Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IYOvr5u6EiJ5-kAoYz3SgQUoric.roa
File: IYOvr5u6EiJ5-kAoYz3SgQUoric.roa (raw, json)
Hash identifier: rpKiKVK2fF9umhga8ZINpCzlJ9TdIMJ1FncJqUrXkUk=
Subject key identifier: 21:83:AF:AF:9B:BA:12:22:79:FA:40:28:63:3D:D2:81:05:28:AE:27
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182E38522DD10825E5D70FD80A6F1EF5127
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IYOvr5u6EiJ5-kAoYz3SgQUoric.roa
Signing time: Sun 28 Aug 2022 08:15:29 +0000
ROA not before: Sun 28 Aug 2022 08:15:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:85:22:dd:10:82:5e:5d:70:fd:80:a6:f1:ef:51:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 08:15:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2183afaf9bba122279fa4028633dd2810528ae27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2d:2a:6b:82:42:07:86:ed:ee:a2:17:e2:1a:
1c:85:4d:26:68:d2:f1:95:bc:26:1b:71:39:e2:42:
c2:a8:50:4d:02:28:9e:10:a0:72:55:26:cf:63:cc:
b8:93:3e:9d:98:39:84:c0:14:20:78:8a:ca:38:fb:
b8:e4:6b:3f:b2:85:ae:be:bc:5b:24:a1:d5:a7:4f:
95:69:cd:1f:a7:b6:09:e9:da:22:13:90:89:10:a6:
6c:38:68:ad:b7:60:f9:aa:2d:b9:a0:b6:d7:54:ff:
b9:95:99:1d:86:30:54:4f:03:7b:b7:d5:3e:80:e3:
9c:9c:a4:b5:da:28:4c:46:a8:63:27:0a:fc:21:33:
c8:27:e6:89:34:3e:4a:82:3c:74:ac:3b:11:d6:63:
17:ad:e4:45:a6:02:f6:5b:23:1b:24:e8:7c:31:34:
28:34:45:14:2b:1f:5d:15:78:fc:69:91:2f:d3:b3:
f4:48:02:81:40:74:f1:9b:01:e5:c6:db:46:34:14:
a0:f9:1d:62:6b:0d:35:fb:5c:e9:dc:a9:3a:13:3c:
86:21:81:58:9a:f0:91:b7:d6:23:17:f4:00:20:08:
9a:9c:d7:65:0e:0c:5e:14:dc:20:ca:69:c9:10:93:
30:91:b9:8a:75:2a:59:df:bf:4d:a3:44:14:91:80:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:83:AF:AF:9B:BA:12:22:79:FA:40:28:63:3D:D2:81:05:28:AE:27
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IYOvr5u6EiJ5-kAoYz3SgQUoric.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:92:b6:15:3d:f6:d8:3d:dd:f6:49:7a:2e:32:3a:e9:aa:79:
ec:41:cb:2d:53:42:ab:21:f7:0e:6f:17:fc:7d:3f:87:3e:4a:
60:f1:ca:f7:e7:d7:aa:96:f5:25:dc:91:df:66:f0:3b:0b:85:
d4:41:3a:6c:6b:ee:bc:82:5e:42:da:f1:f3:a9:01:f7:d5:c6:
00:1e:f3:fa:65:5c:b2:a1:b6:af:23:ee:02:cf:86:f5:23:2d:
c0:6e:7e:a1:10:3c:2d:87:07:4e:ab:59:42:ac:6b:5a:35:f4:
c6:ee:75:7c:7b:91:2c:ab:4b:ad:bb:39:09:a6:4e:88:e3:40:
ea:84:71:ad:a5:d6:be:1f:51:c9:d9:e9:04:cf:2a:23:9f:7f:
2f:ad:87:1b:a1:05:a4:85:17:34:21:28:de:48:8b:5e:2a:a3:
37:42:65:3b:ad:be:e5:4d:73:d2:27:55:ea:bf:ca:b9:fc:e8:
c8:7a:35:cb:9f:30:62:00:f4:cf:82:d7:26:a4:f7:0c:b2:f9:
dc:d5:b9:37:99:13:c7:5b:57:ad:71:3c:ca:c9:cf:7a:40:0f:
26:39:8f:e0:ba:93:a3:68:14:fd:9b:06:de:e0:3f:c5:fe:35:
ad:68:73:4f:ea:0d:4b:6e:62:47:ae:ed:2d:c7:0e:72:70:65:
d2:f1:40:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYLjhSLdEIJeXXD9gKbx71EnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODI4MDgxNTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTgzYWZhZjliYmExMjIyNzlmYTQwMjg2MzNkZDI4MTA1MjhhZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC0qa4JCB4bt7qIX4hochU0maNLx
lbwmG3E54kLCqFBNAiieEKByVSbPY8y4kz6dmDmEwBQgeIrKOPu45Gs/soWuvrxb
JKHVp0+Vac0fp7YJ6doiE5CJEKZsOGitt2D5qi25oLbXVP+5lZkdhjBUTwN7t9U+
gOOcnKS12ihMRqhjJwr8ITPIJ+aJND5Kgjx0rDsR1mMXreRFpgL2WyMbJOh8MTQo
NEUUKx9dFXj8aZEv07P0SAKBQHTxmwHlxttGNBSg+R1iaw01+1zp3Kk6EzyGIYFY
mvCRt9YjF/QAIAianNdlDgxeFNwgymnJEJMwkbmKdSpZ379No0QUkYAgXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCGDr6+buhIiefpAKGM90oEFKK4nMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSVlPdnI1dTZFaUo1LWtBb1l6M1NnUVVvcmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADOSthU99tg93fZJei4y
OumqeexByy1TQqsh9w5vF/x9P4c+SmDxyvfn16qW9SXckd9m8DsLhdRBOmxr7ryC
XkLa8fOpAffVxgAe8/plXLKhtq8j7gLPhvUjLcBufqEQPC2HB06rWUKsa1o19Mbu
dXx7kSyrS627OQmmTojjQOqEca2l1r4fUcnZ6QTPKiOffy+thxuhBaSFFzQhKN5I
i14qozdCZTutvuVNc9InVeq/yrn86Mh6NcufMGIA9M+C1yak9wyy+dzVuTeZE8db
V61xPMrJz3pADyY5j+C6k6NoFP2bBt7gP8X+Na1oc0/qDUtuYkeu7S3HDnJwZdLx
QNI=
-----END CERTIFICATE-----
Generated at Thu May 1 05:55:54 2025 by rpki-client