Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IJt0hUdVYyd3koMa2W6tKLlgkUs.roa
File: IJt0hUdVYyd3koMa2W6tKLlgkUs.roa (raw, json)
Hash identifier: 6vjvfChx9byUIb3EF4Jk1e77zTsfl0Rre5AM7ZwG938=
Subject key identifier: 20:9B:74:85:47:55:63:27:77:92:83:1A:D9:6E:AD:28:B9:60:91:4B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187D995C2A823A338EF0894ACA04B336394
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IJt0hUdVYyd3koMa2W6tKLlgkUs.roa
Signing time: Mon 01 May 2023 23:11:23 +0000
ROA not before: Mon 01 May 2023 23:11:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d9:95:c2:a8:23:a3:38:ef:08:94:ac:a0:4b:33:63:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 1 23:11:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=209b7485475563277792831ad96ead28b960914b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:01:a5:31:c2:77:95:5b:4e:87:7e:c7:61:95:
38:22:ef:06:16:46:6a:2b:95:16:5c:a5:57:58:44:
52:53:07:41:52:cf:a1:cc:14:5a:07:57:61:06:87:
b2:b7:e3:15:f2:a0:db:a6:cc:65:cb:ae:1e:b5:04:
12:dc:15:6a:00:2a:d5:f2:36:b9:69:5a:5b:06:dc:
cf:ba:3f:7d:bb:fb:81:d4:5a:94:69:e3:0b:bf:03:
88:c9:44:23:df:cc:61:00:f2:6b:b0:03:94:fd:ee:
23:7a:c9:42:db:66:81:08:af:65:30:b9:ed:4b:bc:
4d:e6:71:a2:6d:e4:d1:2c:38:33:51:bf:61:e2:95:
ca:94:a9:fb:5d:76:ad:18:e3:19:43:01:d3:b9:6a:
26:49:cf:e1:19:cc:f1:87:40:15:0f:f4:06:c8:1d:
f9:b2:7d:6e:85:1d:3a:9e:04:9c:4d:36:0d:05:b8:
ea:4d:26:ef:13:97:f4:5d:d6:0e:2b:03:7b:f2:5f:
8a:53:a5:06:18:20:22:f8:39:52:ed:27:ed:c0:07:
4b:bb:fe:f6:33:44:51:8e:d8:b4:c7:d6:f7:c2:5d:
32:04:d1:99:05:c0:57:f0:78:ac:0a:50:99:7f:b8:
4b:7f:28:f1:c9:22:32:5b:3b:d2:a4:45:71:14:ad:
06:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9B:74:85:47:55:63:27:77:92:83:1A:D9:6E:AD:28:B9:60:91:4B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IJt0hUdVYyd3koMa2W6tKLlgkUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:d7:19:2e:35:ab:91:c3:3c:9e:fa:2d:e0:d2:95:f7:84:61:
5d:5a:c7:a1:8d:e5:11:2f:0b:3e:6c:c7:67:9c:85:df:bf:5a:
da:8e:27:66:f9:7b:00:e4:2c:d6:3d:2c:40:32:5f:08:e8:8a:
82:9d:78:ac:13:1e:ae:7d:06:e2:9a:f1:61:ee:c1:54:6e:7b:
8b:a4:2d:42:75:13:ff:55:a2:1c:45:df:b6:ae:46:50:ab:4c:
25:35:95:96:8d:7e:fc:c7:44:81:b9:d2:fd:5e:a6:f3:f2:4b:
df:6c:1c:65:99:64:a6:3e:de:e0:9b:61:08:d4:6c:47:5f:a6:
35:81:16:b4:24:5f:da:18:2c:d6:3a:24:be:b2:74:ac:97:53:
5f:fa:26:93:78:b4:02:0f:ff:6b:20:4b:e7:fe:12:6f:9e:0d:
0b:b4:cb:13:b0:76:4b:48:c0:b8:3a:68:93:88:52:7f:ab:ee:
4d:d9:a6:ad:1c:0c:4b:8f:dc:29:05:66:5a:66:b9:bb:32:04:
d5:6c:54:d7:6d:a5:48:c7:77:6d:4e:2b:b2:d4:20:04:36:c3:
a7:40:b4:3d:32:ab:4e:25:fa:f8:42:04:da:14:94:b9:79:36:
52:f9:1d:30:19:8d:69:ee:7f:95:48:34:e7:f5:9a:8a:95:75:
51:56:51:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfZlcKoI6M47wiUrKBLM2OUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAxMjMxMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDliNzQ4NTQ3NTU2MzI3Nzc5MjgzMWFkOTZlYWQyOGI5NjA5MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAGlMcJ3lVtOh37HYZU4Iu8GFkZq
K5UWXKVXWERSUwdBUs+hzBRaB1dhBoeyt+MV8qDbpsxly64etQQS3BVqACrV8ja5
aVpbBtzPuj99u/uB1FqUaeMLvwOIyUQj38xhAPJrsAOU/e4jeslC22aBCK9lMLnt
S7xN5nGibeTRLDgzUb9h4pXKlKn7XXatGOMZQwHTuWomSc/hGczxh0AVD/QGyB35
sn1uhR06ngScTTYNBbjqTSbvE5f0XdYOKwN78l+KU6UGGCAi+DlS7SftwAdLu/72
M0RRjti0x9b3wl0yBNGZBcBX8HisClCZf7hLfyjxySIyWzvSpEVxFK0G8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCCbdIVHVWMnd5KDGtlurSi5YJFLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSUp0MGhVZFZZeWQza29NYTJXNnRLTGxna1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKfXGS41q5HDPJ76LeDS
lfeEYV1ax6GN5REvCz5sx2echd+/WtqOJ2b5ewDkLNY9LEAyXwjoioKdeKwTHq59
BuKa8WHuwVRue4ukLUJ1E/9VohxF37auRlCrTCU1lZaNfvzHRIG50v1epvPyS99s
HGWZZKY+3uCbYQjUbEdfpjWBFrQkX9oYLNY6JL6ydKyXU1/6JpN4tAIP/2sgS+f+
Em+eDQu0yxOwdktIwLg6aJOIUn+r7k3Zpq0cDEuP3CkFZlpmubsyBNVsVNdtpUjH
d21OK7LUIAQ2w6dAtD0yq04l+vhCBNoUlLl5NlL5HTAZjWnuf5VINOf1moqVdVFW
Uf4=
-----END CERTIFICATE-----
Generated at Thu Jun 12 01:03:52 2025 by rpki-client