Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UsNoR6TTm0CFD1PCK0cNf4fmb_s.roa
File: UsNoR6TTm0CFD1PCK0cNf4fmb_s.roa (raw, json)
Hash identifier: e54mfDSaxuGrlW5S1lBbku42POEPSX0HSQFd7c/TlvA=
Subject key identifier: 52:C3:68:47:A4:D3:9B:40:85:0F:53:C2:2B:47:0D:7F:87:E6:6F:FB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E11F36DB381719B16635C64527C36549
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UsNoR6TTm0CFD1PCK0cNf4fmb_s.roa
Signing time: Mon 05 Dec 2022 07:10:30 +0000
ROA not before: Mon 05 Dec 2022 07:10:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:1f:36:db:38:17:19:b1:66:35:c6:45:27:c3:65:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 5 07:10:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52c36847a4d39b40850f53c22b470d7f87e66ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:06:e1:a1:b8:d8:04:6b:01:76:27:f6:94:7e:
22:8f:7f:f2:01:34:9c:b0:b2:1e:3c:0f:4a:1a:02:
c6:20:bd:f9:51:e0:3c:bc:d3:8f:73:38:ef:a7:8a:
84:5a:82:a9:ad:77:bf:72:c8:71:50:25:3f:54:33:
19:2f:fc:7c:bd:71:ea:78:e9:e3:4a:d8:42:35:90:
0c:1d:d7:06:b2:30:a7:8c:80:04:0e:09:7f:b7:68:
bd:17:9b:d2:c6:b0:d3:27:21:ac:0f:a1:1c:e5:b7:
5d:0e:3d:f6:6e:4a:8c:4c:8e:70:16:6f:fb:35:f2:
9f:59:71:f3:64:89:f3:99:40:61:8c:88:8f:d2:ff:
d2:8c:e6:eb:1a:83:25:3c:d0:1a:0b:99:ab:ee:bb:
df:e4:d0:c0:f7:c0:ba:0b:65:60:b9:46:92:a9:39:
f4:aa:30:0e:57:8a:71:21:34:7a:d9:f2:59:94:78:
dd:6e:e9:7d:17:fe:31:dc:c4:be:d3:d0:d5:65:4f:
80:8c:ad:40:d2:20:ca:05:88:b7:24:f1:ec:34:25:
83:32:27:50:08:03:88:b6:68:4d:1a:8b:95:10:8d:
38:d0:d4:7c:4b:e0:be:15:30:f5:26:d1:7f:f9:d9:
08:2f:66:d8:d4:13:e4:33:90:9f:90:b4:6f:a3:54:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C3:68:47:A4:D3:9B:40:85:0F:53:C2:2B:47:0D:7F:87:E6:6F:FB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UsNoR6TTm0CFD1PCK0cNf4fmb_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:31:47:fb:3d:e7:f2:b8:25:c9:18:82:0f:07:10:63:ed:32:
f5:e2:74:20:7a:e5:0a:6d:3e:e7:b4:e8:4b:03:a5:37:f5:27:
fb:92:6d:b9:8d:7f:4b:3b:b7:b4:a9:bd:0c:02:cc:91:0c:01:
5d:5e:7e:f9:a1:b5:ed:bc:bc:29:9e:0b:03:d9:c6:51:f5:92:
d8:a2:ce:90:27:7b:8d:0d:08:dd:77:58:19:64:f5:3d:cf:42:
1f:9f:c5:65:cf:0d:bf:bb:3b:87:13:8e:4a:a1:4f:63:41:f8:
83:5a:ba:5a:a3:de:e9:c2:ef:14:f2:34:ca:32:7f:17:17:3c:
fe:4d:ba:27:1e:e7:b0:0f:db:37:83:11:1e:a0:b1:56:4a:bb:
6e:02:3b:62:9e:51:8a:f4:31:42:39:f8:48:b6:8f:bb:f9:1b:
0c:bd:46:b6:98:15:51:53:76:41:dd:70:7b:9f:c0:84:fe:63:
d5:8e:c3:0d:a6:36:de:6d:91:75:ad:3d:be:d9:41:67:70:89:
23:f7:e3:db:5a:99:35:3a:40:5c:0c:9e:c9:f3:84:76:09:d8:
d8:59:00:ec:76:fd:25:0e:c5:ab:19:a4:18:73:24:40:32:0f:
3b:ee:cc:be:b8:96:a0:b5:6f:6a:45:55:18:02:7d:c5:5f:33:
63:c1:1e:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYThHzbbOBcZsWY1xkUnw2VJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA1MDcxMDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmMzNjg0N2E0ZDM5YjQwODUwZjUzYzIyYjQ3MGQ3Zjg3ZTY2ZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgbhobjYBGsBdif2lH4ij3/yATSc
sLIePA9KGgLGIL35UeA8vNOPczjvp4qEWoKprXe/cshxUCU/VDMZL/x8vXHqeOnj
SthCNZAMHdcGsjCnjIAEDgl/t2i9F5vSxrDTJyGsD6Ec5bddDj32bkqMTI5wFm/7
NfKfWXHzZInzmUBhjIiP0v/SjObrGoMlPNAaC5mr7rvf5NDA98C6C2VguUaSqTn0
qjAOV4pxITR62fJZlHjdbul9F/4x3MS+09DVZU+AjK1A0iDKBYi3JPHsNCWDMidQ
CAOItmhNGouVEI040NR8S+C+FTD1JtF/+dkIL2bY1BPkM5CfkLRvo1QtUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFLDaEek05tAhQ9TwitHDX+H5m/7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVXNOb1I2VFRtMENGRDFQQ0swY05mNGZtYl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADkxR/s95/K4JckYgg8H
EGPtMvXidCB65QptPue06EsDpTf1J/uSbbmNf0s7t7SpvQwCzJEMAV1efvmhte28
vCmeCwPZxlH1ktiizpAne40NCN13WBlk9T3PQh+fxWXPDb+7O4cTjkqhT2NB+INa
ulqj3unC7xTyNMoyfxcXPP5Nuice57AP2zeDER6gsVZKu24CO2KeUYr0MUI5+Ei2
j7v5Gwy9RraYFVFTdkHdcHufwIT+Y9WOww2mNt5tkXWtPb7ZQWdwiSP349tamTU6
QFwMnsnzhHYJ2NhZAOx2/SUOxasZpBhzJEAyDzvuzL64lqC1b2pFVRgCfcVfM2PB
HgY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:32:36 2025 by rpki-client