Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uf9mfR52gZDwsF9aQJFGRGihkWs.roa
File: Uf9mfR52gZDwsF9aQJFGRGihkWs.roa (raw, json)
Hash identifier: z75lfvFxJIH6vcEfndZaevCqbDoIRqQM90ag7QGUZpU=
Subject key identifier: 51:FF:66:7D:1E:76:81:90:F0:B0:5F:5A:40:91:46:44:68:A1:91:6B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189CD59BF507112878AAA5AD66FE2BA442D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uf9mfR52gZDwsF9aQJFGRGihkWs.roa
Signing time: Mon 07 Aug 2023 00:15:58 +0000
ROA not before: Mon 07 Aug 2023 00:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cd:59:bf:50:71:12:87:8a:aa:5a:d6:6f:e2:ba:44:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 7 00:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51ff667d1e768190f0b05f5a4091464468a1916b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7e:9c:f7:9c:38:64:12:f9:9b:83:76:f8:0e:
c3:d6:d4:d8:a3:7e:20:0c:76:ce:76:c5:87:2f:a7:
1d:8c:40:e9:ff:5f:7a:71:74:06:e6:40:3d:5d:ad:
0a:00:e4:f3:48:ec:47:fb:ed:c5:bb:44:9b:97:99:
23:41:13:fd:c9:e4:bf:0a:63:bf:a4:7c:90:29:db:
29:41:99:a6:10:96:47:26:ca:b4:14:ad:eb:80:b7:
ac:82:3a:bd:d4:e9:d2:35:e6:87:80:f2:68:f1:71:
43:2a:fb:54:ea:4b:d4:cb:ac:31:44:b3:42:39:45:
b4:38:72:6c:a0:67:7c:64:b4:c8:2a:9a:01:4c:68:
78:71:ea:69:fc:47:62:78:fe:e4:67:e1:1f:a3:8a:
b5:ba:10:be:9d:f8:dd:11:d8:39:c6:f2:c3:12:90:
63:af:91:0b:c2:30:be:fc:16:2c:03:46:44:79:d1:
da:d5:f1:95:50:b7:c5:bc:17:8c:cf:69:3c:5a:ee:
6b:8b:76:75:2d:86:2e:56:88:dd:da:43:6e:8c:39:
b3:6b:c0:84:d7:4b:23:ca:49:99:f8:9b:94:e5:ff:
69:f8:a3:54:b6:52:a1:19:fc:96:c4:b4:df:4d:5a:
cf:61:ef:c1:f8:5d:e6:c1:83:ff:de:56:26:81:74:
49:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FF:66:7D:1E:76:81:90:F0:B0:5F:5A:40:91:46:44:68:A1:91:6B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uf9mfR52gZDwsF9aQJFGRGihkWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:e2:13:f0:d3:90:ad:cf:cf:fb:a1:05:58:f3:ea:99:7e:55:
de:a4:61:27:0a:91:60:bc:19:86:7a:0a:33:77:64:f1:38:d6:
dd:e8:72:b9:82:c7:1f:e0:60:5f:68:b2:39:d8:cf:e2:43:cd:
1f:7a:3d:28:14:5e:82:1e:43:13:ce:c5:4c:86:d8:bb:81:72:
f2:fd:a2:c6:09:29:ea:f9:6e:28:13:95:e5:5f:b4:80:99:75:
c8:cc:9b:01:49:df:98:5a:92:d3:82:03:dc:6b:4a:bf:05:31:
28:77:5c:94:58:9f:c5:50:b7:ed:4d:ca:55:fe:ce:6a:b7:8f:
ed:c6:69:0d:12:ba:d2:72:3b:99:78:c4:66:9c:74:6d:fa:73:
09:e7:32:75:57:b5:18:ab:22:de:56:2d:73:30:40:3a:f1:28:
55:2d:5f:95:59:dd:cc:3f:fa:e4:ce:05:cc:3e:64:94:95:6c:
1e:ec:5c:84:67:74:bb:1c:18:49:e7:f7:da:1a:cd:71:49:0e:
90:44:7b:73:99:c2:b4:12:88:bd:fd:20:6e:90:ae:4b:67:d7:
f5:d9:78:0e:a5:05:a1:ef:73:b4:15:f4:6c:a6:9d:73:71:8f:
86:53:02:8a:bc:ed:a4:f0:c3:7d:5c:8b:28:88:54:96:d2:ff:
d7:65:ae:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnNWb9QcRKHiqpa1m/iukQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA3MDAxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZmNjY3ZDFlNzY4MTkwZjBiMDVmNWE0MDkxNDY0NDY4YTE5MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun6c95w4ZBL5m4N2+A7D1tTYo34g
DHbOdsWHL6cdjEDp/196cXQG5kA9Xa0KAOTzSOxH++3Fu0Sbl5kjQRP9yeS/CmO/
pHyQKdspQZmmEJZHJsq0FK3rgLesgjq91OnSNeaHgPJo8XFDKvtU6kvUy6wxRLNC
OUW0OHJsoGd8ZLTIKpoBTGh4cepp/EdieP7kZ+Efo4q1uhC+nfjdEdg5xvLDEpBj
r5ELwjC+/BYsA0ZEedHa1fGVULfFvBeMz2k8Wu5ri3Z1LYYuVojd2kNujDmza8CE
10sjykmZ+JuU5f9p+KNUtlKhGfyWxLTfTVrPYe/B+F3mwYP/3lYmgXRJpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFH/Zn0edoGQ8LBfWkCRRkRooZFrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVWY5bWZSNTJnWkR3c0Y5YVFKRkdSR2loa1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACjiE/DTkK3Pz/uhBVjz
6pl+Vd6kYScKkWC8GYZ6CjN3ZPE41t3ocrmCxx/gYF9osjnYz+JDzR96PSgUXoIe
QxPOxUyG2LuBcvL9osYJKer5bigTleVftICZdcjMmwFJ35haktOCA9xrSr8FMSh3
XJRYn8VQt+1NylX+zmq3j+3GaQ0SutJyO5l4xGacdG36cwnnMnVXtRirIt5WLXMw
QDrxKFUtX5VZ3cw/+uTOBcw+ZJSVbB7sXIRndLscGEnn99oazXFJDpBEe3OZwrQS
iL39IG6Qrktn1/XZeA6lBaHvc7QV9GymnXNxj4ZTAoq87aTww31ciyiIVJbS/9dl
rqw=
-----END CERTIFICATE-----
Generated at Thu May 1 08:26:09 2025 by rpki-client