Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ub7pRB5hghK9WgCFzGAt3kzMlKc.roa
File: Ub7pRB5hghK9WgCFzGAt3kzMlKc.roa (raw, json)
Hash identifier: K64NDNeTWwbv9oNsGybW6rhS1atGiZF6t4MBhtjlhaY=
Subject key identifier: 51:BE:E9:44:1E:61:82:12:BD:5A:00:85:CC:60:2D:DE:4C:CC:94:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3ABF2337C07C870BB03F44E5460F9C1A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ub7pRB5hghK9WgCFzGAt3kzMlKc.roa
Signing time: Mon 28 Aug 2023 06:05:19 +0000
ROA not before: Mon 28 Aug 2023 06:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:3abe:4327/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3a:bf:23:37:c0:7c:87:0b:b0:3f:44:e5:46:0f:9c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 06:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51bee9441e618212bd5a0085cc602dde4ccc94a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7e:d0:31:a6:95:f4:28:97:58:1c:de:28:d9:
65:c8:87:d0:aa:a5:21:aa:74:84:00:2d:81:7d:2d:
48:e9:f7:a2:f6:75:04:00:46:2c:e4:4f:eb:4d:98:
32:bb:ea:18:7f:b7:04:fc:b0:c1:bc:e1:75:dd:79:
58:bd:e7:fb:83:4e:45:28:fb:a8:88:b7:75:44:bb:
f0:79:cc:9d:10:ab:de:38:73:02:4c:ff:43:a1:79:
69:0d:4d:9b:c9:44:41:39:d9:1d:47:22:58:5b:93:
83:34:e5:e9:db:b2:e3:74:25:9d:f8:85:96:ff:b6:
7a:88:9e:36:95:af:f9:8a:ad:68:79:75:54:26:8f:
ff:51:c8:62:e3:f8:7b:3b:36:a3:86:f6:35:8f:6e:
8b:ae:21:c1:23:f7:a4:13:fb:c1:ef:53:27:2a:f4:
ec:bf:32:37:6b:ce:b2:cb:bf:e9:9b:17:1b:43:35:
54:5e:20:95:6b:8d:05:47:3e:56:e2:24:7d:c2:d0:
94:59:c1:00:4d:70:3d:a0:b1:c7:c9:02:77:68:3c:
5b:86:1f:a5:2a:98:1d:41:0f:ed:71:70:07:5c:2e:
29:2f:23:fe:b2:3f:d0:8c:ff:ed:a9:c7:26:25:45:
a8:5f:79:27:af:9c:0c:ee:00:60:fb:12:60:ff:a5:
81:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BE:E9:44:1E:61:82:12:BD:5A:00:85:CC:60:2D:DE:4C:CC:94:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ub7pRB5hghK9WgCFzGAt3kzMlKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:00:31:4d:09:36:2f:32:01:76:8a:3f:86:a4:2f:77:64:d3:
77:04:6b:69:bb:e6:53:de:ad:08:fe:a0:6c:d2:e6:f8:41:65:
1b:7e:96:74:19:9b:e9:f3:a9:a2:ce:2b:f4:e6:8a:09:39:69:
43:9f:c4:49:e4:7a:05:b1:ed:fb:21:01:7c:cb:84:82:45:78:
73:b9:84:02:2c:6e:72:e8:b1:cf:1c:48:e2:83:9c:68:4b:a6:
1b:76:91:39:99:ca:1c:92:6d:87:43:6e:67:39:84:9c:b1:11:
09:41:dd:31:a9:22:73:76:28:ea:ef:76:fc:f4:7d:44:31:ca:
a9:f1:74:7a:e2:5c:83:eb:8a:80:b3:19:2d:0b:76:f0:6a:3c:
45:93:af:68:91:1b:93:e9:69:03:c9:b8:64:a0:c1:aa:b1:9c:
a9:af:2e:4c:e0:a6:98:45:07:9b:2d:dd:4f:b9:ae:cf:83:25:
21:a1:7f:52:d0:ea:da:13:89:80:97:28:36:94:a9:e6:8b:47:
ec:70:a3:a4:07:ed:6f:94:19:ef:3b:40:95:ba:32:53:95:15:
a8:71:4e:ea:31:31:69:8d:59:be:55:75:c5:5f:36:c5:65:90:
ae:3b:92:6e:c5:73:a7:ea:25:a9:3d:4e:93:e4:a9:8b:1f:44:
71:76:f9:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo6vyM3wHyHC7A/ROVGD5waMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MDYwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWJlZTk0NDFlNjE4MjEyYmQ1YTAwODVjYzYwMmRkZTRjY2M5NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX7QMaaV9CiXWBzeKNllyIfQqqUh
qnSEAC2BfS1I6fei9nUEAEYs5E/rTZgyu+oYf7cE/LDBvOF13XlYvef7g05FKPuo
iLd1RLvwecydEKveOHMCTP9DoXlpDU2byURBOdkdRyJYW5ODNOXp27LjdCWd+IWW
/7Z6iJ42la/5iq1oeXVUJo//Uchi4/h7OzajhvY1j26LriHBI/ekE/vB71MnKvTs
vzI3a86yy7/pmxcbQzVUXiCVa40FRz5W4iR9wtCUWcEATXA9oLHHyQJ3aDxbhh+l
KpgdQQ/tcXAHXC4pLyP+sj/QjP/tqccmJUWoX3knr5wM7gBg+xJg/6WBNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFG+6UQeYYISvVoAhcxgLd5MzJSnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVWI3cFJCNWhnaEs5V2dDRnpHQXQza3pNbEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH4AMU0JNi8yAXaKP4ak
L3dk03cEa2m75lPerQj+oGzS5vhBZRt+lnQZm+nzqaLOK/Tmigk5aUOfxEnkegWx
7fshAXzLhIJFeHO5hAIsbnLosc8cSOKDnGhLpht2kTmZyhySbYdDbmc5hJyxEQlB
3TGpInN2KOrvdvz0fUQxyqnxdHriXIPrioCzGS0LdvBqPEWTr2iRG5PpaQPJuGSg
waqxnKmvLkzgpphFB5st3U+5rs+DJSGhf1LQ6toTiYCXKDaUqeaLR+xwo6QH7W+U
Ge87QJW6MlOVFahxTuoxMWmNWb5VdcVfNsVlkK47km7Fc6fqJak9TpPkqYsfRHF2
+Qw=
-----END CERTIFICATE-----
Generated at Fri May 2 15:36:59 2025 by rpki-client