Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Utkazv4f0H3-548XlblIcOLRGLg.roa
File: Utkazv4f0H3-548XlblIcOLRGLg.roa (raw, json)
Hash identifier: mA5aefoTDlMNK/FnDCHbv/DxGg2KTeERQxRicbDcn7k=
Subject key identifier: 52:D9:1A:CE:FE:1F:D0:7D:FE:E7:8F:17:95:B9:48:70:E2:D1:18:B8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186DF652959929CF59BD62FC2261679C97D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Utkazv4f0H3-548XlblIcOLRGLg.roa
Signing time: Tue 14 Mar 2023 09:13:14 +0000
ROA not before: Tue 14 Mar 2023 09:13:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:65:29:59:92:9c:f5:9b:d6:2f:c2:26:16:79:c9:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 14 09:13:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52d91acefe1fd07dfee78f1795b94870e2d118b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4f:de:07:bb:f8:50:15:bb:7d:a3:b9:12:37:
3d:cc:04:2b:50:10:37:25:d6:d0:cd:f6:aa:04:bb:
a7:ea:ed:19:a0:df:28:04:2e:c3:26:7f:03:a9:b0:
cd:ef:09:49:2b:50:4a:29:45:f0:bd:6f:87:51:89:
6e:ea:ea:8a:56:56:aa:2a:35:be:d3:88:55:c3:1d:
77:ea:04:30:79:15:e2:78:fa:21:87:1a:76:67:60:
45:af:13:40:49:68:4a:90:c3:c4:12:ea:73:63:bd:
1b:27:57:82:8b:34:a4:de:a5:95:ef:b9:42:41:33:
28:22:ec:f9:94:5b:06:be:85:18:24:22:8c:e1:48:
42:9b:97:2f:13:7e:b9:a1:35:30:51:e1:fa:52:48:
67:79:96:11:fa:7c:70:1c:df:ae:64:b7:bd:1c:4d:
8d:f8:a8:66:61:a2:ba:f6:53:c9:7a:03:f5:ed:68:
f3:36:b6:14:31:e5:76:05:9b:c0:3b:0f:17:48:8f:
5b:c5:9f:d7:a1:2d:70:1f:d0:a8:ec:02:53:ec:dd:
0b:11:fa:e5:c7:f3:7f:a1:db:55:6b:f9:77:bf:a8:
bd:e8:69:ba:b3:7f:a6:b5:b3:70:11:0a:d6:4c:17:
12:b5:dc:36:a4:5b:70:64:81:54:8c:1a:4e:37:d4:
fc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D9:1A:CE:FE:1F:D0:7D:FE:E7:8F:17:95:B9:48:70:E2:D1:18:B8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Utkazv4f0H3-548XlblIcOLRGLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:4e:ca:06:df:f8:ff:ef:88:c6:09:a5:80:8d:77:ee:14:ca:
e0:ae:fc:4e:cb:09:56:fa:40:a7:89:34:5c:5b:68:95:a4:2e:
8a:b0:15:3f:c6:1f:9f:37:1e:6e:2f:f3:97:4a:53:a6:91:2e:
84:12:72:4c:0c:90:d0:b6:96:ed:b8:14:b8:41:53:61:52:7c:
dc:17:b5:68:f4:91:44:a2:56:83:09:34:1a:7d:d2:8c:22:7f:
bd:ea:4e:a6:26:3e:a0:3f:b1:f1:85:a8:27:2a:a6:dd:da:59:
fc:1c:c0:0b:7c:30:67:18:46:7c:d7:9a:b2:9a:2f:fe:83:de:
a8:f6:6c:9d:62:62:e0:13:53:16:8c:af:b1:c4:2b:ee:64:1d:
db:75:7a:94:43:37:eb:59:fc:c3:d3:e3:3d:d9:be:11:db:90:
0b:6f:c6:cf:51:e1:67:14:39:26:91:e3:7b:2e:ee:9c:92:19:
ef:ed:77:18:74:55:a0:02:93:a5:18:b8:ee:11:70:94:e8:1e:
3e:9b:32:23:55:25:5f:34:8a:08:89:1d:65:92:bc:f8:e5:0b:
50:ed:99:e5:7f:18:18:84:1f:35:e6:b3:a7:e2:cd:d2:32:7e:
1d:04:5f:67:5d:69:04:17:8b:4a:56:1e:de:55:7b:c4:18:97:
6d:fb:c4:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbfZSlZkpz1m9YvwiYWecl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE0MDkxMzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQ5MWFjZWZlMWZkMDdkZmVlNzhmMTc5NWI5NDg3MGUyZDExOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlE/eB7v4UBW7faO5Ejc9zAQrUBA3
JdbQzfaqBLun6u0ZoN8oBC7DJn8DqbDN7wlJK1BKKUXwvW+HUYlu6uqKVlaqKjW+
04hVwx136gQweRXiePohhxp2Z2BFrxNASWhKkMPEEupzY70bJ1eCizSk3qWV77lC
QTMoIuz5lFsGvoUYJCKM4UhCm5cvE365oTUwUeH6UkhneZYR+nxwHN+uZLe9HE2N
+KhmYaK69lPJegP17WjzNrYUMeV2BZvAOw8XSI9bxZ/XoS1wH9Co7AJT7N0LEfrl
x/N/odtVa/l3v6i96Gm6s3+mtbNwEQrWTBcStdw2pFtwZIFUjBpON9T8VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFLZGs7+H9B9/uePF5W5SHDi0Ri4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVXRrYXp2NGYwSDMtNTQ4WGxibEljT0xSR0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAZOygbf+P/viMYJpYCN
d+4UyuCu/E7LCVb6QKeJNFxbaJWkLoqwFT/GH583Hm4v85dKU6aRLoQSckwMkNC2
lu24FLhBU2FSfNwXtWj0kUSiVoMJNBp90owif73qTqYmPqA/sfGFqCcqpt3aWfwc
wAt8MGcYRnzXmrKaL/6D3qj2bJ1iYuATUxaMr7HEK+5kHdt1epRDN+tZ/MPT4z3Z
vhHbkAtvxs9R4WcUOSaR43su7pySGe/tdxh0VaACk6UYuO4RcJToHj6bMiNVJV80
igiJHWWSvPjlC1DtmeV/GBiEHzXms6fizdIyfh0EX2ddaQQXi0pWHt5Ve8QYl237
xNA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:30 2025 by rpki-client