Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iwkYVML82MotSSQa4ZbtcmLh5qs.roa
File: iwkYVML82MotSSQa4ZbtcmLh5qs.roa (raw, json)
Hash identifier: 7j2j8h7t8zaezW9e5AJSZzX4TxiysQ6U7whaczgBWVE=
Subject key identifier: 8B:09:18:54:C2:FC:D8:CA:2D:49:24:1A:E1:96:ED:72:62:E1:E6:AB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186789ECA427FB3C19FD1A7EFB0794B2F81
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iwkYVML82MotSSQa4ZbtcmLh5qs.roa
Signing time: Wed 22 Feb 2023 10:15:17 +0000
ROA not before: Wed 22 Feb 2023 10:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:9e:ca:42:7f:b3:c1:9f:d1:a7:ef:b0:79:4b:2f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 10:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b091854c2fcd8ca2d49241ae196ed7262e1e6ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6e:69:b5:65:35:7b:3a:7f:e5:29:13:23:ab:
09:a0:ac:8a:07:49:d4:43:53:12:cf:1c:cd:82:f6:
9b:ca:51:57:f9:99:89:28:40:b3:90:d4:2f:a0:c5:
85:78:32:df:7a:3e:ee:f1:42:5e:8d:a4:cc:21:36:
90:30:ed:65:03:45:2e:bd:79:b3:9f:b7:fb:86:4a:
55:6e:5a:1a:1e:56:e1:48:dd:bc:28:77:34:40:c1:
62:c2:1b:11:f4:69:ad:57:2e:58:6b:f9:17:13:41:
11:e7:d2:09:c9:78:06:a5:a5:d5:8d:35:02:da:d0:
64:86:44:f4:6d:bc:6b:84:06:b6:b6:11:1d:03:f5:
16:cc:82:14:dd:ff:47:a0:c6:24:ef:ce:53:07:bc:
22:12:34:75:32:28:75:91:6e:c7:c5:8c:02:07:3a:
86:ab:68:7e:dc:33:05:36:4d:8f:c8:f2:ce:49:59:
cb:22:8e:c9:33:6b:69:b8:3e:63:8e:68:a4:72:44:
ff:42:ce:be:5a:52:48:af:0b:79:fc:cb:5b:32:bd:
ad:2f:05:49:fa:ef:94:94:ca:31:54:71:6e:30:c0:
86:53:d4:eb:89:eb:dc:bc:14:ef:d4:ea:54:4f:6d:
40:22:9f:12:76:0f:f9:55:3e:03:86:b6:40:db:9f:
17:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:09:18:54:C2:FC:D8:CA:2D:49:24:1A:E1:96:ED:72:62:E1:E6:AB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/iwkYVML82MotSSQa4ZbtcmLh5qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:d6:9d:75:dd:85:e5:83:a7:8c:2b:d8:f9:c9:6a:15:e3:e0:
9d:63:e0:fc:c4:9b:a2:5c:46:9f:80:9c:99:78:1f:64:8b:0e:
bf:64:00:18:02:d8:5e:5d:f8:d9:f1:92:94:94:3d:87:8c:0c:
a5:95:9c:44:15:49:99:94:01:3f:fe:ed:29:a2:10:0b:f9:86:
6e:99:af:48:5b:1b:ad:e4:bc:59:a0:e8:68:17:49:51:9b:2e:
85:a8:76:cd:ed:eb:8f:74:1f:db:2c:ac:24:62:91:0d:4b:20:
50:b9:0c:0f:36:20:ea:3d:cb:7d:ac:28:07:80:9c:07:2c:89:
77:d5:c1:66:c2:41:22:4e:3b:1f:eb:30:9e:d2:a0:e8:d2:57:
cb:4c:d4:ad:54:f6:2f:69:f2:32:c4:30:79:2e:58:e5:95:61:
3c:01:e2:46:29:cd:73:ef:91:46:7d:11:c5:8e:bc:74:4c:2a:
dc:1c:d0:99:9b:93:08:c7:4c:54:41:f3:b8:4f:ea:74:6e:7d:
a2:6f:c4:f4:b9:d5:04:d7:6a:76:9d:a5:f5:3f:47:72:3c:bf:
da:20:f3:4f:5e:8c:5f:56:22:09:93:08:c5:4e:22:e4:ff:39:
65:94:93:da:ef:ca:1f:75:72:c5:c5:02:80:d2:53:4b:7a:13:
59:7e:22:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ4nspCf7PBn9Gn77B5Sy+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMTAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA5MTg1NGMyZmNkOGNhMmQ0OTI0MWFlMTk2ZWQ3MjYyZTFlNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi25ptWU1ezp/5SkTI6sJoKyKB0nU
Q1MSzxzNgvabylFX+ZmJKECzkNQvoMWFeDLfej7u8UJejaTMITaQMO1lA0UuvXmz
n7f7hkpVbloaHlbhSN28KHc0QMFiwhsR9GmtVy5Ya/kXE0ER59IJyXgGpaXVjTUC
2tBkhkT0bbxrhAa2thEdA/UWzIIU3f9HoMYk785TB7wiEjR1Mih1kW7HxYwCBzqG
q2h+3DMFNk2PyPLOSVnLIo7JM2tpuD5jjmikckT/Qs6+WlJIrwt5/MtbMr2tLwVJ
+u+UlMoxVHFuMMCGU9TrievcvBTv1OpUT21AIp8Sdg/5VT4DhrZA258XFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIsJGFTC/NjKLUkkGuGW7XJi4earMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaXdrWVZNTDgyTW90U1NRYTRaYnRjbUxoNXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFfWnXXdheWDp4wr2PnJ
ahXj4J1j4PzEm6JcRp+AnJl4H2SLDr9kABgC2F5d+NnxkpSUPYeMDKWVnEQVSZmU
AT/+7SmiEAv5hm6Zr0hbG63kvFmg6GgXSVGbLoWods3t6490H9ssrCRikQ1LIFC5
DA82IOo9y32sKAeAnAcsiXfVwWbCQSJOOx/rMJ7SoOjSV8tM1K1U9i9p8jLEMHku
WOWVYTwB4kYpzXPvkUZ9EcWOvHRMKtwc0JmbkwjHTFRB87hP6nRufaJvxPS51QTX
anadpfU/R3I8v9og809ejF9WIgmTCMVOIuT/OWWUk9rvyh91csXFAoDSU0t6E1l+
Imw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:53:10 2025 by rpki-client