Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ikCu2X8usUhfDvFvDS51MwZKlzg.roa
File: ikCu2X8usUhfDvFvDS51MwZKlzg.roa (raw, json)
Hash identifier: 5WoFq6v9mJX55s2PFOBrHGD6KjB/Lbl+cRN7rYM+Uiw=
Subject key identifier: 8A:40:AE:D9:7F:2E:B1:48:5F:0E:F1:6F:0D:2E:75:33:06:4A:97:38
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183282CBA3511049E30A542880E84227FE2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ikCu2X8usUhfDvFvDS51MwZKlzg.roa
Signing time: Sat 10 Sep 2022 16:12:43 +0000
ROA not before: Sat 10 Sep 2022 16:12:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:28:2c:ba:35:11:04:9e:30:a5:42:88:0e:84:22:7f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 10 16:12:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a40aed97f2eb1485f0ef16f0d2e7533064a9738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ec:b8:01:6e:b8:3f:41:79:94:51:66:7e:7a:
69:17:34:b8:d8:3f:f4:03:f7:8c:23:1d:9b:ec:fc:
22:12:e7:5c:d5:74:23:66:ff:03:6f:82:81:64:06:
e8:f8:32:83:92:3d:18:ff:4d:ce:68:a9:a7:2c:14:
8a:8f:13:35:f5:7a:94:3c:db:f9:61:18:69:e4:73:
68:8f:ac:23:bf:84:51:07:f5:82:5e:22:aa:95:f4:
27:09:d1:1f:12:8c:09:d4:30:5e:61:e3:f1:70:5e:
ed:89:c8:68:e0:f5:79:4c:92:cf:8b:88:01:3e:56:
35:16:75:61:10:4a:94:ae:f1:8f:93:46:ca:43:7d:
8a:44:20:21:2e:6e:97:86:95:ad:84:2a:14:11:8b:
00:9d:6c:0f:62:a5:87:c7:da:4e:07:07:0b:75:88:
9b:91:50:36:ae:4c:8d:2d:be:b1:90:99:77:73:bd:
82:38:66:e1:56:0f:13:b5:2c:58:99:49:4d:88:1d:
f3:3c:51:91:ba:82:2f:ba:45:5b:8d:f0:70:5f:96:
e2:c5:3f:ed:25:61:af:7b:2f:6a:9c:53:0d:49:b6:
2e:b8:6b:4e:ba:d3:ed:de:29:12:d2:fb:da:30:4d:
db:0f:dc:41:67:b5:0a:7c:f2:83:73:5a:7c:01:b6:
c0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:40:AE:D9:7F:2E:B1:48:5F:0E:F1:6F:0D:2E:75:33:06:4A:97:38
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ikCu2X8usUhfDvFvDS51MwZKlzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:35:1d:9b:96:93:9c:6e:f2:7d:50:fa:01:fa:9f:b6:84:67:
b6:e1:1e:de:c9:ea:e8:a5:91:05:a4:01:75:34:da:8c:22:23:
71:ec:c5:fe:e0:c9:fb:cb:81:75:4a:dd:a6:eb:cd:50:9d:62:
c3:17:fd:a6:d5:89:e9:17:8f:65:39:a3:76:09:11:c3:0d:1b:
1f:8b:5a:b3:8e:c6:a1:f7:09:ae:8a:3f:b4:a7:a9:ab:d6:a9:
e1:53:2f:ec:94:89:7c:47:fd:81:99:46:98:80:0c:a7:35:7c:
64:6c:f4:bd:4c:90:3b:da:69:14:5e:8a:46:bd:e8:7b:52:bb:
37:7d:d0:05:2f:45:c1:59:a5:be:36:42:69:a1:b7:51:ac:f4:
80:08:fd:f2:54:70:3b:94:3a:de:e9:6d:9a:b6:28:40:5d:13:
58:58:56:42:63:7f:5f:bd:aa:38:b0:45:0e:0c:22:72:2a:ec:
2a:c2:3c:ad:6e:d8:80:8e:dd:72:92:8b:a9:84:7e:4d:42:83:
70:41:06:ba:c9:f9:09:6c:4b:bc:ae:18:f5:d3:d7:01:0b:04:
1a:d2:73:34:6f:ca:0d:e4:30:83:0a:dd:25:da:c6:0a:26:78:
1f:4a:e8:23:7a:74:e8:26:c9:a5:9f:39:61:a3:de:81:c1:ae:
08:a5:57:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMoLLo1EQSeMKVCiA6EIn/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTEwMTYxMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQwYWVkOTdmMmViMTQ4NWYwZWYxNmYwZDJlNzUzMzA2NGE5NzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOy4AW64P0F5lFFmfnppFzS42D/0
A/eMIx2b7PwiEudc1XQjZv8Db4KBZAbo+DKDkj0Y/03OaKmnLBSKjxM19XqUPNv5
YRhp5HNoj6wjv4RRB/WCXiKqlfQnCdEfEowJ1DBeYePxcF7ticho4PV5TJLPi4gB
PlY1FnVhEEqUrvGPk0bKQ32KRCAhLm6XhpWthCoUEYsAnWwPYqWHx9pOBwcLdYib
kVA2rkyNLb6xkJl3c72COGbhVg8TtSxYmUlNiB3zPFGRuoIvukVbjfBwX5bixT/t
JWGvey9qnFMNSbYuuGtOutPt3ikS0vvaME3bD9xBZ7UKfPKDc1p8AbbAlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIpArtl/LrFIXw7xbw0udTMGSpc4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaWtDdTJYOHVzVWhmRHZGdkRTNTFNd1pLbHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK41HZuWk5xu8n1Q+gH6
n7aEZ7bhHt7J6uilkQWkAXU02owiI3Hsxf7gyfvLgXVK3abrzVCdYsMX/abViekX
j2U5o3YJEcMNGx+LWrOOxqH3Ca6KP7SnqavWqeFTL+yUiXxH/YGZRpiADKc1fGRs
9L1MkDvaaRReika96HtSuzd90AUvRcFZpb42Qmmht1Gs9IAI/fJUcDuUOt7pbZq2
KEBdE1hYVkJjf1+9qjiwRQ4MInIq7CrCPK1u2ICO3XKSi6mEfk1Cg3BBBrrJ+Qls
S7yuGPXT1wELBBrSczRvyg3kMIMK3SXaxgomeB9K6CN6dOgmyaWfOWGj3oHBrgil
V0g=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:53 2025 by rpki-client