Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uj--JUTGMfNj5HyaQEx6Dc41bd4.roa
File: Uj--JUTGMfNj5HyaQEx6Dc41bd4.roa (raw, json)
Hash identifier: PKFvXiLHUhZCETrdlekDsfIB5U9+WqrEXu7mY5+PPCw=
Subject key identifier: 52:3F:BE:25:44:C6:31:F3:63:E4:7C:9A:40:4C:7A:0D:CE:35:6D:DE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856439B58509B9981FA01AD6743337C221
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uj--JUTGMfNj5HyaQEx6Dc41bd4.roa
Signing time: Fri 30 Dec 2022 18:09:41 +0000
ROA not before: Fri 30 Dec 2022 18:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:64:39:b5:85:09:b9:98:1f:a0:1a:d6:74:33:37:c2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 18:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=523fbe2544c631f363e47c9a404c7a0dce356dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2b:87:b4:e7:36:e4:cd:ed:ee:a4:81:6a:fb:
c7:33:e5:7d:61:e7:be:24:bd:a1:e5:50:7a:92:11:
62:05:3a:a9:8e:e6:36:0f:63:6a:82:be:a4:b1:40:
a6:73:5f:b6:da:d8:be:1b:dd:b5:6a:bb:36:05:a8:
79:3e:be:b5:cf:5d:6b:20:ac:31:81:e9:7a:57:eb:
03:66:f0:8c:9b:99:15:cc:a4:28:be:a9:9b:92:18:
8e:4e:8a:61:66:bb:11:74:61:3a:d2:ec:4f:c9:c5:
1c:55:c8:2b:fc:d2:0d:53:b0:c1:92:f0:1a:2b:59:
1f:59:3f:49:ca:57:c0:23:d1:87:c3:85:2d:f5:92:
16:09:37:ff:75:79:3e:79:2a:1a:60:ac:af:69:e6:
d9:9a:a4:08:a8:ef:17:af:44:75:ff:a4:1d:c3:b5:
65:8d:22:81:6d:ef:5d:41:18:68:6f:7d:c0:c3:98:
52:a0:ea:49:12:09:31:44:1e:b4:5e:5d:87:ba:27:
fe:ee:34:21:ac:6f:e1:99:dc:9b:a5:fe:86:26:94:
1d:83:28:c6:3d:04:c2:69:5b:2b:40:6d:e6:87:5c:
25:6c:3b:9a:78:06:3b:f3:a1:cd:74:40:fa:42:6e:
2c:e6:73:55:7c:c3:99:bd:f2:33:0c:b4:88:bb:a0:
7c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3F:BE:25:44:C6:31:F3:63:E4:7C:9A:40:4C:7A:0D:CE:35:6D:DE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uj--JUTGMfNj5HyaQEx6Dc41bd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:91:a9:31:41:85:1f:39:b6:2a:7c:f0:e2:fc:db:d5:7c:b6:
59:9c:0c:e6:bf:08:bd:b1:03:9f:a3:5e:2d:24:bc:f2:09:9e:
84:dd:b6:14:df:d7:92:7d:bc:97:33:c6:55:02:ee:74:62:02:
4b:38:09:21:5d:0a:5d:ae:b4:f4:ec:c8:5e:85:ba:49:fb:f9:
8f:6c:6e:12:fc:99:94:7d:92:05:7e:94:ea:de:8e:38:83:63:
ec:2a:6d:94:90:1e:c9:c8:47:8d:04:96:e7:4e:bc:2d:79:18:
41:03:fc:6a:f3:d4:42:92:f3:38:d8:c8:f1:3e:cf:ca:4c:2a:
dc:f5:d3:00:fa:37:16:c1:a6:84:53:00:8d:e5:f7:07:61:60:
26:b7:df:28:ef:81:06:7d:4b:a0:ec:14:29:3a:8e:21:c9:d5:
ac:52:a9:12:c1:23:b6:33:5b:06:b6:49:12:5a:bb:73:16:c1:
b6:a5:26:53:2b:6e:98:3f:fa:ec:0b:bf:69:eb:eb:5f:06:38:
02:64:7a:f6:37:75:6d:22:b7:65:06:c5:26:25:6e:af:52:92:
cc:09:2f:f7:90:5e:d9:57:53:64:79:0f:6e:52:29:7d:ef:20:
d9:ca:9e:6c:9b:d3:04:56:f7:63:64:3d:fb:7d:5e:31:d1:5f:
5f:bc:c1:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVkObWFCbmYH6Aa1nQzN8IhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMTgwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNmYmUyNTQ0YzYzMWYzNjNlNDdjOWE0MDRjN2EwZGNlMzU2ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSuHtOc25M3t7qSBavvHM+V9Yee+
JL2h5VB6khFiBTqpjuY2D2Nqgr6ksUCmc1+22ti+G921ars2Bah5Pr61z11rIKwx
gel6V+sDZvCMm5kVzKQovqmbkhiOTophZrsRdGE60uxPycUcVcgr/NINU7DBkvAa
K1kfWT9JylfAI9GHw4Ut9ZIWCTf/dXk+eSoaYKyvaebZmqQIqO8Xr0R1/6Qdw7Vl
jSKBbe9dQRhob33Aw5hSoOpJEgkxRB60Xl2Huif+7jQhrG/hmdybpf6GJpQdgyjG
PQTCaVsrQG3mh1wlbDuaeAY786HNdED6Qm4s5nNVfMOZvfIzDLSIu6B8UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFI/viVExjHzY+R8mkBMeg3ONW3eMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVWotLUpVVEdNZk5qNUh5YVFFeDZEYzQxYmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKGRqTFBhR85tip88OL8
29V8tlmcDOa/CL2xA5+jXi0kvPIJnoTdthTf15J9vJczxlUC7nRiAks4CSFdCl2u
tPTsyF6Fukn7+Y9sbhL8mZR9kgV+lOrejjiDY+wqbZSQHsnIR40EludOvC15GEED
/Grz1EKS8zjYyPE+z8pMKtz10wD6NxbBpoRTAI3l9wdhYCa33yjvgQZ9S6DsFCk6
jiHJ1axSqRLBI7YzWwa2SRJau3MWwbalJlMrbpg/+uwLv2nr618GOAJkevY3dW0i
t2UGxSYlbq9SkswJL/eQXtlXU2R5D25SKX3vINnKnmyb0wRW92NkPft9XjHRX1+8
wXo=
-----END CERTIFICATE-----
Generated at Thu May 1 02:53:22 2025 by rpki-client