Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IzLy-KnGQylkgL4YPNWgRCIWYvc.roa
File: IzLy-KnGQylkgL4YPNWgRCIWYvc.roa (raw, json)
Hash identifier: o2g+vtdqmZFDaq6Jk8W3P7r6xTfTCzel3c/2qZo/scQ=
Subject key identifier: 23:32:F2:F8:A9:C6:43:29:64:80:BE:18:3C:D5:A0:44:22:16:62:F7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857B9D4B18DB18FD479106480FB6605149
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IzLy-KnGQylkgL4YPNWgRCIWYvc.roa
Signing time: Wed 04 Jan 2023 07:09:43 +0000
ROA not before: Wed 04 Jan 2023 07:09:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7b:9d:4b:18:db:18:fd:47:91:06:48:0f:b6:60:51:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 4 07:09:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2332f2f8a9c643296480be183cd5a044221662f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c5:7f:51:74:50:1b:5e:89:58:f9:5c:4c:c0:
11:c3:da:6e:08:0e:d1:1a:f3:a4:3e:dd:4b:ea:2d:
59:6a:b8:7a:87:58:9c:7f:98:5c:b0:9c:9b:ff:5b:
d3:be:7f:6d:a2:e4:c1:ff:77:c8:33:bd:51:31:2e:
57:25:95:4a:2a:b5:a2:3e:30:18:64:dd:41:d0:f3:
75:2d:a4:28:b3:ba:dc:80:4e:31:a7:6a:b1:ac:c8:
1e:b5:d5:7f:3c:6e:b7:a3:54:03:99:c4:80:38:ea:
71:66:10:e8:c6:da:1d:95:b9:6b:87:b2:89:0c:67:
b4:72:8e:6e:10:91:86:66:ed:2c:56:d6:53:84:40:
75:d8:28:28:8b:cd:7e:3e:3f:ae:c5:9d:99:57:e2:
5d:e7:9e:ca:c3:c8:60:16:1f:8a:03:22:9c:38:60:
0a:0e:48:17:9c:d2:72:91:ad:a3:a4:82:ac:f1:d9:
3d:b1:c7:5e:5c:c5:50:8d:a3:4c:2d:8d:e2:ba:0f:
e6:b2:c1:af:c0:70:fe:fd:88:e6:aa:23:7c:3d:0e:
bc:1e:8a:3b:f2:33:44:14:16:2d:cf:26:98:4b:a8:
08:5a:b9:fc:f8:87:0e:37:bb:a9:d2:07:f7:80:ed:
db:9f:5a:7d:f7:4d:b2:dc:12:84:66:03:a0:02:1c:
02:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:32:F2:F8:A9:C6:43:29:64:80:BE:18:3C:D5:A0:44:22:16:62:F7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/IzLy-KnGQylkgL4YPNWgRCIWYvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:75:91:a3:b1:b5:ff:c0:ac:54:61:03:fc:dc:ac:cd:e9:d5:
94:8a:9f:8d:97:96:7f:b3:d2:2a:35:74:19:53:be:35:3c:fa:
68:d3:87:a3:18:8c:73:81:98:66:50:d5:58:c4:1b:a4:6b:1a:
83:e6:93:d2:4e:55:e2:f5:96:b7:26:a7:79:60:78:ca:f3:96:
7f:31:7b:8a:3a:27:81:21:b4:95:68:8e:37:28:3b:5e:a6:51:
4c:c8:b5:28:0c:8e:ec:8f:23:b9:c0:35:f2:3a:3f:7d:5e:46:
e9:c2:f4:d3:61:04:f4:66:7e:f5:5c:54:22:78:f6:88:44:0a:
5e:40:70:f8:88:b7:08:83:6d:63:d2:f5:9b:a5:48:b3:f3:bc:
8c:5e:52:80:4a:ca:5f:71:0c:e3:09:cd:2e:f2:d7:71:92:c0:
87:48:9e:b7:e5:54:66:7a:13:09:da:6c:2f:71:b8:87:17:4e:
fd:4a:93:e7:f0:b0:7f:89:25:60:cb:64:78:85:d7:06:ac:57:
19:d7:1c:1a:ff:3b:df:0d:20:9c:8f:b7:09:c7:74:57:2d:88:
00:8a:10:97:ce:b4:36:98:19:61:bc:bf:28:d0:91:1a:c1:62:
3a:7e:e6:ad:d0:7c:55:09:a1:7c:5b:70:2a:88:23:e6:e8:2c:
12:a0:a5:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV7nUsY2xj9R5EGSA+2YFFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA0MDcwOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMyZjJmOGE5YzY0MzI5NjQ4MGJlMTgzY2Q1YTA0NDIyMTY2MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcV/UXRQG16JWPlcTMARw9puCA7R
GvOkPt1L6i1Zarh6h1icf5hcsJyb/1vTvn9touTB/3fIM71RMS5XJZVKKrWiPjAY
ZN1B0PN1LaQos7rcgE4xp2qxrMgetdV/PG63o1QDmcSAOOpxZhDoxtodlblrh7KJ
DGe0co5uEJGGZu0sVtZThEB12Cgoi81+Pj+uxZ2ZV+Jd557Kw8hgFh+KAyKcOGAK
DkgXnNJyka2jpIKs8dk9scdeXMVQjaNMLY3iug/mssGvwHD+/YjmqiN8PQ68Hoo7
8jNEFBYtzyaYS6gIWrn8+IcON7up0gf3gO3bn1p9902y3BKEZgOgAhwCWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCMy8vipxkMpZIC+GDzVoEQiFmL3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSXpMeS1LbkdReWxrZ0w0WVBOV2dSQ0lXWXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC11kaOxtf/ArFRhA/zc
rM3p1ZSKn42Xln+z0io1dBlTvjU8+mjTh6MYjHOBmGZQ1VjEG6RrGoPmk9JOVeL1
lrcmp3lgeMrzln8xe4o6J4EhtJVojjcoO16mUUzItSgMjuyPI7nANfI6P31eRunC
9NNhBPRmfvVcVCJ49ohECl5AcPiItwiDbWPS9ZulSLPzvIxeUoBKyl9xDOMJzS7y
13GSwIdInrflVGZ6EwnabC9xuIcXTv1Kk+fwsH+JJWDLZHiF1wasVxnXHBr/O98N
IJyPtwnHdFctiACKEJfOtDaYGWG8vyjQkRrBYjp+5q3QfFUJoXxbcCqII+boLBKg
paI=
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:39:45 2025 by rpki-client