Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U8ZwhklMJVFXWVpZmUctsKFnMwk.roa
File: U8ZwhklMJVFXWVpZmUctsKFnMwk.roa (raw, json)
Hash identifier: MbDgHdOIAtrQfPPZOveNIJR10vg8cxQXf9Vu+dYxzBE=
Subject key identifier: 53:C6:70:86:49:4C:25:51:57:59:5A:59:99:47:2D:B0:A1:67:33:09
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8652F8F7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U8ZwhklMJVFXWVpZmUctsKFnMwk.roa
Signing time: Sun 22 May 2022 13:09:29 +0000
ROA not before: Sun 22 May 2022 13:09:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2253584631 (0x8652f8f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 22 13:09:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53c67086494c255157595a5999472db0a1673309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:df:85:00:c4:65:8a:67:8d:6e:2f:3e:40:34:
14:1b:c2:75:ee:c4:c1:01:4d:5e:37:74:b6:c2:a6:
81:cb:b6:6f:30:40:3e:22:ab:2a:c3:e4:c2:19:0e:
0f:6d:98:94:1b:94:14:14:31:68:48:0d:a1:0e:f4:
75:14:86:2c:b5:41:17:98:0f:b0:a0:ae:79:15:38:
70:ad:6a:ef:af:49:1e:c4:93:61:7b:0f:0f:f9:81:
55:56:a2:ce:e4:40:49:7d:c7:0c:5d:16:13:b7:8a:
7d:dc:a8:ba:be:bf:da:bb:60:e2:30:80:e7:d1:4e:
7f:93:b9:8b:fb:34:8a:26:f0:54:c2:30:08:ee:88:
68:b6:37:1f:bf:98:60:02:58:19:94:32:c7:be:f6:
c3:35:20:0a:a1:75:9d:7a:25:74:d5:0b:c3:b6:ae:
ef:f7:0e:ef:ac:32:13:a4:b9:ec:96:95:ab:4a:80:
4b:d1:a2:a5:6d:e7:e5:2f:b0:e3:ed:2a:f5:7f:a6:
a8:ad:72:8c:29:7d:5a:a9:f6:a6:09:34:24:da:29:
f5:8b:89:fd:74:e3:72:46:51:b5:e5:0e:c6:81:00:
9d:79:18:84:13:d4:e9:8b:1b:30:6e:fa:ed:62:27:
9f:58:ba:2b:52:aa:c6:f8:dd:07:5c:0a:6e:41:f4:
50:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C6:70:86:49:4C:25:51:57:59:5A:59:99:47:2D:B0:A1:67:33:09
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U8ZwhklMJVFXWVpZmUctsKFnMwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:48:10:cc:ec:a5:f2:77:2b:b8:5a:f9:6d:7a:07:3f:f1:e4:
b4:2c:70:c4:e3:39:13:0e:2b:96:31:d5:73:fb:9f:f4:54:c1:
eb:d9:49:02:f4:68:45:f3:ed:e5:ae:7c:dc:ec:d9:3d:c8:c2:
e0:5b:98:db:21:6e:d6:fe:fc:29:c7:fe:7e:77:94:fb:5d:21:
b0:81:53:cb:91:e2:48:54:ec:f7:3a:c6:b9:32:c3:2e:d4:43:
31:17:71:1f:f6:85:12:ff:05:ef:65:ed:0e:8f:5b:08:0c:c6:
2f:b0:1b:a0:ab:6b:f1:d8:49:b7:da:69:46:59:d1:e2:c7:29:
14:73:03:3c:a3:79:e1:88:a1:32:74:88:17:d2:4f:5e:97:4c:
01:bf:e9:f4:50:e1:fe:0b:ee:ee:37:4f:91:02:6d:5b:e3:80:
29:97:e5:1a:07:23:3a:04:42:64:99:f6:3c:ad:cb:85:9a:12:
91:65:be:d3:51:e6:73:36:18:ba:5a:3b:b0:6c:7a:c9:76:96:
27:11:c3:9f:7c:69:20:48:20:9b:8a:28:3d:50:e8:4a:6e:aa:
c8:2a:c2:79:c3:53:b9:08:c1:8f:c4:7c:45:07:14:5c:ac:33:
e0:52:4b:ee:ab:09:6c:2c:25:6d:e1:35:43:3f:24:59:b9:b7:
78:d2:86:76
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIZS+PcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjIxMzA5MjlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDUzYzY3MDg2NDk0
YzI1NTE1NzU5NWE1OTk5NDcyZGIwYTE2NzMzMDkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD034UAxGWKZ41uLz5ANBQbwnXuxMEBTV43dLbCpoHLtm8w
QD4iqyrD5MIZDg9tmJQblBQUMWhIDaEO9HUUhiy1QReYD7CgrnkVOHCtau+vSR7E
k2F7Dw/5gVVWos7kQEl9xwxdFhO3in3cqLq+v9q7YOIwgOfRTn+TuYv7NIom8FTC
MAjuiGi2Nx+/mGACWBmUMse+9sM1IAqhdZ16JXTVC8O2ru/3Du+sMhOkueyWlatK
gEvRoqVt5+UvsOPtKvV/pqitcowpfVqp9qYJNCTaKfWLif1043JGUbXlDsaBAJ15
GIQT1OmLGzBu+u1iJ59YuitSqsb43QdcCm5B9FA/AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUU8ZwhklMJVFXWVpZmUctsKFnMwkwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9VOFp3aGtsTUpWRlhXVnBabVVjdHNLRm5Nd2sucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEADEgQzOyl8ncruFr5bXoHP/HktCxwxOM5Ew4r
ljHVc/uf9FTB69lJAvRoRfPt5a583OzZPcjC4FuY2yFu1v78Kcf+fneU+10hsIFT
y5HiSFTs9zrGuTLDLtRDMRdxH/aFEv8F72XtDo9bCAzGL7AboKtr8dhJt9ppRlnR
4scpFHMDPKN54YihMnSIF9JPXpdMAb/p9FDh/gvu7jdPkQJtW+OAKZflGgcjOgRC
ZJn2PK3LhZoSkWW+01HmczYYulo7sGx6yXaWJxHDn3xpIEggm4ooPVDoSm6qyCrC
ecNTuQjBj8R8RQcUXKwz4FJL7qsJbCwlbeE1Qz8kWbm3eNKGdg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:57 2025 by rpki-client