Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IwBvn_Y3otWlOxUBO_8Nmr_P5Jw.roa
File: IwBvn_Y3otWlOxUBO_8Nmr_P5Jw.roa (raw, json)
Hash identifier: JcOJDfKJfo3mYkH9F+VwttTCUjMiDiSgwAH6NkSyXN8=
Subject key identifier: 23:00:6F:9F:F6:37:A2:D5:A5:3B:15:01:3B:FF:0D:9A:BF:CF:E4:9C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185323AB48F77D03B1623BC5FCCC71A6B17
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IwBvn_Y3otWlOxUBO_8Nmr_P5Jw.roa
Signing time: Wed 21 Dec 2022 01:09:46 +0000
ROA not before: Wed 21 Dec 2022 01:09:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:32:3a:b4:8f:77:d0:3b:16:23:bc:5f:cc:c7:1a:6b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 21 01:09:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23006f9ff637a2d5a53b15013bff0d9abfcfe49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0f:63:81:c8:7e:ec:3b:6e:95:cc:94:ec:e7:
8d:63:52:55:31:1f:72:b0:01:82:ee:c1:31:19:a7:
ad:d8:20:e8:c8:e2:73:3d:05:55:6e:bd:cb:64:60:
74:a8:f6:28:3d:20:96:d4:bc:87:c6:f4:01:68:b3:
e0:2d:89:b1:a4:39:aa:e7:0a:ed:c4:76:ee:51:af:
0a:7d:77:6c:9e:25:c2:f9:80:40:4b:d6:b0:e3:ef:
2f:48:db:23:3e:1d:4b:d9:d8:36:d6:69:b5:14:cb:
a4:75:85:cd:0d:71:f3:1a:cb:43:1e:96:74:75:6b:
55:75:25:70:14:7a:00:7d:05:e5:94:c9:19:50:f0:
2a:dc:10:e2:16:b3:2c:74:ab:21:a5:53:fb:83:85:
0e:44:4d:04:29:2c:79:be:f2:20:03:a7:ad:51:8a:
1a:5c:48:9d:a9:9d:ea:c3:04:be:b3:cd:8c:6b:b6:
2d:68:8f:d4:ae:b1:5f:fb:6c:c5:47:e0:cd:d6:f7:
9f:2d:f1:5f:cf:2a:a3:74:d8:a7:74:55:28:e0:d1:
4f:97:28:fe:3f:be:36:9d:45:2d:11:88:dc:70:6e:
19:91:08:fd:bd:ba:46:8b:88:b8:3f:70:2a:3d:75:
d7:96:9d:c9:ca:19:7e:4e:ae:fe:4d:e9:77:13:73:
e5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:00:6F:9F:F6:37:A2:D5:A5:3B:15:01:3B:FF:0D:9A:BF:CF:E4:9C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IwBvn_Y3otWlOxUBO_8Nmr_P5Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:04:88:13:3a:c0:63:bd:93:49:74:7a:4b:6e:56:a8:52:c8:
fc:66:b8:3b:62:af:33:30:0d:c3:31:f2:b5:e2:da:5a:65:49:
87:63:2a:e7:d8:c1:fc:f7:d2:35:09:6f:15:29:5e:b4:42:97:
e8:30:3a:4d:01:81:85:33:12:c4:52:ae:26:bd:01:2f:5b:7e:
cf:75:54:b3:40:58:91:fb:99:0f:a4:8a:c5:71:d6:c9:09:03:
86:05:e6:8f:a4:08:a4:34:b6:95:78:e1:69:26:7e:d1:3a:1f:
b9:8d:55:53:9a:cc:17:b0:a1:b7:9a:11:21:0c:2d:5a:fc:c8:
d9:79:33:06:19:6d:71:59:69:07:6e:6d:41:6d:bd:fd:a0:a8:
94:46:3f:cc:d8:3d:ec:05:4f:cc:e8:42:d3:fa:15:a3:49:88:
84:a5:c5:70:ab:3f:b6:44:42:16:fe:0f:2d:15:ce:4f:46:14:
93:95:5b:42:04:36:9e:b0:d9:5b:42:c6:7e:28:53:06:8f:fa:
bd:20:a5:bf:f7:f4:d5:bc:db:b9:b9:e7:f7:52:b2:9e:ec:07:
97:1e:58:a9:b1:83:4e:74:32:1c:3e:c3:f8:fb:63:12:28:84:
11:02:c6:8f:c2:9b:5b:4c:4d:b0:57:09:35:4d:11:f8:20:e4:
f2:b0:f2:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUyOrSPd9A7FiO8X8zHGmsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIxMDEwOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAwNmY5ZmY2MzdhMmQ1YTUzYjE1MDEzYmZmMGQ5YWJmY2ZlNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg9jgch+7DtulcyU7OeNY1JVMR9y
sAGC7sExGaet2CDoyOJzPQVVbr3LZGB0qPYoPSCW1LyHxvQBaLPgLYmxpDmq5wrt
xHbuUa8KfXdsniXC+YBAS9aw4+8vSNsjPh1L2dg21mm1FMukdYXNDXHzGstDHpZ0
dWtVdSVwFHoAfQXllMkZUPAq3BDiFrMsdKshpVP7g4UORE0EKSx5vvIgA6etUYoa
XEidqZ3qwwS+s82Ma7YtaI/UrrFf+2zFR+DN1vefLfFfzyqjdNindFUo4NFPlyj+
P742nUUtEYjccG4ZkQj9vbpGi4i4P3AqPXXXlp3Jyhl+Tq7+Tel3E3Pl3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCMAb5/2N6LVpTsVATv/DZq/z+ScMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSXdCdm5fWTNvdFdsT3hVQk9fOE5tcl9QNUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGEEiBM6wGO9k0l0ektu
VqhSyPxmuDtirzMwDcMx8rXi2lplSYdjKufYwfz30jUJbxUpXrRCl+gwOk0BgYUz
EsRSria9AS9bfs91VLNAWJH7mQ+kisVx1skJA4YF5o+kCKQ0tpV44WkmftE6H7mN
VVOazBewobeaESEMLVr8yNl5MwYZbXFZaQdubUFtvf2gqJRGP8zYPewFT8zoQtP6
FaNJiISlxXCrP7ZEQhb+Dy0Vzk9GFJOVW0IENp6w2VtCxn4oUwaP+r0gpb/39NW8
27m55/dSsp7sB5ceWKmxg050Mhw+w/j7YxIohBECxo/Cm1tMTbBXCTVNEfgg5PKw
8pA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:11:48 2025 by rpki-client