Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UB5kY5LzfQbL5wOFASFDk4OA9Go.roa
File: UB5kY5LzfQbL5wOFASFDk4OA9Go.roa (raw, json)
Hash identifier: KbSCi5AqRltq/FX4LEOVyEd2aF91vyhKpT0ReJ6jY4k=
Subject key identifier: 50:1E:64:63:92:F3:7D:06:CB:E7:03:85:01:21:43:93:83:80:F4:6A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018688AD7825B5CBBECBE6548ECB51FE93AB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UB5kY5LzfQbL5wOFASFDk4OA9Go.roa
Signing time: Sat 25 Feb 2023 13:05:15 +0000
ROA not before: Sat 25 Feb 2023 13:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:88ac:8d68/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:88:ad:78:25:b5:cb:be:cb:e6:54:8e:cb:51:fe:93:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 13:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=501e646392f37d06cbe70385012143938380f46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:33:f2:fb:0d:1f:00:62:b6:43:09:99:2c:0e:
c4:9f:7a:24:41:ea:ce:29:5e:67:8e:7b:bf:ad:e3:
0f:51:b7:de:df:d8:51:1e:5a:7c:11:12:6c:85:33:
4a:27:01:9a:d0:ac:f4:05:e8:9e:3e:f1:6f:f3:3c:
b7:d3:01:bd:ed:73:1e:74:22:b4:95:e4:f1:c4:52:
96:c2:65:5d:09:d9:d3:e7:ac:18:c8:66:1f:b2:71:
26:da:82:69:0b:07:9e:9e:d0:14:65:bd:eb:23:43:
90:d4:ba:2a:90:13:ff:2e:73:3f:18:64:8c:f3:de:
20:a9:58:10:40:7d:0b:76:6a:80:b4:b9:34:71:ed:
18:ff:50:59:a1:45:23:55:c0:3e:37:75:76:a4:80:
f6:56:82:2a:19:8a:d2:e5:43:ae:36:7f:d2:2c:94:
fc:b4:d3:36:a1:d8:10:cb:35:22:ac:48:1b:f7:ed:
c0:05:2a:7f:8a:5f:2e:0a:02:f4:a8:80:2a:2d:ab:
9d:d6:18:70:ef:fa:a0:16:d3:ad:cc:2a:17:f5:49:
8a:6f:c9:b4:61:bc:08:63:90:02:e1:04:a4:14:83:
6d:82:5b:94:b4:4d:82:64:d7:79:6e:06:10:f8:0c:
9b:89:cc:08:ec:d1:4a:c0:4d:41:47:6a:78:15:11:
8c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:1E:64:63:92:F3:7D:06:CB:E7:03:85:01:21:43:93:83:80:F4:6A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UB5kY5LzfQbL5wOFASFDk4OA9Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:78:e1:ce:f0:7e:04:95:b3:47:27:fe:ee:42:0d:14:ef:f5:
28:01:82:f4:36:4e:ba:ee:cb:40:43:42:4e:f2:58:c7:d1:b8:
2e:23:56:ca:22:64:d5:0f:45:a3:36:a2:08:2b:3a:cd:26:ee:
69:16:cb:5a:1d:24:60:58:e1:42:e1:ae:20:4a:13:3f:3b:81:
36:92:e4:b1:90:b0:d6:d1:d5:81:f6:43:92:89:df:e7:45:d8:
e2:37:6a:a4:10:25:c2:6b:ca:d0:bd:c6:a9:24:45:88:0b:2f:
cc:89:fa:e9:ad:19:1d:47:a9:eb:2e:1f:64:c7:cd:79:85:7e:
65:74:33:0d:b5:6a:40:3b:5b:5d:d4:eb:9c:47:6b:25:65:4b:
00:30:ff:41:9a:60:e6:bf:b0:ef:97:7e:c8:86:4f:f7:d0:f5:
2a:e7:35:e9:c7:c7:f1:ad:b6:32:5f:38:6a:9b:3f:69:1c:93:
0f:76:a6:07:8a:c2:b0:44:a5:e4:65:b5:6c:fd:8b:c8:71:c9:
9b:63:e7:d6:ee:10:a2:86:31:c5:22:c4:52:dc:bc:21:4b:d1:
99:5e:9c:78:bc:0a:d8:ce:f5:fa:c8:c7:c1:2f:c1:79:13:51:
e0:ce:1a:9a:65:f7:68:39:d2:57:f4:46:66:41:a8:1c:9e:54:
d7:4f:5e:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaIrXgltcu+y+ZUjstR/pOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTMwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDFlNjQ2MzkyZjM3ZDA2Y2JlNzAzODUwMTIxNDM5MzgzODBmNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDPy+w0fAGK2QwmZLA7En3okQerO
KV5njnu/reMPUbfe39hRHlp8ERJshTNKJwGa0Kz0BeiePvFv8zy30wG97XMedCK0
leTxxFKWwmVdCdnT56wYyGYfsnEm2oJpCweentAUZb3rI0OQ1LoqkBP/LnM/GGSM
894gqVgQQH0LdmqAtLk0ce0Y/1BZoUUjVcA+N3V2pID2VoIqGYrS5UOuNn/SLJT8
tNM2odgQyzUirEgb9+3ABSp/il8uCgL0qIAqLaud1hhw7/qgFtOtzCoX9UmKb8m0
YbwIY5AC4QSkFINtgluUtE2CZNd5bgYQ+AybicwI7NFKwE1BR2p4FRGMVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFAeZGOS830Gy+cDhQEhQ5ODgPRqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVUI1a1k1THpmUWJMNXdPRkFTRkRrNE9BOUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABN44c7wfgSVs0cn/u5C
DRTv9SgBgvQ2Trruy0BDQk7yWMfRuC4jVsoiZNUPRaM2oggrOs0m7mkWy1odJGBY
4ULhriBKEz87gTaS5LGQsNbR1YH2Q5KJ3+dF2OI3aqQQJcJrytC9xqkkRYgLL8yJ
+umtGR1HqesuH2THzXmFfmV0Mw21akA7W13U65xHayVlSwAw/0GaYOa/sO+XfsiG
T/fQ9SrnNenHx/GttjJfOGqbP2kckw92pgeKwrBEpeRltWz9i8hxyZtj59buEKKG
McUixFLcvCFL0ZlenHi8CtjO9frIx8EvwXkTUeDOGppl92g50lf0RmZBqByeVNdP
XuA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:54:58 2025 by rpki-client