Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U3dYBDihndaobW60Z5_mijtVD7c.roa
File: U3dYBDihndaobW60Z5_mijtVD7c.roa (raw, json)
Hash identifier: u0S3hc9x3WrZ6it+zVDLGKuSxgcxsWBWlOj8FcxblEA=
Subject key identifier: 53:77:58:04:38:A1:9D:D6:A8:6D:6E:B4:67:9F:E6:8A:3B:55:0F:B7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 9153F65A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U3dYBDihndaobW60Z5_mijtVD7c.roa
Signing time: Fri 01 Jul 2022 02:05:02 +0000
ROA not before: Fri 01 Jul 2022 02:05:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:b780:b75a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2438198874 (0x9153f65a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 1 02:05:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5377580438a19dd6a86d6eb4679fe68a3b550fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:35:e6:24:fc:d5:4e:b9:62:67:21:4e:22:4d:
cf:53:14:fc:ef:49:cc:4b:0d:6e:62:c2:72:f3:b6:
be:a6:ec:6a:8d:af:a8:df:f4:40:02:75:83:1e:18:
55:7c:45:09:0a:93:47:f4:21:b6:8f:82:32:54:79:
44:ad:f8:16:00:d6:6c:44:ee:72:c6:d1:73:68:84:
83:74:f2:60:af:28:58:39:32:a5:cd:f2:24:7c:95:
6d:77:62:15:78:9b:9f:a3:ab:2f:78:fe:bf:a0:fd:
83:88:cd:36:c1:4f:db:85:48:fe:16:23:43:24:45:
69:fb:d8:d8:6e:73:7e:b9:13:f4:94:4c:ae:c5:0e:
16:26:93:0d:13:e9:c6:cb:1b:8c:3c:5c:6f:76:94:
b6:ff:bc:9c:3b:84:a7:78:0a:c5:c6:9c:6e:5c:af:
6b:a0:87:3c:47:69:24:09:fa:54:de:f4:d5:eb:90:
a8:41:c1:7d:d5:6b:72:fd:65:e2:57:7c:c8:50:7f:
f2:b9:05:ea:03:ec:19:97:b2:f3:63:bb:aa:7d:59:
d9:c8:6b:c2:9b:4b:76:ec:2f:92:47:6c:71:46:9b:
f2:24:e9:03:70:8f:fc:b5:bd:1e:8e:ae:16:23:41:
58:1a:71:7a:c2:b3:a5:84:35:97:e3:55:c8:f6:f4:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:77:58:04:38:A1:9D:D6:A8:6D:6E:B4:67:9F:E6:8A:3B:55:0F:B7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U3dYBDihndaobW60Z5_mijtVD7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:6c:76:98:dd:17:1f:dd:b2:74:98:e1:fa:b6:62:a3:af:4e:
87:cd:de:92:25:c0:b0:6e:57:51:69:e3:cf:3e:08:fd:c3:7c:
17:f4:dc:a5:1c:24:e9:9b:60:c3:97:2b:b8:ce:2a:13:54:91:
8c:02:32:3e:ce:1c:7e:42:21:c1:4c:e7:26:8d:2f:0a:c3:b4:
73:c8:d9:40:eb:8c:b7:1e:ad:2b:81:ec:16:52:d5:95:b4:3d:
e5:34:e7:37:b6:ed:b2:f2:43:8b:38:dc:b4:ef:e3:42:7a:f6:
63:ca:e1:8c:d4:dd:c8:0e:76:9f:1a:cf:3f:f4:b0:21:c4:f9:
dc:ab:a8:2e:e7:82:1b:69:72:5d:a2:89:e4:32:db:b9:bd:51:
d2:76:33:7e:3c:69:04:44:cc:ea:75:42:a5:e2:85:6a:bc:fc:
56:e8:e9:71:f4:13:c3:59:cb:bc:b4:41:c3:3e:df:e9:0b:7a:
97:47:7b:32:9e:df:14:a0:10:09:8a:56:10:0f:9e:42:51:05:
ee:c5:5a:07:b5:34:21:02:42:2f:61:06:9e:e7:5e:25:0b:88:
bc:09:59:e2:40:ce:46:e9:5d:5a:90:0d:5c:27:7c:90:f8:cc:
71:b1:22:bb:0e:43:85:02:3c:43:a2:f1:a6:8d:ea:5f:1b:5a:
49:d5:08:3e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJFT9lowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA3
MDEwMjA1MDJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDUzNzc1ODA0Mzhh
MTlkZDZhODZkNmViNDY3OWZlNjhhM2I1NTBmYjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/NeYk/NVOuWJnIU4iTc9TFPzvScxLDW5iwnLztr6m7GqN
r6jf9EACdYMeGFV8RQkKk0f0IbaPgjJUeUSt+BYA1mxE7nLG0XNohIN08mCvKFg5
MqXN8iR8lW13YhV4m5+jqy94/r+g/YOIzTbBT9uFSP4WI0MkRWn72Nhuc365E/SU
TK7FDhYmkw0T6cbLG4w8XG92lLb/vJw7hKd4CsXGnG5cr2ughzxHaSQJ+lTe9NXr
kKhBwX3Va3L9ZeJXfMhQf/K5BeoD7BmXsvNju6p9WdnIa8KbS3bsL5JHbHFGm/Ik
6QNwj/y1vR6OrhYjQVgacXrCs6WENZfjVcj29DsZAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUU3dYBDihndaobW60Z5/mijtVD7cwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9VM2RZQkRpaG5kYW9iVzYwWjVfbWlqdFZEN2Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAGWx2mN0XH92ydJjh+rZio69Oh83ekiXAsG5X
UWnjzz4I/cN8F/TcpRwk6Ztgw5cruM4qE1SRjAIyPs4cfkIhwUznJo0vCsO0c8jZ
QOuMtx6tK4HsFlLVlbQ95TTnN7btsvJDizjctO/jQnr2Y8rhjNTdyA52nxrPP/Sw
IcT53KuoLueCG2lyXaKJ5DLbub1R0nYzfjxpBETM6nVCpeKFarz8VujpcfQTw1nL
vLRBwz7f6Qt6l0d7Mp7fFKAQCYpWEA+eQlEF7sVaB7U0IQJCL2EGnudeJQuIvAlZ
4kDORuldWpANXCd8kPjMcbEiuw5DhQI8Q6Lxpo3qXxtaSdUIPg==
-----END CERTIFICATE-----
Generated at Fri May 2 07:13:02 2025 by rpki-client