Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IkEY4VTunXd29_pYx5e4hRo_7e8.roa
File: IkEY4VTunXd29_pYx5e4hRo_7e8.roa (raw, json)
Hash identifier: oBMhfGdxY3ZCjx+Z108glOHB4AggPZb3fUkJx5uKGAU=
Subject key identifier: 22:41:18:E1:54:EE:9D:77:76:F7:FA:58:C7:97:B8:85:1A:3F:ED:EF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018793698FF64FAC0E20ACB00FF0829D20D5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IkEY4VTunXd29_pYx5e4hRo_7e8.roa
Signing time: Tue 18 Apr 2023 08:09:41 +0000
ROA not before: Tue 18 Apr 2023 08:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:69:8f:f6:4f:ac:0e:20:ac:b0:0f:f0:82:9d:20:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 18 08:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=224118e154ee9d7776f7fa58c797b8851a3fedef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fd:b3:ea:54:f4:f3:45:1f:5c:07:86:71:f0:
80:a5:bf:77:a7:9b:56:c2:66:78:9d:ac:a6:ef:ae:
51:d4:eb:dc:4b:1c:4b:b8:66:a4:83:f8:e4:98:98:
ae:74:69:5e:c3:3a:04:66:88:b4:83:2e:4b:92:72:
2b:cd:1e:7e:09:69:b4:5f:b6:ad:ea:df:f0:fc:6d:
0f:0b:f2:b2:ec:e5:1e:94:20:02:4d:4c:3f:dc:c5:
47:74:c3:fd:0d:59:88:92:26:49:5c:aa:58:e4:14:
3a:f7:27:9b:2b:c1:3f:0a:38:72:70:07:04:eb:ea:
98:22:95:ac:5f:ff:03:1a:b6:ee:4e:3c:ef:9a:3c:
a9:0a:55:25:47:8e:e6:bc:c0:6d:63:c1:e4:fc:a3:
52:ce:cc:0f:75:35:96:19:8b:88:a9:35:34:f6:af:
38:10:48:79:14:25:7a:fc:86:af:80:3d:45:cc:46:
4f:da:69:49:c0:b1:5c:75:dd:e8:85:45:a0:1a:9e:
2d:67:71:fd:77:92:77:89:1a:f6:c1:3a:6d:15:30:
6c:0f:02:4b:1a:0b:b4:8d:06:22:a4:a4:21:d8:b8:
61:e9:7c:60:8a:35:19:8a:e3:86:55:8a:10:d6:56:
64:12:6f:2a:4f:29:b4:2f:b3:7f:f2:37:a7:7f:74:
e3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:41:18:E1:54:EE:9D:77:76:F7:FA:58:C7:97:B8:85:1A:3F:ED:EF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IkEY4VTunXd29_pYx5e4hRo_7e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:45:b4:e9:a0:34:dd:93:c3:9d:13:c3:99:8f:3b:01:a9:2e:
f6:33:b6:5c:3d:a8:cb:c8:1b:08:41:38:d5:04:35:fb:1f:eb:
ed:4b:c1:52:30:6c:a1:1a:8b:25:dc:9e:e8:f6:a3:3a:16:32:
95:c2:23:db:40:d4:99:4c:4e:58:ba:40:67:7e:f7:de:56:16:
70:53:c0:ae:49:a4:2f:a3:ab:eb:df:45:f1:0b:d2:2d:3c:96:
96:bf:0c:1c:39:ec:fd:e0:df:6f:54:de:96:c0:d3:88:c5:48:
e9:75:d6:4b:2c:47:73:f8:b2:82:5a:62:f4:b9:90:f2:49:dd:
a8:72:9b:37:8f:52:6b:6f:cb:38:b9:48:5b:04:4b:b7:8b:4e:
85:15:45:2e:19:41:5b:f7:a9:0b:a0:0e:6e:16:c2:ec:ab:ea:
71:20:0a:b0:1c:a4:6f:70:60:e3:54:c0:b1:11:4c:8d:97:24:
25:33:69:f3:4a:1c:b7:24:5d:8e:1b:3b:ee:cc:a2:e1:30:0a:
8a:8e:af:0f:6a:0c:00:55:10:33:44:8d:b0:c7:b8:a4:b1:f2:
33:df:db:ee:de:23:7f:ca:c2:bb:b8:b4:c7:a5:34:7a:2a:a3:
3e:42:ff:e1:e0:6a:d1:65:3d:5d:aa:88:40:8f:65:68:18:97:
ee:7b:2f:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeTaY/2T6wOIKywD/CCnSDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE4MDgwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQxMThlMTU0ZWU5ZDc3NzZmN2ZhNThjNzk3Yjg4NTFhM2ZlZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv2z6lT080UfXAeGcfCApb93p5tW
wmZ4naym765R1OvcSxxLuGakg/jkmJiudGlewzoEZoi0gy5LknIrzR5+CWm0X7at
6t/w/G0PC/Ky7OUelCACTUw/3MVHdMP9DVmIkiZJXKpY5BQ69yebK8E/CjhycAcE
6+qYIpWsX/8DGrbuTjzvmjypClUlR47mvMBtY8Hk/KNSzswPdTWWGYuIqTU09q84
EEh5FCV6/IavgD1FzEZP2mlJwLFcdd3ohUWgGp4tZ3H9d5J3iRr2wTptFTBsDwJL
Ggu0jQYipKQh2Lhh6XxgijUZiuOGVYoQ1lZkEm8qTym0L7N/8jenf3TjPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCJBGOFU7p13dvf6WMeXuIUaP+3vMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSWtFWTRWVHVuWGQyOV9wWXg1ZTRoUm9fN2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAClFtOmgNN2Tw50Tw5mP
OwGpLvYztlw9qMvIGwhBONUENfsf6+1LwVIwbKEaiyXcnuj2ozoWMpXCI9tA1JlM
Tli6QGd+995WFnBTwK5JpC+jq+vfRfEL0i08lpa/DBw57P3g329U3pbA04jFSOl1
1kssR3P4soJaYvS5kPJJ3ahymzePUmtvyzi5SFsES7eLToUVRS4ZQVv3qQugDm4W
wuyr6nEgCrAcpG9wYONUwLERTI2XJCUzafNKHLckXY4bO+7MouEwCoqOrw9qDABV
EDNEjbDHuKSx8jPf2+7eI3/Kwru4tMelNHoqoz5C/+HgatFlPV2qiECPZWgYl+57
L5o=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:21:08 2025 by rpki-client