Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UpgpzEioMeo4kkRmoBf4z5SiE-4.roa
File: UpgpzEioMeo4kkRmoBf4z5SiE-4.roa (raw, json)
Hash identifier: +Zw539a+FcO0P+TeIzhOlOX6hG5z0HV+2qrYQKeJ4R0=
Subject key identifier: 52:98:29:CC:48:A8:31:EA:38:92:44:66:A0:17:F8:CF:94:A2:13:EE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185646C111FEDA467EE43EDD0A523320402
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UpgpzEioMeo4kkRmoBf4z5SiE-4.roa
Signing time: Fri 30 Dec 2022 19:04:41 +0000
ROA not before: Fri 30 Dec 2022 19:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:646b:a48d/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:64:6c:11:1f:ed:a4:67:ee:43:ed:d0:a5:23:32:04:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 19:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=529829cc48a831ea38924466a017f8cf94a213ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:64:c6:ad:e3:ec:51:81:0d:3c:b9:ec:7b:d5:
f6:94:c6:da:bd:21:ee:c3:a9:31:e0:1f:ff:46:4f:
48:0f:42:8c:d1:a2:eb:fb:a6:08:90:ca:15:4a:47:
04:15:73:76:0f:79:61:2b:0d:0e:2d:34:14:1f:16:
dd:31:69:62:f8:d0:c7:4e:b0:de:0a:bb:0a:0e:b0:
52:53:ea:d4:47:8b:4f:d9:b1:94:27:e3:12:d3:d1:
6e:9f:fe:88:ab:4d:f2:91:61:42:86:48:bc:e4:fa:
5b:c6:bf:95:84:8d:26:52:8a:bf:ed:44:dd:78:35:
c1:ea:63:c6:9c:5b:fa:2b:a9:ec:4a:bf:8d:c5:ee:
3a:f7:f2:d5:57:21:24:6b:e9:22:1e:1b:f8:4a:83:
91:19:91:c6:0f:05:af:7f:df:db:98:a4:53:dd:62:
44:d5:c9:f3:b1:aa:f7:af:89:81:e2:a5:cc:8e:1c:
79:7e:9c:9b:31:b5:16:d8:82:18:29:60:83:ba:da:
6f:a7:6a:d6:fc:6c:88:52:01:61:b5:5f:dc:e4:39:
88:a7:e2:6b:d6:cf:87:e1:2d:da:f7:2f:e9:f9:1f:
7a:c6:c3:ac:25:d3:dd:6e:b9:0b:74:b4:87:dc:a1:
64:d8:73:97:32:fa:7f:83:0b:2f:0f:03:93:23:26:
5e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:98:29:CC:48:A8:31:EA:38:92:44:66:A0:17:F8:CF:94:A2:13:EE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UpgpzEioMeo4kkRmoBf4z5SiE-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:25:7f:08:98:a2:b4:bf:29:d3:d6:3a:84:2f:e3:3c:63:14:
dc:3f:94:bb:d8:a5:cb:44:10:22:af:18:f0:e5:cf:20:0b:4d:
83:9c:89:1a:af:6b:8b:d4:06:fc:1e:e4:c8:be:db:82:9e:98:
b5:97:da:a5:b0:66:b9:a3:ab:bd:23:57:11:0c:28:94:26:ba:
87:c1:5d:a0:a5:da:c9:8f:16:de:84:74:a2:56:cb:1b:50:8a:
eb:b1:53:3e:aa:67:cb:9d:d5:07:ea:71:02:1b:f2:45:94:4f:
5c:9b:e1:a8:32:fc:86:7f:c4:ed:4a:de:a6:5c:d1:f5:43:53:
ac:5c:b0:d5:8f:6c:e4:2b:71:40:be:41:2b:5a:d8:7f:41:24:
28:e9:1e:2f:cb:96:aa:b3:c4:30:30:99:3f:02:bd:2c:88:82:
36:5a:b6:b0:8e:7a:d8:54:28:47:cd:70:f5:c4:5e:94:d1:25:
94:dc:f0:fb:71:2e:d7:3a:ec:e0:c5:11:53:d4:ba:0d:92:a7:
e0:b3:8f:76:1b:8d:2c:7f:e2:7b:84:41:d1:a0:0d:56:37:63:
9a:09:df:a3:3f:ef:0f:f1:e7:51:2e:c8:4b:95:41:35:16:2c:
eb:e6:73:5f:df:3e:e3:bf:f5:17:10:3a:fd:36:55:75:b1:60:
fb:51:bb:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVkbBEf7aRn7kPt0KUjMgQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMTkwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjk4MjljYzQ4YTgzMWVhMzg5MjQ0NjZhMDE3ZjhjZjk0YTIxM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2TGrePsUYENPLnse9X2lMbavSHu
w6kx4B//Rk9ID0KM0aLr+6YIkMoVSkcEFXN2D3lhKw0OLTQUHxbdMWli+NDHTrDe
CrsKDrBSU+rUR4tP2bGUJ+MS09Fun/6Iq03ykWFChki85Ppbxr+VhI0mUoq/7UTd
eDXB6mPGnFv6K6nsSr+Nxe469/LVVyEka+kiHhv4SoORGZHGDwWvf9/bmKRT3WJE
1cnzsar3r4mB4qXMjhx5fpybMbUW2IIYKWCDutpvp2rW/GyIUgFhtV/c5DmIp+Jr
1s+H4S3a9y/p+R96xsOsJdPdbrkLdLSH3KFk2HOXMvp/gwsvDwOTIyZedQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFKYKcxIqDHqOJJEZqAX+M+UohPuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVXBncHpFaW9NZW80a2tSbW9CZjR6NVNpRS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJklfwiYorS/KdPWOoQv
4zxjFNw/lLvYpctEECKvGPDlzyALTYOciRqva4vUBvwe5Mi+24KemLWX2qWwZrmj
q70jVxEMKJQmuofBXaCl2smPFt6EdKJWyxtQiuuxUz6qZ8ud1QfqcQIb8kWUT1yb
4agy/IZ/xO1K3qZc0fVDU6xcsNWPbOQrcUC+QSta2H9BJCjpHi/LlqqzxDAwmT8C
vSyIgjZatrCOethUKEfNcPXEXpTRJZTc8PtxLtc67ODFEVPUug2Sp+Czj3YbjSx/
4nuEQdGgDVY3Y5oJ36M/7w/x51EuyEuVQTUWLOvmc1/fPuO/9RcQOv02VXWxYPtR
u8s=
-----END CERTIFICATE-----
Generated at Thu May 1 01:27:53 2025 by rpki-client