Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/USyZCq_b04FutPLlYYtmnf2pEfc.roa
File: USyZCq_b04FutPLlYYtmnf2pEfc.roa (raw, json)
Hash identifier: bMIMbdQ6kKV+bfnG2NYtpNceRhchy0aYL1ZfbdXaBV0=
Subject key identifier: 51:2C:99:0A:AF:DB:D3:81:6E:B4:F2:E5:61:8B:66:9D:FD:A9:11:F7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018680C45AE58FE2B81789E327BCED16B5F5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/USyZCq_b04FutPLlYYtmnf2pEfc.roa
Signing time: Fri 24 Feb 2023 00:13:17 +0000
ROA not before: Fri 24 Feb 2023 00:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:80:c4:5a:e5:8f:e2:b8:17:89:e3:27:bc:ed:16:b5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 00:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=512c990aafdbd3816eb4f2e5618b669dfda911f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:84:ae:e9:d2:5f:a9:88:42:8f:97:28:a0:79:
ed:a2:4e:f9:39:bf:ba:76:d3:a9:f9:94:59:ab:5c:
9d:95:bb:fc:46:82:60:22:a4:e5:01:93:b4:32:7b:
23:71:c5:db:93:6f:4b:5e:08:32:a2:3f:ce:50:76:
67:82:a6:42:4a:d9:ec:63:8d:46:99:1c:4b:77:fb:
0c:25:30:80:75:bd:c3:7a:6c:1c:6b:92:34:f9:89:
d4:cd:87:6d:61:74:60:72:47:bf:c3:e4:54:b5:0b:
f5:37:70:4c:5d:4c:50:b0:dd:66:e7:bc:14:db:7d:
e6:15:fb:e3:37:92:14:1a:52:be:74:ab:c3:95:34:
f9:f3:64:c6:8c:e7:f9:fb:e1:1a:5c:a3:44:a4:5b:
f7:69:62:7c:1f:f7:26:b0:a1:3e:c2:34:71:50:fe:
7f:e3:d5:de:d7:5c:f5:b2:3f:03:2d:78:d8:37:22:
6b:34:c7:b7:57:40:0d:09:7b:f2:27:11:eb:09:bd:
04:70:d2:ed:b5:86:f6:42:21:23:a2:a6:1c:17:39:
81:77:af:d9:e6:3c:19:f1:0a:0a:9c:7f:43:f9:ea:
90:36:55:d6:07:12:04:c7:42:f3:8d:cd:25:73:af:
41:3f:b3:ec:2f:48:8e:8a:be:5a:6e:51:2f:a8:14:
e1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2C:99:0A:AF:DB:D3:81:6E:B4:F2:E5:61:8B:66:9D:FD:A9:11:F7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/USyZCq_b04FutPLlYYtmnf2pEfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:50:e0:0b:dd:78:e5:34:85:75:96:59:5f:10:9c:91:86:f5:
f5:9e:e5:2c:2b:f2:4e:24:40:9e:1a:ca:50:e5:7b:1f:61:8a:
9d:c9:e6:5e:71:93:cf:30:50:1a:3b:61:46:13:4c:f2:f0:6f:
6b:52:20:ae:85:57:cb:b1:93:b5:4b:92:f9:12:5e:f3:b5:b7:
b2:88:35:b7:5e:c3:dc:06:8d:03:93:4e:a9:da:d0:71:b6:04:
87:72:cf:bb:e3:98:37:44:56:55:de:27:8b:ab:da:4c:63:b6:
b6:63:12:ca:1a:a9:8e:05:d4:98:06:15:f6:10:9f:9c:f2:ce:
35:f4:9c:ee:0a:a7:fd:37:f0:aa:e0:a6:b8:01:69:8f:38:43:
61:14:f7:9f:a4:55:f2:a3:e5:72:cf:8d:84:78:fc:98:c0:af:
28:d9:1c:4c:1b:01:f3:4e:f1:7c:ca:20:85:cf:20:69:ba:02:
34:18:e2:68:f3:22:15:96:a8:c8:20:90:df:5b:65:a9:98:cb:
ab:e8:b1:98:91:bf:c9:bc:b4:c2:da:2e:03:61:45:9d:af:13:
ab:fe:dd:56:53:23:10:be:ba:f5:af:ac:b3:09:63:53:4f:34:
29:37:2d:6c:cd:65:d5:d1:8d:58:c8:aa:84:cd:db:36:fb:2c:
36:cc:d3:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaAxFrlj+K4F4njJ7ztFrX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MDAxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJjOTkwYWFmZGJkMzgxNmViNGYyZTU2MThiNjY5ZGZkYTkxMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYSu6dJfqYhCj5cooHntok75Ob+6
dtOp+ZRZq1ydlbv8RoJgIqTlAZO0MnsjccXbk29LXggyoj/OUHZngqZCStnsY41G
mRxLd/sMJTCAdb3Demwca5I0+YnUzYdtYXRgcke/w+RUtQv1N3BMXUxQsN1m57wU
233mFfvjN5IUGlK+dKvDlTT582TGjOf5++EaXKNEpFv3aWJ8H/cmsKE+wjRxUP5/
49Xe11z1sj8DLXjYNyJrNMe3V0ANCXvyJxHrCb0EcNLttYb2QiEjoqYcFzmBd6/Z
5jwZ8QoKnH9D+eqQNlXWBxIEx0Lzjc0lc69BP7PsL0iOir5ablEvqBThNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFEsmQqv29OBbrTy5WGLZp39qRH3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVVN5WkNxX2IwNEZ1dFBMbFlZdG1uZjJwRWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1Q4AvdeOU0hXWWWV8Q
nJGG9fWe5Swr8k4kQJ4aylDlex9hip3J5l5xk88wUBo7YUYTTPLwb2tSIK6FV8ux
k7VLkvkSXvO1t7KINbdew9wGjQOTTqna0HG2BIdyz7vjmDdEVlXeJ4ur2kxjtrZj
EsoaqY4F1JgGFfYQn5zyzjX0nO4Kp/038KrgprgBaY84Q2EU95+kVfKj5XLPjYR4
/JjAryjZHEwbAfNO8XzKIIXPIGm6AjQY4mjzIhWWqMggkN9bZamYy6vosZiRv8m8
tMLaLgNhRZ2vE6v+3VZTIxC+uvWvrLMJY1NPNCk3LWzNZdXRjVjIqoTN2zb7LDbM
09Q=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:56:58 2025 by rpki-client