Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iKVL4Wno5gUs4RysW_hsIKaMOwI.roa
File: iKVL4Wno5gUs4RysW_hsIKaMOwI.roa (raw, json)
Hash identifier: o2inOicdhMoJgU6gqIfXTiXXAg3xyQZl95/M09+n5i0=
Subject key identifier: 88:A5:4B:E1:69:E8:E6:05:2C:E1:1C:AC:5B:F8:6C:20:A6:8C:3B:02
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 71641646
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iKVL4Wno5gUs4RysW_hsIKaMOwI.roa
Signing time: Thu 10 Mar 2022 19:08:37 +0000
ROA not before: Thu 10 Mar 2022 19:08:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1902384710 (0x71641646)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 10 19:08:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88a54be169e8e6052ce11cac5bf86c20a68c3b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:53:93:ed:ab:45:0c:81:66:37:2f:6c:9e:ba:
27:4b:76:46:bc:95:67:fd:a8:6a:a8:12:3b:31:24:
f1:4e:ac:40:57:0c:0c:f6:73:cd:25:c0:5c:e6:db:
19:ac:0d:5c:a3:63:f0:df:58:9e:dc:d9:3f:23:fd:
12:e1:65:58:18:cc:a0:eb:10:28:7d:10:ab:47:a6:
db:23:ff:72:53:2e:bc:74:a2:31:13:ee:97:4c:a0:
84:3a:f6:19:de:bf:8a:ce:36:7f:48:2a:ad:6e:77:
fb:31:b5:94:fc:5a:f6:90:07:3e:76:49:23:4a:81:
d0:6f:41:29:3e:55:66:9f:d4:d3:45:85:92:4b:05:
3f:79:23:d7:4f:57:c7:fe:8d:50:b8:4a:24:9d:21:
0e:f2:a4:99:8f:a4:8c:c3:0c:06:8b:f7:d5:5c:89:
14:72:f0:b6:7e:f1:d0:1f:d1:57:55:14:65:1b:01:
12:c0:98:a2:39:44:27:07:7b:1e:b0:e1:6a:92:86:
8a:b6:5c:9e:60:7e:a6:3b:60:1b:63:b8:a6:08:33:
17:7f:98:7c:cc:0a:8c:7a:70:4e:7d:52:2b:35:ec:
01:f3:cd:c6:64:7e:6c:6f:c4:f0:83:5c:c8:d7:fa:
f3:9c:2f:c1:ac:73:25:9a:29:0e:bf:20:0e:58:2f:
cd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A5:4B:E1:69:E8:E6:05:2C:E1:1C:AC:5B:F8:6C:20:A6:8C:3B:02
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iKVL4Wno5gUs4RysW_hsIKaMOwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:74:48:ad:4b:e1:af:b6:2c:71:d2:17:d6:c6:32:54:85:c9:
06:45:d4:61:9d:96:e6:d6:64:d4:88:32:05:c9:32:f3:28:6d:
ff:36:3f:d0:92:45:c5:56:1d:05:94:a5:63:a5:b0:a4:61:4c:
e1:26:f3:85:ce:a4:b2:9d:6d:17:c8:d2:01:8f:85:13:8a:76:
20:5c:74:97:21:b3:1d:d0:63:75:76:d8:db:7e:52:39:91:f8:
74:96:d5:07:62:bb:46:cc:81:76:7a:73:ca:c6:ca:7e:8a:fe:
a8:9c:9d:85:d1:ed:ff:9a:ff:9c:16:22:82:ec:0f:0c:f2:bc:
bc:fc:d8:1c:ec:1e:ca:23:d7:49:61:81:23:a2:16:79:e9:79:
51:f6:27:77:32:9a:87:29:a3:66:b9:71:47:09:0d:7e:f9:77:
cd:19:58:fd:2a:60:60:65:11:c1:e1:38:87:10:1c:24:32:51:
f4:5a:cc:72:bc:fb:d4:ce:64:40:95:9e:13:44:ad:26:94:05:
25:0a:d3:78:a9:7e:47:21:07:12:d5:8b:ec:f3:e1:4d:e9:77:
50:da:3d:91:0a:f1:6a:91:3d:3c:50:26:30:b2:c8:82:0b:80:
7b:d2:b6:ff:07:54:c1:55:c9:67:f3:ef:c3:7e:cc:71:2f:22:
2c:7b:fe:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEcWQWRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMx
MDE5MDgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhhNTRiZTE2OWU4
ZTYwNTJjZTExY2FjNWJmODZjMjBhNjhjM2IwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlTk+2rRQyBZjcvbJ66J0t2RryVZ/2oaqgSOzEk8U6sQFcM
DPZzzSXAXObbGawNXKNj8N9YntzZPyP9EuFlWBjMoOsQKH0Qq0em2yP/clMuvHSi
MRPul0yghDr2Gd6/is42f0gqrW53+zG1lPxa9pAHPnZJI0qB0G9BKT5VZp/U00WF
kksFP3kj109Xx/6NULhKJJ0hDvKkmY+kjMMMBov31VyJFHLwtn7x0B/RV1UUZRsB
EsCYojlEJwd7HrDhapKGirZcnmB+pjtgG2O4pggzF3+YfMwKjHpwTn1SKzXsAfPN
xmR+bG/E8INcyNf685wvwaxzJZopDr8gDlgvzesCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSIpUvhaejmBSzhHKxb+Gwgpow7AjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2lLVkw0V25vNWdVczRSeXNXX2hzSUthTU93SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBAdEitS+Gvtixx0hfWxjJUhckGRdRhnZbm1mTU
iDIFyTLzKG3/Nj/QkkXFVh0FlKVjpbCkYUzhJvOFzqSynW0XyNIBj4UTinYgXHSX
IbMd0GN1dtjbflI5kfh0ltUHYrtGzIF2enPKxsp+iv6onJ2F0e3/mv+cFiKC7A8M
8ry8/Ngc7B7KI9dJYYEjohZ56XlR9id3MpqHKaNmuXFHCQ1++XfNGVj9KmBgZRHB
4TiHEBwkMlH0WsxyvPvUzmRAlZ4TRK0mlAUlCtN4qX5HIQcS1Yvs8+FN6XdQ2j2R
CvFqkT08UCYwssiCC4B70rb/B1TBVcln8+/DfsxxLyIse/6W
-----END CERTIFICATE-----
Generated at Thu May 1 06:23:23 2025 by rpki-client