Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U1f44S4YHlZ17qgKiIC2zatU4TA.roa
File: U1f44S4YHlZ17qgKiIC2zatU4TA.roa (raw, json)
Hash identifier: eFI5s6XHfufxetq0pqJFGLnZLj88bohzCzaDY0Z4Irs=
Subject key identifier: 53:57:F8:E1:2E:18:1E:56:75:EE:A8:0A:88:80:B6:CD:AB:54:E1:30
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3BD1CBC355C8D72AB6DB2637A25D4978
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U1f44S4YHlZ17qgKiIC2zatU4TA.roa
Signing time: Mon 28 Aug 2023 11:05:19 +0000
ROA not before: Mon 28 Aug 2023 11:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:3bd1:6b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:d1:cb:c3:55:c8:d7:2a:b6:db:26:37:a2:5d:49:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 11:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5357f8e12e181e5675eea80a8880b6cdab54e130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c6:5f:8b:37:6c:af:fb:87:65:c4:e5:ae:e7:
fa:a1:31:46:4d:3c:23:43:6b:9c:e5:d3:20:cd:d6:
be:f1:ee:80:9d:9c:af:45:2c:9f:5f:1a:e3:23:d3:
47:4c:6e:86:7a:62:d5:36:e9:ad:a7:43:f6:28:ff:
8b:d7:b9:e8:f4:1b:2f:6d:8e:97:af:16:79:d4:3e:
de:a3:39:05:4c:b1:14:f6:31:75:58:63:bb:a6:de:
bc:08:6c:ac:92:fb:0f:fc:78:a3:bb:c4:40:9c:b9:
4a:eb:6e:1e:98:6b:e4:2a:fe:44:36:4c:6a:e1:71:
ea:17:f4:82:37:1f:e6:69:18:cb:65:11:23:50:e5:
8e:e2:58:72:c3:91:9c:58:76:69:37:de:be:e2:1e:
80:3f:cd:e1:3b:6f:39:e7:a1:15:a7:53:70:4e:57:
1b:60:8f:f0:ce:f2:29:b6:e5:1b:98:98:89:15:8c:
db:2b:5c:42:cc:e1:e5:f7:a7:40:6f:c2:28:51:81:
dc:fb:e3:c6:3e:84:29:37:17:bf:cb:1e:d7:df:3f:
1b:71:6e:7f:bd:88:a7:8c:57:46:02:d6:fe:b0:75:
de:da:77:cc:de:1e:89:50:56:d6:ca:3c:2a:6e:da:
c3:03:35:5b:09:3c:0b:1c:c3:3e:af:dc:37:ed:13:
3c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:57:F8:E1:2E:18:1E:56:75:EE:A8:0A:88:80:B6:CD:AB:54:E1:30
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U1f44S4YHlZ17qgKiIC2zatU4TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:95:91:cb:6b:50:95:57:e3:72:1f:66:83:aa:98:be:9b:da:
31:16:f9:28:b3:c2:0f:53:c3:70:3f:8f:d5:ce:22:d0:d4:98:
f8:f7:60:8d:d9:d3:c0:01:b7:84:4a:16:62:9a:a9:b1:81:b9:
f2:76:e0:70:72:dd:50:b5:f9:3f:3e:81:52:e0:ee:ad:80:5c:
04:42:8c:6c:ad:98:4f:b5:4e:94:ce:6b:dc:d8:b0:5e:72:64:
17:d4:e5:82:fd:e5:07:5d:78:1a:1f:33:10:f9:76:1e:f9:01:
99:84:3e:4c:eb:29:68:47:39:63:a0:9c:66:95:15:e7:04:32:
6d:26:aa:1a:87:02:53:ad:2b:c4:f8:bb:af:87:c0:83:87:2c:
b7:15:14:b2:41:a0:63:82:1d:f6:be:de:47:4e:1a:09:d9:50:
f6:b1:97:f4:4b:ff:70:55:8c:4b:a2:e3:5c:3b:ac:86:46:94:
1f:31:cd:07:d0:a7:37:60:27:96:55:87:ba:e3:c3:f5:c7:bd:
a5:55:f7:67:04:68:17:26:5a:81:e4:ca:d8:fc:b5:c3:ac:0e:
7f:44:45:92:98:ac:03:a5:af:1a:4d:81:6b:ab:2c:4c:4d:77:
2b:9c:a3:19:cb:6e:fc:46:92:d7:9d:60:06:34:bd:71:7c:19:
64:5a:ab:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo70cvDVcjXKrbbJjeiXUl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MTEwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzU3ZjhlMTJlMTgxZTU2NzVlZWE4MGE4ODgwYjZjZGFiNTRlMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcZfizdsr/uHZcTlruf6oTFGTTwj
Q2uc5dMgzda+8e6AnZyvRSyfXxrjI9NHTG6GemLVNumtp0P2KP+L17no9BsvbY6X
rxZ51D7eozkFTLEU9jF1WGO7pt68CGyskvsP/Hiju8RAnLlK624emGvkKv5ENkxq
4XHqF/SCNx/maRjLZREjUOWO4lhyw5GcWHZpN96+4h6AP83hO28556EVp1NwTlcb
YI/wzvIptuUbmJiJFYzbK1xCzOHl96dAb8IoUYHc++PGPoQpNxe/yx7X3z8bcW5/
vYinjFdGAtb+sHXe2nfM3h6JUFbWyjwqbtrDAzVbCTwLHMM+r9w37RM8PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFNX+OEuGB5Wde6oCoiAts2rVOEwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVTFmNDRTNFlIbFoxN3FnS2lJQzJ6YXRVNFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGmVkctrUJVX43IfZoOq
mL6b2jEW+Sizwg9Tw3A/j9XOItDUmPj3YI3Z08ABt4RKFmKaqbGBufJ24HBy3VC1
+T8+gVLg7q2AXARCjGytmE+1TpTOa9zYsF5yZBfU5YL95QddeBofMxD5dh75AZmE
PkzrKWhHOWOgnGaVFecEMm0mqhqHAlOtK8T4u6+HwIOHLLcVFLJBoGOCHfa+3kdO
GgnZUPaxl/RL/3BVjEui41w7rIZGlB8xzQfQpzdgJ5ZVh7rjw/XHvaVV92cEaBcm
WoHkytj8tcOsDn9ERZKYrAOlrxpNgWurLExNdyucoxnLbvxGktedYAY0vXF8GWRa
q+Y=
-----END CERTIFICATE-----
Generated at Sat May 3 13:36:08 2025 by rpki-client