Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IBvTIlr6bTIet3lqzynd4Vf4t8w.roa
File: IBvTIlr6bTIet3lqzynd4Vf4t8w.roa (raw, json)
Hash identifier: QrE9MYJGAt9NdwO3O4zHT0cVmVuGTk8TIi2CYIQo7gU=
Subject key identifier: 20:1B:D3:22:5A:FA:6D:32:1E:B7:79:6A:CF:29:DD:E1:57:F8:B7:CC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 91E7A945
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IBvTIlr6bTIet3lqzynd4Vf4t8w.roa
Signing time: Sun 03 Jul 2022 01:12:25 +0000
ROA not before: Sun 03 Jul 2022 01:12:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2447878469 (0x91e7a945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 3 01:12:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=201bd3225afa6d321eb7796acf29dde157f8b7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:34:bd:c7:ab:0c:ef:f8:68:4e:89:41:77:21:
2c:d1:c5:d4:72:ad:b9:ae:3f:43:71:d7:4b:50:ed:
b9:60:da:e7:56:77:84:b6:46:5b:77:9d:c8:c1:ea:
2a:c4:ba:b2:07:d3:2b:24:4c:01:4c:33:67:82:07:
4d:13:84:27:1d:ed:00:58:5b:90:8d:6b:5f:17:1a:
6e:36:3f:8a:f9:6c:53:f9:b6:75:3f:f9:49:14:af:
1e:a4:bb:ed:10:87:b7:8c:6a:9c:c2:56:57:ff:89:
be:22:45:27:6f:cd:40:ed:36:28:91:03:67:a8:84:
f8:58:f2:8d:1e:b6:6b:f4:e0:ce:2d:ae:1e:05:24:
1a:c8:fb:b7:fa:c8:c3:41:c6:f7:69:e9:8e:01:00:
13:5b:1d:1f:2c:d9:05:48:02:9c:03:0f:e1:71:a4:
5e:06:64:51:41:0e:2c:99:2d:31:78:ba:6b:0c:00:
2f:7f:25:96:a2:ca:96:65:d2:4b:9b:bc:e0:c9:f0:
3e:53:93:1f:4f:b1:ea:59:c0:07:da:76:3d:8a:dd:
ec:51:7e:a2:93:9b:a3:41:1c:1b:36:bc:f1:b7:30:
61:ef:2d:d5:c2:19:9e:9d:c0:77:60:ff:71:b0:f0:
3a:15:5c:b8:6b:aa:b4:e2:b4:2d:6f:b1:6f:61:ea:
d0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1B:D3:22:5A:FA:6D:32:1E:B7:79:6A:CF:29:DD:E1:57:F8:B7:CC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IBvTIlr6bTIet3lqzynd4Vf4t8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:e6:21:0f:9f:da:bb:57:c4:d1:d7:0e:e3:d4:86:dd:af:ed:
8f:5c:32:ab:ab:27:c6:54:9f:4e:53:e2:20:48:5d:66:e9:94:
ec:85:ed:70:68:e5:01:b1:54:6b:92:99:fe:c6:7d:6a:a9:ed:
e2:3d:7e:95:65:04:79:c3:b1:f4:cc:3d:12:f5:d4:d6:a4:a3:
7a:e3:e5:15:06:56:86:d1:4d:5b:53:d8:fa:d4:73:33:12:4d:
79:9f:a3:9c:6b:d5:44:f7:7b:46:83:9b:ef:cb:97:75:df:7e:
ce:27:a9:d3:37:53:89:78:5c:bf:5b:11:a8:54:eb:23:a1:a1:
b6:30:98:0c:85:c2:c7:62:ef:68:e8:a5:7c:81:41:ea:00:fd:
ec:b7:49:ea:f9:9d:14:a0:63:e5:00:06:52:f1:5e:e1:01:f6:
c4:cb:03:75:ec:4f:1c:5b:04:33:7d:7e:13:3f:b5:de:b1:d0:
35:e5:9f:bb:41:5d:9a:da:b4:5a:ff:9c:25:a4:54:bd:d8:fd:
da:e1:33:bc:14:59:6a:cd:2f:59:40:9a:7e:42:d4:bb:21:19:
76:86:2e:0e:88:52:b4:9f:cc:42:85:0a:c5:1c:02:81:13:c3:
d9:cf:8a:ec:83:ba:16:1b:a9:15:51:7a:9b:88:2c:87:c9:a7:
3b:21:0a:af
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJHnqUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA3
MDMwMTEyMjVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIwMWJkMzIyNWFm
YTZkMzIxZWI3Nzk2YWNmMjlkZGUxNTdmOGI3Y2MwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7NL3Hqwzv+GhOiUF3ISzRxdRyrbmuP0Nx10tQ7blg2udW
d4S2Rlt3ncjB6irEurIH0yskTAFMM2eCB00ThCcd7QBYW5CNa18XGm42P4r5bFP5
tnU/+UkUrx6ku+0Qh7eMapzCVlf/ib4iRSdvzUDtNiiRA2eohPhY8o0etmv04M4t
rh4FJBrI+7f6yMNBxvdp6Y4BABNbHR8s2QVIApwDD+FxpF4GZFFBDiyZLTF4umsM
AC9/JZaiypZl0kubvODJ8D5Tkx9PsepZwAfadj2K3exRfqKTm6NBHBs2vPG3MGHv
LdXCGZ6dwHdg/3Gw8DoVXLhrqrTitC1vsW9h6tBtAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUIBvTIlr6bTIet3lqzynd4Vf4t8wwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9JQnZUSWxyNmJUSWV0M2xxenluZDRWZjR0OHcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAieYhD5/au1fE0dcO49SG3a/tj1wyq6snxlSf
TlPiIEhdZumU7IXtcGjlAbFUa5KZ/sZ9aqnt4j1+lWUEecOx9Mw9EvXU1qSjeuPl
FQZWhtFNW1PY+tRzMxJNeZ+jnGvVRPd7RoOb78uXdd9+ziep0zdTiXhcv1sRqFTr
I6GhtjCYDIXCx2LvaOilfIFB6gD97LdJ6vmdFKBj5QAGUvFe4QH2xMsDdexPHFsE
M31+Ez+13rHQNeWfu0Fdmtq0Wv+cJaRUvdj92uEzvBRZas0vWUCafkLUuyEZdoYu
DohStJ/MQoUKxRwCgRPD2c+K7IO6FhupFVF6m4gsh8mnOyEKrw==
-----END CERTIFICATE-----
Generated at Fri May 2 06:00:23 2025 by rpki-client