Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UI2TJJ6sWFTtG9ar9ra_WJheSkU.roa
File: UI2TJJ6sWFTtG9ar9ra_WJheSkU.roa (raw, json)
Hash identifier: BJj73NK3/jjw/pannhT8jEQdcuynMSQF1uEqIgZmN7w=
Subject key identifier: 50:8D:93:24:9E:AC:58:54:ED:1B:D6:AB:F6:B6:BF:58:98:5E:4A:45
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018509030F02B211E388259C86E5893CCA2A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UI2TJJ6sWFTtG9ar9ra_WJheSkU.roa
Signing time: Tue 13 Dec 2022 01:04:33 +0000
ROA not before: Tue 13 Dec 2022 01:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:902:d380/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:09:03:0f:02:b2:11:e3:88:25:9c:86:e5:89:3c:ca:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 13 01:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=508d93249eac5854ed1bd6abf6b6bf58985e4a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:67:97:cf:71:42:11:c0:b4:26:f6:f1:91:
f7:b3:d5:45:1d:49:08:25:f3:1b:97:2e:c6:c9:72:
4f:3e:3b:de:94:67:35:3e:20:89:41:d9:f0:9b:11:
37:02:eb:72:ed:a9:77:97:d2:69:fb:4b:de:ec:86:
dd:b4:90:55:34:ea:64:02:25:27:4b:ae:83:70:0c:
a4:28:6e:ee:09:31:74:42:d5:ef:7e:a1:a2:97:2c:
1f:a8:ed:ca:84:4e:17:02:7b:a5:04:2d:0e:73:f8:
54:37:61:14:4e:f9:3a:1f:77:db:e8:9e:9d:3e:cf:
b0:0b:76:41:0f:65:c1:12:7c:52:c5:90:02:f2:16:
32:d7:a9:f0:bc:24:dc:4f:b4:81:df:31:9e:98:9b:
02:a1:c9:e2:46:4b:80:78:1e:8b:dd:3f:9a:41:42:
83:9b:e5:e8:d8:a1:93:ec:5c:c1:e0:d2:2a:f2:3c:
f4:37:50:cf:c4:32:ae:02:0d:f5:f2:49:00:8a:8e:
42:78:ef:d1:fd:7c:0d:11:1e:1b:16:66:35:83:7c:
44:9f:fd:96:fa:99:39:d9:8a:9f:f3:d0:f4:c0:63:
05:46:fe:26:7b:72:9a:1f:cd:66:e2:3e:3b:b6:0a:
96:7c:14:bc:6b:bd:ae:e7:4a:b4:a7:64:6f:c7:b0:
e0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8D:93:24:9E:AC:58:54:ED:1B:D6:AB:F6:B6:BF:58:98:5E:4A:45
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UI2TJJ6sWFTtG9ar9ra_WJheSkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:50:b5:77:ea:56:d2:63:c5:8c:56:8a:e0:17:9e:fd:8d:c1:
ce:ec:f6:15:db:11:c2:f7:3d:d5:fb:17:87:94:d3:af:3a:e5:
80:0c:ee:7a:86:e5:48:b5:61:04:f5:9a:df:16:c3:29:73:b9:
70:2c:d6:34:ff:52:fd:01:25:3e:9e:1d:b4:3b:a9:2b:b5:a6:
fc:da:d6:b9:00:55:cd:0f:01:c0:26:73:70:64:2d:90:d2:29:
08:7e:60:06:fc:9b:97:b4:21:ef:15:4b:48:fd:c6:a0:da:8c:
69:55:55:f2:a2:b9:ad:2f:e0:f0:82:92:7e:8d:99:cc:5f:a5:
8f:ee:53:c1:1d:de:27:16:5c:82:e7:fc:1f:5b:87:ee:aa:ec:
c0:0e:97:f9:d2:ea:e7:8f:02:3d:fe:27:76:f1:06:1f:49:3a:
2c:64:1f:80:45:6a:b8:1d:f3:d4:4f:1b:eb:56:94:96:91:d3:
9a:b5:64:b9:3c:c6:7f:86:d2:8f:ca:a5:e2:0b:9f:76:7b:4a:
28:81:d4:ed:8d:d9:df:2e:5f:36:13:9d:1f:8f:aa:0d:dd:9c:
bf:86:7d:0a:60:3c:16:1c:22:05:e9:82:91:33:8a:49:d9:74:
00:8e:4d:f7:c2:7c:89:0d:a9:77:a2:d0:19:e6:55:47:b2:5f:
c4:37:32:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUJAw8CshHjiCWchuWJPMoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEzMDEwNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDhkOTMyNDllYWM1ODU0ZWQxYmQ2YWJmNmI2YmY1ODk4NWU0YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumBnl89xQhHAtCb28ZH3s9VFHUkI
JfMbly7GyXJPPjvelGc1PiCJQdnwmxE3Auty7al3l9Jp+0ve7IbdtJBVNOpkAiUn
S66DcAykKG7uCTF0QtXvfqGilywfqO3KhE4XAnulBC0Oc/hUN2EUTvk6H3fb6J6d
Ps+wC3ZBD2XBEnxSxZAC8hYy16nwvCTcT7SB3zGemJsCocniRkuAeB6L3T+aQUKD
m+Xo2KGT7FzB4NIq8jz0N1DPxDKuAg318kkAio5CeO/R/XwNER4bFmY1g3xEn/2W
+pk52Yqf89D0wGMFRv4me3KaH81m4j47tgqWfBS8a72u50q0p2Rvx7DgyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFCNkySerFhU7RvWq/a2v1iYXkpFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVUkyVEpKNnNXRlR0RzlhcjlyYV9XSmhlU2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKtQtXfqVtJjxYxWiuAX
nv2Nwc7s9hXbEcL3PdX7F4eU06865YAM7nqG5Ui1YQT1mt8WwylzuXAs1jT/Uv0B
JT6eHbQ7qSu1pvza1rkAVc0PAcAmc3BkLZDSKQh+YAb8m5e0Ie8VS0j9xqDajGlV
VfKiua0v4PCCkn6NmcxfpY/uU8Ed3icWXILn/B9bh+6q7MAOl/nS6uePAj3+J3bx
Bh9JOixkH4BFargd89RPG+tWlJaR05q1ZLk8xn+G0o/KpeILn3Z7SiiB1O2N2d8u
XzYTnR+Pqg3dnL+GfQpgPBYcIgXpgpEziknZdACOTffCfIkNqXei0BnmVUeyX8Q3
Mk4=
-----END CERTIFICATE-----
Generated at Thu May 1 09:19:41 2025 by rpki-client