Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/USAiuA24DLa6dfSeyfx_mVDTM2U.roa
File: USAiuA24DLa6dfSeyfx_mVDTM2U.roa (raw, json)
Hash identifier: lNpYLKp+S+xsmzhNbZP73DehSD5DHsy2uuOigm3FHN8=
Subject key identifier: 51:20:22:B8:0D:B8:0C:B6:BA:75:F4:9E:C9:FC:7F:99:50:D3:33:65
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01853FBF5529CF26B50A353673856A46FD40
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/USAiuA24DLa6dfSeyfx_mVDTM2U.roa
Signing time: Fri 23 Dec 2022 16:09:41 +0000
ROA not before: Fri 23 Dec 2022 16:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:bf:55:29:cf:26:b5:0a:35:36:73:85:6a:46:fd:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 23 16:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=512022b80db80cb6ba75f49ec9fc7f9950d33365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:44:27:05:94:53:b5:28:65:2b:cf:b9:03:
23:5a:29:99:ce:11:c4:13:56:67:3d:0d:5f:15:65:
3f:ea:4e:ae:a8:9a:39:b9:84:92:41:f8:d6:85:b9:
54:2a:9f:3d:fb:14:44:16:2f:3b:92:53:f7:36:47:
86:54:5b:86:08:1c:5b:7d:4b:c6:d7:22:86:94:6a:
ea:c0:04:3c:1a:00:e2:b9:82:6b:14:ca:5a:bb:be:
e9:cf:6b:99:a0:e4:cf:55:58:07:9b:1d:52:71:de:
a3:55:20:bc:8c:db:b6:d0:b5:26:14:37:b4:13:dc:
09:85:13:10:80:91:bf:01:96:b3:4e:bf:28:40:3d:
1b:ac:0c:85:cb:ed:a6:96:72:dc:9c:4d:78:53:e8:
80:e4:90:5f:f2:66:89:d4:db:55:3b:db:c9:79:1a:
3b:d6:93:bf:8a:c0:0b:e8:40:60:40:98:39:71:b2:
c5:36:6d:4e:7e:20:6d:58:bf:45:10:08:44:15:2b:
02:b0:8b:d3:c7:2b:70:d4:75:86:03:8a:fb:e1:63:
61:74:de:cb:3f:04:c9:ed:c2:1c:03:6f:27:ff:b9:
41:4e:cd:c3:38:52:7e:d3:8d:45:54:f9:7b:93:48:
d8:62:65:4f:23:8c:10:6c:e9:cf:e9:91:b1:32:87:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:20:22:B8:0D:B8:0C:B6:BA:75:F4:9E:C9:FC:7F:99:50:D3:33:65
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/USAiuA24DLa6dfSeyfx_mVDTM2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:ca:bd:1f:a6:15:c5:a1:b2:86:6e:2b:f5:33:d3:ce:c8:44:
47:e3:0f:be:ed:4b:40:c9:90:b4:00:1b:db:ed:a9:60:1d:dd:
bf:a4:d2:5e:df:42:1f:1f:be:cd:1b:ba:8c:35:fa:fe:7b:51:
19:98:8e:d5:f5:63:05:72:d6:43:c5:2d:99:83:c4:93:3f:0c:
39:ff:29:66:90:bb:0a:27:45:d6:fa:46:87:73:4c:27:48:76:
2f:52:ae:2f:72:cc:dd:f8:dd:74:ef:59:90:53:0d:59:f7:db:
0e:7c:b4:42:5c:d2:d0:81:cd:20:c6:c5:05:bd:3e:29:c8:e8:
64:01:3f:4d:67:7a:7d:11:e9:fe:93:26:78:d4:a1:da:51:0b:
a0:65:a9:e8:ce:16:09:43:0a:b6:be:09:2f:14:79:dc:db:e0:
2f:6e:93:e5:a3:21:33:ff:50:a8:64:ce:c2:4b:d4:7c:6c:03:
32:aa:97:aa:4a:30:3e:91:91:4f:b7:66:03:24:f2:2e:16:31:
60:51:09:2a:0b:dc:0a:a4:4c:93:d5:4f:de:d8:47:41:07:b0:
fa:c2:49:ad:f1:64:a4:56:c7:17:63:4f:77:3f:76:35:80:a2:
28:49:fd:97:a2:17:3d:f6:59:c2:7a:7e:bf:b9:74:93:e7:af:
7d:68:38:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYU/v1Upzya1CjU2c4VqRv1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIzMTYwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTIwMjJiODBkYjgwY2I2YmE3NWY0OWVjOWZjN2Y5OTUwZDMzMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsZEJwWUU7UoZSvPuQMjWimZzhHE
E1ZnPQ1fFWU/6k6uqJo5uYSSQfjWhblUKp89+xREFi87klP3NkeGVFuGCBxbfUvG
1yKGlGrqwAQ8GgDiuYJrFMpau77pz2uZoOTPVVgHmx1Scd6jVSC8jNu20LUmFDe0
E9wJhRMQgJG/AZazTr8oQD0brAyFy+2mlnLcnE14U+iA5JBf8maJ1NtVO9vJeRo7
1pO/isAL6EBgQJg5cbLFNm1OfiBtWL9FEAhEFSsCsIvTxytw1HWGA4r74WNhdN7L
PwTJ7cIcA28n/7lBTs3DOFJ+041FVPl7k0jYYmVPI4wQbOnP6ZGxMocZSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFEgIrgNuAy2unX0nsn8f5lQ0zNlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVVNBaXVBMjRETGE2ZGZTZXlmeF9tVkRUTTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB/KvR+mFcWhsoZuK/Uz
087IREfjD77tS0DJkLQAG9vtqWAd3b+k0l7fQh8fvs0buow1+v57URmYjtX1YwVy
1kPFLZmDxJM/DDn/KWaQuwonRdb6RodzTCdIdi9Sri9yzN343XTvWZBTDVn32w58
tEJc0tCBzSDGxQW9PinI6GQBP01nen0R6f6TJnjUodpRC6BlqejOFglDCra+CS8U
edzb4C9uk+WjITP/UKhkzsJL1HxsAzKql6pKMD6RkU+3ZgMk8i4WMWBRCSoL3Aqk
TJPVT97YR0EHsPrCSa3xZKRWxxdjT3c/djWAoihJ/ZeiFz32WcJ6fr+5dJPnr31o
OGo=
-----END CERTIFICATE-----
Generated at Thu May 1 17:05:51 2025 by rpki-client