Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1uKk4E8zahwZeTNk3Cc8xA0TPh0.roa
File: 1uKk4E8zahwZeTNk3Cc8xA0TPh0.roa (raw, json)
Hash identifier: ulBUTM/k32uAok2LJWZZNZBDGZfJXyInzPcZo5qhW1o=
Subject key identifier: D6:E2:A4:E0:4F:33:6A:1C:19:79:33:64:DC:27:3C:C4:0D:13:3E:1D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185AA2D7892BE95F860F8E8F7A108F74883
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1uKk4E8zahwZeTNk3Cc8xA0TPh0.roa
Signing time: Fri 13 Jan 2023 08:09:44 +0000
ROA not before: Fri 13 Jan 2023 08:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:2d:78:92:be:95:f8:60:f8:e8:f7:a1:08:f7:48:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 13 08:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6e2a4e04f336a1c19793364dc273cc40d133e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:bc:96:6a:bb:44:a3:5b:c5:37:9e:1e:17:
87:60:75:56:ee:f2:f5:45:51:aa:d3:e7:a8:e7:4c:
cc:a1:ba:9d:a7:bd:d2:70:fb:3d:a3:72:b1:b1:29:
c2:a5:e4:5d:c9:ce:32:c6:b6:32:58:57:0a:43:3a:
3a:f1:dc:58:c4:08:13:29:37:1f:57:99:5a:e4:2f:
db:60:98:bb:38:b1:aa:76:88:47:ef:81:7c:b9:46:
a7:f8:27:06:28:15:2e:16:1e:e5:65:70:7c:64:dc:
82:e4:7c:3f:82:40:fe:d4:2e:89:15:20:5d:d0:0b:
f7:5e:c0:59:a0:dd:23:ef:f4:88:11:e5:94:fc:20:
bf:08:72:64:f4:9b:2d:81:9e:6a:61:8a:aa:04:cf:
5e:65:bd:11:81:97:f3:73:2e:6f:04:d7:b6:dc:78:
ee:dc:3f:96:dc:7a:22:6d:52:59:2e:6e:84:fc:1e:
c1:f6:0f:ea:25:96:dd:ea:61:02:93:ec:34:14:a6:
2d:a9:c5:08:26:17:fe:64:e3:93:af:eb:89:2b:64:
ce:db:18:22:51:88:71:47:2b:16:68:fb:2b:92:42:
c1:61:2a:00:41:5e:40:42:24:7b:50:dc:a4:3a:90:
8c:60:e9:99:1b:c2:de:60:df:bc:92:8f:11:78:d1:
a7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E2:A4:E0:4F:33:6A:1C:19:79:33:64:DC:27:3C:C4:0D:13:3E:1D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1uKk4E8zahwZeTNk3Cc8xA0TPh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:65:c9:3e:ce:1e:ba:05:85:92:a7:9b:09:f7:eb:58:07:62:
ab:07:23:50:03:60:a0:f8:47:9c:02:b4:4a:fa:61:c7:02:8c:
2b:0a:d6:3d:bd:66:36:46:d5:a9:cd:58:2c:12:89:61:52:47:
c9:e2:c0:91:fe:fc:83:77:c7:32:56:88:cd:42:48:c4:08:22:
9e:74:37:5b:ed:83:be:4d:9f:c4:bc:2a:bc:f1:91:0b:79:2f:
d3:e9:01:63:03:50:8b:5d:24:7a:72:bb:a6:22:24:03:4e:5a:
86:23:ac:51:80:df:3f:39:01:3c:96:10:29:d4:dd:af:49:d1:
9a:59:3c:89:93:26:b5:e3:27:de:56:c4:e2:b4:72:60:66:6b:
c2:4e:be:b2:b3:be:7a:f8:98:01:0e:2c:8a:22:52:58:44:67:
e2:47:b3:f1:e5:0f:b2:b9:27:0a:6a:f5:d1:1a:c1:a5:12:20:
d8:63:47:39:0f:f4:bb:62:d1:83:d6:1a:ad:c3:12:1d:8d:02:
92:8e:2e:a8:ea:56:60:e0:24:fb:f8:d9:42:a7:e5:e1:5d:8a:
f7:58:ac:5a:11:61:14:12:60:c8:1d:ad:bd:5e:7b:de:ac:4b:
6d:f5:6d:77:35:e6:fd:bc:21:a3:65:89:35:41:cb:ab:c0:59:
06:e7:87:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWqLXiSvpX4YPjo96EI90iDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEzMDgwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmUyYTRlMDRmMzM2YTFjMTk3OTMzNjRkYzI3M2NjNDBkMTMzZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGm8lmq7RKNbxTeeHheHYHVW7vL1
RVGq0+eo50zMobqdp73ScPs9o3KxsSnCpeRdyc4yxrYyWFcKQzo68dxYxAgTKTcf
V5la5C/bYJi7OLGqdohH74F8uUan+CcGKBUuFh7lZXB8ZNyC5Hw/gkD+1C6JFSBd
0Av3XsBZoN0j7/SIEeWU/CC/CHJk9JstgZ5qYYqqBM9eZb0RgZfzcy5vBNe23Hju
3D+W3HoibVJZLm6E/B7B9g/qJZbd6mECk+w0FKYtqcUIJhf+ZOOTr+uJK2TO2xgi
UYhxRysWaPsrkkLBYSoAQV5AQiR7UNykOpCMYOmZG8LeYN+8ko8ReNGnewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNbipOBPM2ocGXkzZNwnPMQNEz4dMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMXVLazRFOHphaHdaZVROazNDYzh4QTBUUGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIRlyT7OHroFhZKnmwn3
61gHYqsHI1ADYKD4R5wCtEr6YccCjCsK1j29ZjZG1anNWCwSiWFSR8niwJH+/IN3
xzJWiM1CSMQIIp50N1vtg75Nn8S8KrzxkQt5L9PpAWMDUItdJHpyu6YiJANOWoYj
rFGA3z85ATyWECnU3a9J0ZpZPImTJrXjJ95WxOK0cmBma8JOvrKzvnr4mAEOLIoi
UlhEZ+JHs/HlD7K5Jwpq9dEawaUSINhjRzkP9Lti0YPWGq3DEh2NApKOLqjqVmDg
JPv42UKn5eFdivdYrFoRYRQSYMgdrb1ee96sS231bXc15v28IaNliTVBy6vAWQbn
h/I=
-----END CERTIFICATE-----
Generated at Thu May 1 02:58:35 2025 by rpki-client