Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iilvK5ww_0J2NAtFC42jEBW4C0I.roa
File: iilvK5ww_0J2NAtFC42jEBW4C0I.roa (raw, json)
Hash identifier: ack4sbzNJ9VBwEOHt9X3yQn70nzX0irZobPGq3GN0SI=
Subject key identifier: 8A:29:6F:2B:9C:30:FF:42:76:34:0B:45:0B:8D:A3:10:15:B8:0B:42
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01875F7789A50475AF1CCC35D998FBB2CCBB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iilvK5ww_0J2NAtFC42jEBW4C0I.roa
Signing time: Sat 08 Apr 2023 06:04:42 +0000
ROA not before: Sat 08 Apr 2023 06:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:187:5f77:6715/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5f:77:89:a5:04:75:af:1c:cc:35:d9:98:fb:b2:cc:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 8 06:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a296f2b9c30ff4276340b450b8da31015b80b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:64:32:da:c7:38:ab:dc:af:dd:5a:47:c4:0e:
08:52:0d:77:82:81:e0:bd:57:c5:e7:ae:a6:45:22:
44:ee:6d:e6:71:dc:75:e3:85:31:2e:8a:b1:be:2d:
f8:96:a0:19:89:d0:8b:d5:0e:22:48:5b:49:33:c2:
94:a8:11:aa:d1:ca:20:4c:6c:d8:a1:81:db:dd:e9:
a8:11:d6:41:af:0d:91:71:c4:09:68:75:a7:59:38:
f1:55:0f:61:76:11:1f:b1:b7:f1:8c:14:ad:b9:ca:
92:77:27:2c:72:55:f4:af:b5:00:ce:4d:3b:f8:7f:
84:3a:8e:ca:b7:42:1a:d6:af:76:6f:79:c3:f5:58:
00:2c:2c:28:2d:a5:99:0b:fd:af:e6:65:f9:c9:5c:
be:ac:3a:41:7d:6c:be:0f:b8:ec:1b:1b:91:ce:5b:
fa:1f:52:b2:ea:8c:f7:54:68:5b:be:00:18:ae:d9:
d6:53:e3:d8:07:76:5a:90:ae:fe:d3:46:96:61:e6:
6c:a0:ac:dd:71:1e:0f:2e:1e:1f:5d:c0:38:01:ae:
b2:59:89:c4:da:49:c2:5c:d7:fb:0e:42:22:af:83:
f7:b4:d5:19:47:ab:77:5d:20:7f:76:00:2c:1f:df:
b7:4e:2a:f5:21:52:91:93:c9:2a:9d:3c:79:c5:3a:
1a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:29:6F:2B:9C:30:FF:42:76:34:0B:45:0B:8D:A3:10:15:B8:0B:42
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iilvK5ww_0J2NAtFC42jEBW4C0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:33:31:eb:f8:ea:84:b8:dd:8a:2b:14:73:c8:7f:40:a5:7e:
b6:52:af:22:49:c1:1b:62:7f:8f:6f:c5:a6:95:c9:30:cd:4d:
cc:61:f3:d7:a2:8c:33:88:f9:1f:7b:16:26:88:7d:d8:93:a2:
08:b1:53:89:da:a3:26:09:9a:f9:a1:f1:ef:1c:84:cb:0a:1a:
72:52:16:d2:b2:bd:33:ea:78:56:fd:93:87:33:90:04:30:0b:
9c:88:97:1e:ab:9d:93:a4:ec:49:f4:c9:3b:f7:ac:be:ae:b4:
93:05:00:43:0f:1a:64:5a:bc:ce:6d:8c:e7:2c:87:02:a3:07:
34:39:b0:47:a9:19:64:27:dd:c9:9f:23:f8:c0:01:f0:5a:f3:
22:ed:f3:12:5c:83:b1:29:bb:1e:69:0b:36:c8:16:e8:e7:36:
cb:e7:58:c4:68:d7:d2:1d:fb:7b:16:57:6b:09:81:eb:a0:0b:
d7:d9:6e:2a:3c:b2:7e:3f:10:60:55:e1:d7:05:2c:0e:2d:17:
06:79:aa:5c:a3:4d:08:d6:f0:01:1c:0b:7c:28:50:fe:43:e4:
08:ce:e6:9e:1f:e1:26:1e:87:75:b0:88:ac:82:84:9c:19:e8:
ce:91:71:88:2a:f0:46:10:07:a9:c4:90:d7:74:43:bd:34:20:
e4:f7:0f:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdfd4mlBHWvHMw12Zj7ssy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA4MDYwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI5NmYyYjljMzBmZjQyNzYzNDBiNDUwYjhkYTMxMDE1YjgwYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGQy2sc4q9yv3VpHxA4IUg13goHg
vVfF566mRSJE7m3mcdx144UxLoqxvi34lqAZidCL1Q4iSFtJM8KUqBGq0cogTGzY
oYHb3emoEdZBrw2RccQJaHWnWTjxVQ9hdhEfsbfxjBStucqSdycsclX0r7UAzk07
+H+EOo7Kt0Ia1q92b3nD9VgALCwoLaWZC/2v5mX5yVy+rDpBfWy+D7jsGxuRzlv6
H1Ky6oz3VGhbvgAYrtnWU+PYB3ZakK7+00aWYeZsoKzdcR4PLh4fXcA4Aa6yWYnE
2knCXNf7DkIir4P3tNUZR6t3XSB/dgAsH9+3Tir1IVKRk8kqnTx5xToaiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIopbyucMP9CdjQLRQuNoxAVuAtCMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaWlsdks1d3dfMEoyTkF0RkM0MmpFQlc0QzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKIzMev46oS43YorFHPI
f0ClfrZSryJJwRtif49vxaaVyTDNTcxh89eijDOI+R97FiaIfdiTogixU4naoyYJ
mvmh8e8chMsKGnJSFtKyvTPqeFb9k4czkAQwC5yIlx6rnZOk7En0yTv3rL6utJMF
AEMPGmRavM5tjOcshwKjBzQ5sEepGWQn3cmfI/jAAfBa8yLt8xJcg7Epux5pCzbI
FujnNsvnWMRo19Id+3sWV2sJgeugC9fZbio8sn4/EGBV4dcFLA4tFwZ5qlyjTQjW
8AEcC3woUP5D5AjO5p4f4SYeh3WwiKyChJwZ6M6RcYgq8EYQB6nEkNd0Q700IOT3
D+w=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:35 2025 by rpki-client