Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IAwgViDclCmbJCx2JhNWVtqqYVE.roa
File: IAwgViDclCmbJCx2JhNWVtqqYVE.roa (raw, json)
Hash identifier: BlyxQsZ/6OMmeiFiXs+pjkQcJo9n76nlyGqAWanmjQs=
Subject key identifier: 20:0C:20:56:20:DC:94:29:9B:24:2C:76:26:13:56:56:DA:AA:61:51
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01843FF9DB5C1EBE3B422C0DCF0580BFD76F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IAwgViDclCmbJCx2JhNWVtqqYVE.roa
Signing time: Fri 04 Nov 2022 00:10:49 +0000
ROA not before: Fri 04 Nov 2022 00:10:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3f:f9:db:5c:1e:be:3b:42:2c:0d:cf:05:80:bf:d7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 4 00:10:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=200c205620dc94299b242c7626135656daaa6151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d4:a0:e7:b9:28:76:4d:03:1b:9d:1f:42:4f:
2a:9e:cf:4f:53:79:b2:9a:0c:be:9b:6d:a6:1e:a0:
d8:84:45:5b:bb:43:ad:fd:03:a2:5f:fb:13:64:66:
97:dd:b1:b5:c5:00:33:83:23:48:db:8a:f9:19:8d:
03:32:66:75:f5:19:dd:e7:04:5d:35:91:71:cd:8f:
8a:6c:a4:68:1d:33:5e:6d:e4:70:78:c1:fa:c7:d8:
bb:5e:98:a4:ae:1c:5c:9b:36:74:25:b9:2a:f1:81:
a7:e7:d1:3f:f9:1a:64:47:56:d8:b2:53:b0:41:41:
ed:c6:aa:74:63:87:4e:de:18:2e:6c:19:15:41:ed:
31:3f:9d:05:f7:06:14:16:b2:d7:96:2a:9d:e1:4f:
96:e1:e9:50:bf:ce:e9:3f:bb:88:54:40:94:7d:13:
09:58:da:3e:2a:4e:89:3a:b0:22:c1:cf:e3:34:e7:
f4:6d:b7:19:82:b6:b8:ca:35:c5:52:e1:95:99:82:
f1:17:98:e2:fa:1c:64:24:e2:c5:21:26:38:ea:64:
14:da:a5:19:59:0f:04:4f:ff:3c:83:be:87:6e:2d:
12:53:92:76:46:4e:03:25:66:23:69:69:6c:8f:b7:
34:46:45:0c:f7:fa:8b:b9:c7:97:d1:88:4e:e4:a3:
ac:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0C:20:56:20:DC:94:29:9B:24:2C:76:26:13:56:56:DA:AA:61:51
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IAwgViDclCmbJCx2JhNWVtqqYVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:fa:a9:3f:2f:fa:3f:e0:be:ff:82:a6:e4:a5:46:b9:ec:1b:
fe:a7:42:0f:fe:db:65:7a:03:92:97:49:54:64:4d:f6:5a:a9:
99:75:bb:7e:70:41:76:58:93:1f:69:e7:3b:9f:28:2e:4c:f5:
dd:7f:46:17:04:04:a9:0d:b3:47:32:a5:9c:04:52:85:d8:48:
a0:8d:d7:3d:88:68:75:7c:ad:8c:9a:91:27:dd:3a:ca:7c:a1:
b5:d2:97:29:57:c4:4c:96:3f:d4:f3:ff:90:2d:9f:6d:53:62:
2e:f5:de:84:e0:03:6e:0a:ee:21:b1:41:e6:a6:12:4a:40:e6:
c7:3f:e5:ba:a0:ae:0f:30:ab:b8:11:0b:f1:65:df:f3:f9:51:
c5:c7:d9:f2:17:91:cf:68:a9:7f:80:39:7b:b8:96:d3:3a:44:
ac:64:8f:19:61:a6:53:aa:fc:4a:ab:c7:eb:aa:31:a2:2e:75:
33:05:68:26:af:5b:79:73:53:c8:a1:c9:d0:30:1e:49:8b:7e:
8a:77:01:16:5e:3d:f3:4a:0f:2c:f9:3a:83:25:0e:88:bb:b2:
b4:d0:2c:fc:f7:21:17:12:f7:87:c8:99:7c:0b:55:a9:6c:91:
71:94:43:3c:ec:a6:4e:2f:5f:c9:c2:ea:58:dc:05:62:13:e0:
6b:ad:61:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQ/+dtcHr47QiwNzwWAv9dvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTA0MDAxMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBjMjA1NjIwZGM5NDI5OWIyNDJjNzYyNjEzNTY1NmRhYWE2MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9Sg57kodk0DG50fQk8qns9PU3my
mgy+m22mHqDYhEVbu0Ot/QOiX/sTZGaX3bG1xQAzgyNI24r5GY0DMmZ19Rnd5wRd
NZFxzY+KbKRoHTNebeRweMH6x9i7XpikrhxcmzZ0Jbkq8YGn59E/+RpkR1bYslOw
QUHtxqp0Y4dO3hgubBkVQe0xP50F9wYUFrLXliqd4U+W4elQv87pP7uIVECUfRMJ
WNo+Kk6JOrAiwc/jNOf0bbcZgra4yjXFUuGVmYLxF5ji+hxkJOLFISY46mQU2qUZ
WQ8ET/88g76Hbi0SU5J2Rk4DJWYjaWlsj7c0RkUM9/qLuceX0YhO5KOs8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCAMIFYg3JQpmyQsdiYTVlbaqmFRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSUF3Z1ZpRGNsQ21iSkN4MkpoTldWdHFxWVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF76qT8v+j/gvv+CpuSl
RrnsG/6nQg/+22V6A5KXSVRkTfZaqZl1u35wQXZYkx9p5zufKC5M9d1/RhcEBKkN
s0cypZwEUoXYSKCN1z2IaHV8rYyakSfdOsp8obXSlylXxEyWP9Tz/5Atn21TYi71
3oTgA24K7iGxQeamEkpA5sc/5bqgrg8wq7gRC/Fl3/P5UcXH2fIXkc9oqX+AOXu4
ltM6RKxkjxlhplOq/Eqrx+uqMaIudTMFaCavW3lzU8ihydAwHkmLfop3ARZePfNK
Dyz5OoMlDoi7srTQLPz3IRcS94fImXwLValskXGUQzzspk4vX8nC6ljcBWIT4Gut
YTQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:40:32 2025 by rpki-client