Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UsO7RmUFXMJStWHz5mbFa10-1t4.roa
File: UsO7RmUFXMJStWHz5mbFa10-1t4.roa (raw, json)
Hash identifier: kEondT/trdKjddm7ZO28QbPtvpX49Tx0rdDm1OOBS5g=
Subject key identifier: 52:C3:BB:46:65:05:5C:C2:52:B5:61:F3:E6:66:C5:6B:5D:3E:D6:DE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01873343CF2D7F5034D4E8A342BCB2995857
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UsO7RmUFXMJStWHz5mbFa10-1t4.roa
Signing time: Thu 30 Mar 2023 16:04:54 +0000
ROA not before: Thu 30 Mar 2023 16:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:3343:2b77/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:43:cf:2d:7f:50:34:d4:e8:a3:42:bc:b2:99:58:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 30 16:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52c3bb4665055cc252b561f3e666c56b5d3ed6de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:20:f0:df:7c:dd:8a:f9:5c:e8:37:9f:c8:a0:
1a:a2:6f:fc:bc:9f:e9:94:e1:a8:70:15:4b:45:94:
00:b5:f8:52:40:b5:82:43:09:15:07:28:97:be:bf:
62:1b:6e:da:bc:89:75:98:bf:a2:8c:7c:f8:8a:d0:
11:2d:d8:54:a9:b6:8e:24:78:10:bc:12:83:d9:ac:
d5:9c:09:dd:50:fc:ad:be:d8:71:e6:cc:bb:95:b7:
7a:69:b7:02:9d:2d:01:7e:51:46:c8:4d:2c:42:39:
7c:b0:77:88:d4:31:68:3c:5c:52:0a:f2:3a:86:77:
a2:34:19:74:a9:1c:45:01:51:70:4e:75:06:9f:34:
2f:4d:1a:f5:bf:7b:ee:f4:25:e7:86:b1:6f:4f:93:
6b:80:0b:c0:cc:54:29:bb:9b:ac:71:c4:73:98:2e:
fc:2d:19:56:70:b9:ce:85:25:d9:48:4c:f3:44:6f:
b9:cd:4b:23:f8:78:a5:a1:6e:c7:34:ee:88:d4:8a:
4a:a1:a2:a0:20:88:3e:c1:d6:00:c5:27:5e:db:5c:
5d:1a:f1:09:2f:28:1c:ae:23:7c:c1:64:6e:92:21:
85:c1:17:ca:0e:c4:e1:b6:6d:a8:c8:71:4a:69:b2:
96:17:eb:19:3a:00:77:a9:89:c3:d0:95:1b:e3:35:
ba:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C3:BB:46:65:05:5C:C2:52:B5:61:F3:E6:66:C5:6B:5D:3E:D6:DE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UsO7RmUFXMJStWHz5mbFa10-1t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:de:88:d4:06:ac:e0:9c:f0:62:db:81:79:d4:c4:e9:60:97:
9f:aa:b6:e4:dc:e6:95:5c:5e:b3:4c:0b:a4:5c:a0:2a:c9:cb:
cc:64:a1:7d:bf:ac:f5:90:98:5f:54:83:a8:14:90:15:d0:c5:
02:d7:9d:e5:33:ba:ab:23:c8:b3:21:f5:39:d0:7c:20:e7:b7:
b9:34:13:3a:55:ac:fa:9f:55:08:dd:a5:81:6b:df:d0:be:ab:
4f:7b:90:30:e2:ee:56:a5:52:d0:2b:bd:ae:cd:33:ed:8c:5a:
7f:3d:79:78:b8:cd:e5:a3:ef:5f:61:ab:8e:5d:da:91:34:27:
9a:40:c8:3e:67:ba:e3:ef:3e:42:60:5f:f8:0d:80:f2:4f:8a:
45:e6:30:b2:b5:52:45:70:d1:64:91:67:7f:45:f8:12:c8:19:
e0:9f:a3:fa:4f:3c:43:80:2b:cf:9f:42:b3:d8:14:25:b5:97:
8d:39:c6:81:0c:b3:9f:cb:f2:35:d5:28:ff:99:61:55:22:6c:
86:bd:3a:0f:f1:7d:00:47:e0:46:fb:31:98:7b:34:f6:fe:e4:
31:f1:4f:0e:e5:fe:f6:fb:6a:ef:72:d2:4e:30:8a:41:c7:12:
25:3c:95:ce:d9:07:05:05:3d:cd:92:7b:d2:cf:a5:7e:12:0b:
88:c5:de:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYczQ88tf1A01OijQryymVhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzMwMTYwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmMzYmI0NjY1MDU1Y2MyNTJiNTYxZjNlNjY2YzU2YjVkM2VkNmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCDw33zdivlc6DefyKAaom/8vJ/p
lOGocBVLRZQAtfhSQLWCQwkVByiXvr9iG27avIl1mL+ijHz4itARLdhUqbaOJHgQ
vBKD2azVnAndUPytvthx5sy7lbd6abcCnS0BflFGyE0sQjl8sHeI1DFoPFxSCvI6
hneiNBl0qRxFAVFwTnUGnzQvTRr1v3vu9CXnhrFvT5NrgAvAzFQpu5usccRzmC78
LRlWcLnOhSXZSEzzRG+5zUsj+HiloW7HNO6I1IpKoaKgIIg+wdYAxSde21xdGvEJ
LygcriN8wWRukiGFwRfKDsThtm2oyHFKabKWF+sZOgB3qYnD0JUb4zW6UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFLDu0ZlBVzCUrVh8+ZmxWtdPtbeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVXNPN1JtVUZYTUpTdFdIejVtYkZhMTAtMXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKjeiNQGrOCc8GLbgXnU
xOlgl5+qtuTc5pVcXrNMC6RcoCrJy8xkoX2/rPWQmF9Ug6gUkBXQxQLXneUzuqsj
yLMh9TnQfCDnt7k0EzpVrPqfVQjdpYFr39C+q097kDDi7lalUtArva7NM+2MWn89
eXi4zeWj719hq45d2pE0J5pAyD5nuuPvPkJgX/gNgPJPikXmMLK1UkVw0WSRZ39F
+BLIGeCfo/pPPEOAK8+fQrPYFCW1l405xoEMs5/L8jXVKP+ZYVUibIa9Og/xfQBH
4Eb7MZh7NPb+5DHxTw7l/vb7au9y0k4wikHHEiU8lc7ZBwUFPc2Se9LPpX4SC4jF
3hs=
-----END CERTIFICATE-----
Generated at Thu May 1 10:03:40 2025 by rpki-client