Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ISzlEgwAp3HeSxWixP_zPVSR3bM.roa
File: ISzlEgwAp3HeSxWixP_zPVSR3bM.roa (raw, json)
Hash identifier: T8UEH2MVwh9XtlnV/iUDoZg/iHGeC+2ySHOIpuLWnzA=
Subject key identifier: 21:2C:E5:12:0C:00:A7:71:DE:4B:15:A2:C4:FF:F3:3D:54:91:DD:B3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186963C642AD573E14207662026AFBDF1F6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ISzlEgwAp3HeSxWixP_zPVSR3bM.roa
Signing time: Tue 28 Feb 2023 04:16:25 +0000
ROA not before: Tue 28 Feb 2023 04:16:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:96:3c:64:2a:d5:73:e1:42:07:66:20:26:af:bd:f1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 04:16:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=212ce5120c00a771de4b15a2c4fff33d5491ddb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c5:5c:35:de:93:d1:0c:f8:b3:60:95:5f:82:
36:84:2e:36:b3:e7:05:61:4b:9d:61:bf:c2:05:8f:
21:ed:15:16:74:e5:0d:c7:46:d1:c2:9d:ac:df:a6:
b4:3d:0b:63:67:fd:95:10:65:05:a9:1e:90:ad:1c:
01:65:b9:08:45:83:7c:bd:79:c2:76:78:51:43:ab:
59:1c:15:f9:46:c1:0c:66:f2:5a:b5:f1:f5:21:26:
5b:17:bf:d0:e4:97:14:70:17:7e:59:fc:f4:4d:38:
32:92:5b:ff:a2:3e:b2:d9:18:e6:e5:bb:30:a6:31:
43:ae:a6:60:8c:ea:31:29:d7:73:d3:ff:77:7e:41:
e8:40:3e:99:86:e3:49:6d:76:c5:89:37:e2:ac:63:
d9:cd:db:11:ce:4d:9b:07:72:d1:4e:25:b7:e5:c3:
25:50:ab:cf:dd:17:f9:bf:41:a0:59:70:14:f6:6d:
c6:a5:79:5a:51:41:fb:85:89:4e:d6:b4:95:1f:1b:
76:17:fc:6a:2f:17:fd:2a:e7:55:8f:b3:73:ce:34:
53:fa:fc:01:33:b1:48:cf:63:8f:f8:d6:78:ac:67:
62:0b:00:cc:88:b6:14:d0:1d:97:fc:ba:64:01:64:
73:a2:94:dc:7e:d1:88:52:e5:8b:12:1a:48:d5:b3:
1f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2C:E5:12:0C:00:A7:71:DE:4B:15:A2:C4:FF:F3:3D:54:91:DD:B3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ISzlEgwAp3HeSxWixP_zPVSR3bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:52:73:22:22:83:2f:50:60:7b:d4:c6:23:da:3d:91:30:5d:
be:88:fd:09:be:c8:75:6a:18:ac:b2:8a:e6:81:d5:29:4e:b8:
a9:b0:fb:2c:9b:ff:b9:39:58:f9:ce:bf:6e:b5:15:9a:47:d1:
84:a0:70:c4:22:44:02:8f:7f:dc:4a:35:0b:cf:ec:b1:88:2e:
8a:82:4c:cb:a9:79:7d:22:b4:e0:43:b8:fa:d1:75:09:32:52:
7e:05:76:1b:9d:d5:6f:18:de:4a:a5:37:01:c1:65:2b:a3:39:
00:9f:72:de:a7:0b:c6:62:77:54:ca:65:6d:63:69:0c:45:2c:
ae:f4:be:17:a2:4c:38:ca:65:46:71:8c:56:6b:83:0a:fc:43:
4a:c1:6a:9c:53:71:02:ad:eb:fe:79:1b:01:32:f2:18:de:0d:
cb:00:31:d4:66:5d:67:34:b8:db:df:97:e6:3b:07:df:1e:de:
18:a1:f9:fb:4f:67:18:91:77:26:5c:9c:41:57:39:5f:97:50:
d5:46:56:38:ca:00:db:ba:a8:70:d9:63:e7:60:69:35:ef:80:
bf:06:ee:5d:a0:00:0e:31:51:80:77:4f:16:66:6a:ca:00:6e:
86:7f:3c:4f:c4:71:11:4f:42:d5:9a:eb:ff:70:07:a2:6c:06:
da:bb:1d:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaWPGQq1XPhQgdmICavvfH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MDQxNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJjZTUxMjBjMDBhNzcxZGU0YjE1YTJjNGZmZjMzZDU0OTFkZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48VcNd6T0Qz4s2CVX4I2hC42s+cF
YUudYb/CBY8h7RUWdOUNx0bRwp2s36a0PQtjZ/2VEGUFqR6QrRwBZbkIRYN8vXnC
dnhRQ6tZHBX5RsEMZvJatfH1ISZbF7/Q5JcUcBd+Wfz0TTgyklv/oj6y2Rjm5bsw
pjFDrqZgjOoxKddz0/93fkHoQD6ZhuNJbXbFiTfirGPZzdsRzk2bB3LRTiW35cMl
UKvP3Rf5v0GgWXAU9m3GpXlaUUH7hYlO1rSVHxt2F/xqLxf9KudVj7NzzjRT+vwB
M7FIz2OP+NZ4rGdiCwDMiLYU0B2X/LpkAWRzopTcftGIUuWLEhpI1bMfzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCEs5RIMAKdx3ksVosT/8z1Ukd2zMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSVN6bEVnd0FwM0hlU3hXaXhQX3pQVlNSM2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIdScyIigy9QYHvUxiPa
PZEwXb6I/Qm+yHVqGKyyiuaB1SlOuKmw+yyb/7k5WPnOv261FZpH0YSgcMQiRAKP
f9xKNQvP7LGILoqCTMupeX0itOBDuPrRdQkyUn4Fdhud1W8Y3kqlNwHBZSujOQCf
ct6nC8Zid1TKZW1jaQxFLK70vheiTDjKZUZxjFZrgwr8Q0rBapxTcQKt6/55GwEy
8hjeDcsAMdRmXWc0uNvfl+Y7B98e3hih+ftPZxiRdyZcnEFXOV+XUNVGVjjKANu6
qHDZY+dgaTXvgL8G7l2gAA4xUYB3TxZmasoAboZ/PE/EcRFPQtWa6/9wB6JsBtq7
HcU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:31:19 2025 by rpki-client