Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iKLDWYMj13xdgWBb-Qw3uzjop1E.roa
File: iKLDWYMj13xdgWBb-Qw3uzjop1E.roa (raw, json)
Hash identifier: BtyOw5UaoPaEdzui2urps6NvhZ4JD8dR91k5RLgmh1E=
Subject key identifier: 88:A2:C3:59:83:23:D7:7C:5D:81:60:5B:F9:0C:37:BB:38:E8:A7:51
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867B33CCBA19094D1161386BF0D1E44E27
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iKLDWYMj13xdgWBb-Qw3uzjop1E.roa
Signing time: Wed 22 Feb 2023 22:17:17 +0000
ROA not before: Wed 22 Feb 2023 22:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7b:33:cc:ba:19:09:4d:11:61:38:6b:f0:d1:e4:4e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 22:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a2c3598323d77c5d81605bf90c37bb38e8a751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:28:8c:ac:a4:83:94:1c:9d:a9:17:08:c0:be:
16:dd:7b:9a:ea:b7:be:87:22:43:c9:29:b2:e7:99:
f7:63:8b:55:0c:e7:18:dc:52:6d:0b:b2:4a:30:59:
19:ac:39:72:f5:36:ba:ce:2a:2f:07:9f:48:a5:4e:
d8:41:48:b8:8a:b1:71:ca:c6:7c:12:09:ec:6f:69:
cb:68:48:e5:b3:27:65:bf:ff:8f:a9:e9:2f:0a:71:
d4:18:5a:89:86:06:2a:8e:f2:b0:fc:45:53:75:97:
b5:7d:6d:d7:a3:87:11:ff:be:43:a9:23:ad:e9:7e:
70:ef:e4:e6:e6:e3:bc:f9:1c:c1:14:fa:62:9f:fe:
70:33:67:8d:c8:f5:bf:54:dd:1f:e4:b4:12:8b:fd:
b5:a5:de:50:2a:a9:ea:4e:99:73:ed:31:5b:55:a1:
2b:c8:04:b7:45:54:bc:1a:56:ba:7b:82:6d:9b:c4:
90:31:32:92:c7:10:6f:4e:74:f6:a2:ee:2b:91:90:
b8:d7:28:61:79:82:d7:f9:de:58:1e:1f:71:4f:19:
40:40:99:6c:83:01:e7:e7:6d:a5:db:6a:32:36:0e:
dd:e1:da:96:25:ce:03:64:ea:ae:02:0b:a7:83:a0:
da:5c:0c:3f:bc:f3:e7:51:f2:fb:c9:41:c7:10:04:
8e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A2:C3:59:83:23:D7:7C:5D:81:60:5B:F9:0C:37:BB:38:E8:A7:51
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iKLDWYMj13xdgWBb-Qw3uzjop1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:3c:7e:0f:dd:0f:7b:52:e1:e7:14:2c:cb:ff:26:fb:6d:86:
ae:83:0c:1e:b1:97:f8:c8:1b:0d:6f:31:70:34:e7:cb:a7:58:
97:02:ed:49:c4:64:80:d7:24:ec:91:86:1d:f9:b4:10:6d:3e:
67:24:fd:f3:ee:0a:8b:c9:54:e9:87:c9:aa:84:04:c0:48:1a:
c9:f3:2f:95:27:f4:55:11:ae:9a:f0:77:b0:ec:86:d1:37:80:
86:7d:3a:9b:25:57:d9:93:7d:ec:fe:fc:16:c3:a7:d7:ce:f0:
ee:07:c1:9e:7c:9a:4a:ec:d7:7b:7c:76:4d:e3:2c:05:d8:f2:
e8:86:fc:39:f2:8f:bd:a5:18:45:36:b4:4a:ff:6c:85:b2:6e:
9e:e3:aa:73:3e:4e:0f:96:21:4a:2d:53:44:81:81:44:40:f4:
7a:0b:ab:cc:3b:b0:f2:1b:99:31:c4:58:55:ae:80:04:96:01:
6d:5c:3d:64:19:6a:2e:86:80:fb:8c:0f:a6:6e:80:6e:12:04:
48:65:cf:20:13:50:db:e3:79:6f:fa:15:61:7d:5c:41:d2:0a:
9f:75:b5:b1:26:8a:e6:86:47:62:d7:a9:cb:0d:4d:af:74:24:
31:3a:02:f7:59:e1:34:9e:c3:98:9e:3a:55:f5:26:36:96:0d:
d9:f5:35:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ7M8y6GQlNEWE4a/DR5E4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMjIxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEyYzM1OTgzMjNkNzdjNWQ4MTYwNWJmOTBjMzdiYjM4ZThhNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyiMrKSDlBydqRcIwL4W3Xua6re+
hyJDySmy55n3Y4tVDOcY3FJtC7JKMFkZrDly9Ta6ziovB59IpU7YQUi4irFxysZ8
Egnsb2nLaEjlsydlv/+PqekvCnHUGFqJhgYqjvKw/EVTdZe1fW3Xo4cR/75DqSOt
6X5w7+Tm5uO8+RzBFPpin/5wM2eNyPW/VN0f5LQSi/21pd5QKqnqTplz7TFbVaEr
yAS3RVS8Gla6e4Jtm8SQMTKSxxBvTnT2ou4rkZC41yhheYLX+d5YHh9xTxlAQJls
gwHn522l22oyNg7d4dqWJc4DZOquAgung6DaXAw/vPPnUfL7yUHHEASOvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIiiw1mDI9d8XYFgW/kMN7s46KdRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaUtMRFdZTWoxM3hkZ1dCYi1RdzN1empvcDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFE8fg/dD3tS4ecULMv/
Jvtthq6DDB6xl/jIGw1vMXA058unWJcC7UnEZIDXJOyRhh35tBBtPmck/fPuCovJ
VOmHyaqEBMBIGsnzL5Un9FURrprwd7DshtE3gIZ9OpslV9mTfez+/BbDp9fO8O4H
wZ58mkrs13t8dk3jLAXY8uiG/Dnyj72lGEU2tEr/bIWybp7jqnM+Tg+WIUotU0SB
gURA9HoLq8w7sPIbmTHEWFWugASWAW1cPWQZai6GgPuMD6ZugG4SBEhlzyATUNvj
eW/6FWF9XEHSCp91tbEmiuaGR2LXqcsNTa90JDE6AvdZ4TSew5ieOlX1JjaWDdn1
Nb0=
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:52:15 2025 by rpki-client