Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IKVAomkZCzf4GgGocbBTlkXt1qU.roa
File: IKVAomkZCzf4GgGocbBTlkXt1qU.roa (raw, json)
Hash identifier: 214VJgCRrA29b8lzMU9+2bqpRZZ40N+98KUafeuNbRw=
Subject key identifier: 20:A5:40:A2:69:19:0B:37:F8:1A:01:A8:71:B0:53:96:45:ED:D6:A5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018549999B4CD1BCD138EAF016221C5CF6BC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IKVAomkZCzf4GgGocbBTlkXt1qU.roa
Signing time: Sun 25 Dec 2022 14:04:41 +0000
ROA not before: Sun 25 Dec 2022 14:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:4999:14ca/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:49:99:9b:4c:d1:bc:d1:38:ea:f0:16:22:1c:5c:f6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 25 14:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20a540a269190b37f81a01a871b0539645edd6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f8:22:4a:56:4b:35:28:aa:d2:c5:03:8a:fb:
5f:36:cb:49:13:3a:a3:ca:0b:c6:a9:8d:69:14:68:
8c:8f:58:cb:4d:44:f0:31:e7:30:12:5b:3a:6d:a4:
29:60:82:b7:3a:36:70:70:d4:97:93:e6:9f:7d:96:
09:e5:99:4b:07:1f:10:f8:6f:cc:20:fd:91:ca:0d:
3a:e7:ff:d0:e0:2f:a4:81:71:d2:4a:d6:46:bd:1e:
0d:58:26:97:37:99:cb:7d:c3:72:8a:9f:49:bd:15:
7a:e2:bf:ba:bf:a0:f8:b5:ce:e6:e1:94:4d:c3:6f:
46:e7:83:93:ca:4e:a7:91:f4:51:63:8e:98:d2:46:
4c:1f:47:f4:37:fc:5f:47:89:bb:b4:3f:72:ac:26:
d1:b7:51:f2:70:bd:be:a9:8c:0e:9e:38:39:67:6a:
9e:96:f1:24:7f:67:b0:b5:43:46:72:cc:e0:65:ad:
ae:ef:b8:0f:ad:fe:84:d9:1d:70:bb:d0:67:25:6b:
79:f4:f4:8f:be:9c:c1:d3:a7:41:00:f5:e6:eb:32:
36:e3:c1:b3:bc:60:65:97:a2:3f:0b:74:e4:20:aa:
7f:5b:ca:97:7a:e2:d6:92:11:54:cc:cf:79:75:63:
97:e8:a2:02:91:52:cd:22:bf:b1:c2:7b:bb:87:7d:
00:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A5:40:A2:69:19:0B:37:F8:1A:01:A8:71:B0:53:96:45:ED:D6:A5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IKVAomkZCzf4GgGocbBTlkXt1qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:42:2f:5f:be:33:5d:c9:de:67:3a:36:3a:3e:6c:83:18:09:
e7:20:02:7e:22:35:b9:b6:ab:42:72:a4:da:2d:15:de:51:cd:
11:93:2c:9d:2c:ba:e9:ab:85:fc:71:f5:41:49:a3:a2:27:8c:
86:7b:49:a7:71:1f:cb:27:61:fb:18:01:42:1c:36:79:fa:8c:
3a:7f:ac:7f:7c:4e:52:8b:37:69:6e:63:83:63:b8:bb:0f:08:
ea:be:b9:48:2a:df:07:f3:8e:f4:94:ff:71:d2:d3:50:c5:6d:
8d:4f:3e:b6:c9:9b:c0:dd:90:cf:fe:4d:ab:07:d1:2d:ec:ea:
67:16:dd:06:e0:48:17:4a:61:2e:5d:cc:7d:f7:4b:72:fa:71:
dc:44:06:cd:02:19:99:e8:cc:45:8c:1b:33:b5:c9:05:b0:32:
85:05:ac:b5:9c:a4:57:29:25:d0:b2:5f:54:24:bd:11:fd:ec:
9c:a6:6e:8b:43:82:f1:7a:86:0e:8a:e2:a5:d8:f4:f1:7c:45:
43:3e:88:fb:fe:11:e9:19:d7:08:9e:fd:6e:00:f9:d4:96:27:
0b:48:0a:41:21:b5:9d:a8:59:23:af:a7:d9:d7:d4:03:9d:bf:
74:63:02:94:0e:a0:8f:c9:fb:e3:52:a7:4d:c5:cd:aa:2e:3f:
5b:89:0e:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVJmZtM0bzROOrwFiIcXPa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI1MTQwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE1NDBhMjY5MTkwYjM3ZjgxYTAxYTg3MWIwNTM5NjQ1ZWRkNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPgiSlZLNSiq0sUDivtfNstJEzqj
ygvGqY1pFGiMj1jLTUTwMecwEls6baQpYIK3OjZwcNSXk+affZYJ5ZlLBx8Q+G/M
IP2Ryg065//Q4C+kgXHSStZGvR4NWCaXN5nLfcNyip9JvRV64r+6v6D4tc7m4ZRN
w29G54OTyk6nkfRRY46Y0kZMH0f0N/xfR4m7tD9yrCbRt1HycL2+qYwOnjg5Z2qe
lvEkf2ewtUNGcszgZa2u77gPrf6E2R1wu9BnJWt59PSPvpzB06dBAPXm6zI248Gz
vGBll6I/C3TkIKp/W8qXeuLWkhFUzM95dWOX6KICkVLNIr+xwnu7h30AiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCClQKJpGQs3+BoBqHGwU5ZF7dalMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSUtWQW9ta1pDemY0R2dHb2NiQlRsa1h0MXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACdCL1++M13J3mc6Njo+
bIMYCecgAn4iNbm2q0JypNotFd5RzRGTLJ0suumrhfxx9UFJo6InjIZ7SadxH8sn
YfsYAUIcNnn6jDp/rH98TlKLN2luY4NjuLsPCOq+uUgq3wfzjvSU/3HS01DFbY1P
PrbJm8DdkM/+TasH0S3s6mcW3QbgSBdKYS5dzH33S3L6cdxEBs0CGZnozEWMGzO1
yQWwMoUFrLWcpFcpJdCyX1QkvRH97JymbotDgvF6hg6K4qXY9PF8RUM+iPv+EekZ
1wie/W4A+dSWJwtICkEhtZ2oWSOvp9nX1AOdv3RjApQOoI/J++NSp03FzaouP1uJ
DpM=
-----END CERTIFICATE-----
Generated at Thu May 1 16:37:23 2025 by rpki-client