Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uk-lrQOrW9VrBCWZ6vNraiMvG1c.roa
File: Uk-lrQOrW9VrBCWZ6vNraiMvG1c.roa (raw, json)
Hash identifier: hvQ676Sd4ORFUv9YKPwwRv3rbWhc2yaL9iFa2j+daOs=
Subject key identifier: 52:4F:A5:AD:03:AB:5B:D5:6B:04:25:99:EA:F3:6B:6A:23:2F:1B:57
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855B68EFD3D948FEFF2F6CA65E1B69A394
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uk-lrQOrW9VrBCWZ6vNraiMvG1c.roa
Signing time: Thu 29 Dec 2022 01:04:41 +0000
ROA not before: Thu 29 Dec 2022 01:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:5b68:8e8a/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5b:68:ef:d3:d9:48:fe:ff:2f:6c:a6:5e:1b:69:a3:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 29 01:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=524fa5ad03ab5bd56b042599eaf36b6a232f1b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c8:e0:70:22:73:61:16:79:f9:5e:38:1a:7b:
45:e4:b7:4d:44:28:f9:94:1a:1e:70:2a:b8:e3:a2:
bf:fe:c3:3a:95:47:c0:c2:e8:6b:3e:20:f7:02:25:
c0:51:8d:2f:0a:61:7a:02:f4:2d:63:1c:3a:fb:a2:
d2:53:48:04:d8:47:e3:03:34:53:bd:d6:e2:c5:6a:
b8:0f:7f:87:24:5f:8c:48:ed:28:c4:81:04:44:97:
09:08:5b:1a:ca:72:df:5e:14:82:08:aa:3f:1d:14:
bc:bb:87:c4:33:f7:2e:c7:78:77:62:db:e4:ed:1f:
71:62:b1:b5:f8:85:89:a9:03:84:31:c7:4c:1d:27:
ba:01:82:05:90:7e:1d:e0:ee:0c:b4:e8:29:97:f3:
f3:2f:24:a1:02:0f:19:56:1b:28:7a:6d:34:2c:93:
03:43:d6:30:c5:17:05:18:4c:c0:c5:3f:64:7a:1f:
80:5c:4f:d3:2d:36:10:5a:27:b9:40:cb:d2:38:21:
8f:90:7a:db:7e:12:64:b1:54:65:18:14:cc:9d:b6:
c8:9d:05:ed:c8:6c:15:c3:ab:2e:44:06:65:8b:16:
bb:10:11:04:e8:42:69:c6:b8:a9:1f:0b:23:5d:6e:
49:90:ca:d5:76:3a:6a:b6:c0:8d:b1:39:b4:f2:ec:
16:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4F:A5:AD:03:AB:5B:D5:6B:04:25:99:EA:F3:6B:6A:23:2F:1B:57
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Uk-lrQOrW9VrBCWZ6vNraiMvG1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:e9:a6:d6:ea:12:56:11:21:87:b1:71:18:9a:d7:2a:25:09:
0a:1b:5f:66:9c:be:ed:83:44:b1:b7:37:32:1e:f7:d4:91:e8:
64:5a:0f:78:ef:16:ae:7b:5c:b2:6e:17:4d:27:b5:31:5f:0c:
5a:59:ea:78:1f:59:ea:96:a8:34:6d:c1:82:21:d6:7d:90:71:
fb:be:57:20:9f:ae:c6:36:48:34:77:75:d6:a0:87:2a:01:62:
72:f3:23:f0:f6:63:31:84:61:6f:fa:1e:ac:59:c0:bb:2e:69:
e7:4b:c4:ab:3c:f6:29:32:8b:9d:12:fd:57:54:c0:db:8e:bc:
38:86:6f:df:93:7f:d6:87:99:a6:d2:b2:3c:93:68:97:9b:d6:
d2:67:e3:04:2b:8f:38:85:f9:3f:61:06:30:5c:6d:f2:a4:c9:
fb:23:e6:6c:38:1c:11:95:95:66:fb:46:91:fa:f2:ea:50:dc:
7a:2c:54:98:da:03:00:1c:7b:09:ea:ff:47:4c:49:48:ab:de:
71:6d:4c:3c:87:ea:7c:8d:f4:bc:d7:b6:5d:ef:ee:69:0e:a3:
a2:9a:85:b2:5d:8a:8c:f2:02:83:ab:21:fe:69:0e:9e:05:88:
e8:f8:9d:42:4b:b2:b8:dc:fd:77:2c:3c:10:4f:42:e5:17:cf:
e7:f8:fa:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVbaO/T2Uj+/y9spl4baaOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI5MDEwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRmYTVhZDAzYWI1YmQ1NmIwNDI1OTllYWYzNmI2YTIzMmYxYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsjgcCJzYRZ5+V44GntF5LdNRCj5
lBoecCq446K//sM6lUfAwuhrPiD3AiXAUY0vCmF6AvQtYxw6+6LSU0gE2EfjAzRT
vdbixWq4D3+HJF+MSO0oxIEERJcJCFsaynLfXhSCCKo/HRS8u4fEM/cux3h3Ytvk
7R9xYrG1+IWJqQOEMcdMHSe6AYIFkH4d4O4MtOgpl/PzLyShAg8ZVhsoem00LJMD
Q9YwxRcFGEzAxT9keh+AXE/TLTYQWie5QMvSOCGPkHrbfhJksVRlGBTMnbbInQXt
yGwVw6suRAZlixa7EBEE6EJpxripHwsjXW5JkMrVdjpqtsCNsTm08uwWsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFJPpa0Dq1vVawQlmerza2ojLxtXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVWstbHJRT3JXOVZyQkNXWjZ2TnJhaU12RzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIrpptbqElYRIYexcRia
1yolCQobX2acvu2DRLG3NzIe99SR6GRaD3jvFq57XLJuF00ntTFfDFpZ6ngfWeqW
qDRtwYIh1n2Qcfu+VyCfrsY2SDR3ddaghyoBYnLzI/D2YzGEYW/6HqxZwLsuaedL
xKs89ikyi50S/VdUwNuOvDiGb9+Tf9aHmabSsjyTaJeb1tJn4wQrjziF+T9hBjBc
bfKkyfsj5mw4HBGVlWb7RpH68upQ3HosVJjaAwAcewnq/0dMSUir3nFtTDyH6nyN
9LzXtl3v7mkOo6KahbJdiozyAoOrIf5pDp4FiOj4nUJLsrjc/XcsPBBPQuUXz+f4
+i0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:27:39 2025 by rpki-client