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp7p6O/ylNWGBAw4HIuM+LmPbA+8
DdEJsP8Me0O4kNaeGq+knA4dvBSWY2uLizQ7/PG/rBRUyM8658tpEerEmbOOPIuh
tobgAV+WQAuNZMHw5bBtFJY+k9f7Jy+xVM7jXzwOELcq1tFqHDNIl+DPun0lPXGT
EuMtFIEPxerChx9eaCKTnr8cUIvYQWvfehdM7qTYhz2INg2Vyl6GoHSUiitshWIO
drk+btJTU9hHnwZppiW8+DcS2uwXXD31RCHNhfbSMX4fueVzhZ9RsyHKti/UCzyf
KxPqXQ9RS1pqtUJmp+gDfmhJ+3IXdWkw1XsaqzD7+r9bnSm/tE58+z830wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCAMAoSnoQEMq6k1WuY8RJTwviobMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSUF3Q2hLZWhBUXlycVRWYTVqeEVsUEMtS2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIAqU2nViVNeEIM2Zhs0
W7kVcu6h4lBr69tGpnqomqOE5mvAqOn3Ki+lFS4iLDtFdhGncEczA4EvPDhVchcg
SKt5I7XMA7yQnUR2tYxVCIOC7JJzWGN4DzPaHsWtr2X6+jCR6OJvADV9B9JUejCZ
8+fH4Be/Is+V9UMsEO7Kspl1XAjjmRLwC5jn/9JUhOjSdnYWadmszEH7wFEx42lI
DKwVVtM0jbOoLE/QeZcm+hD/Wz8TsDLfC/3vM+LaOs06GzbShm+Zz0rsNr/d6FW6
SJB1XGUhJDzA2ipFg/Zisgl2TpL/ELnk4HNCf85wYA5AdpZx4ZSidtGDeNKcbVzx
A8Y=
-----END CERTIFICATE-----
Generated at Sat May 3 15:09:25 2025 by rpki-client