Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UuRvgurCRYRy9aNaE3Cc6SgoDd0.roa
File: UuRvgurCRYRy9aNaE3Cc6SgoDd0.roa (raw, json)
Hash identifier: /Ni410vJWcRikjd/U2wyzEIktSeMusOQhNQdHd3Bxis=
Subject key identifier: 52:E4:6F:82:EA:C2:45:84:72:F5:A3:5A:13:70:9C:E9:28:28:0D:DD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2CCBAA694B320A7A770A79D194C8C5EC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UuRvgurCRYRy9aNaE3Cc6SgoDd0.roa
Signing time: Fri 25 Aug 2023 13:04:19 +0000
ROA not before: Fri 25 Aug 2023 13:04:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:2ccb:a4f6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:cb:aa:69:4b:32:0a:7a:77:0a:79:d1:94:c8:c5:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 25 13:04:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52e46f82eac2458472f5a35a13709ce928280ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:44:42:85:dd:02:0e:36:6c:95:05:4a:3f:9d:
fb:44:a1:d9:ca:d0:71:0b:9b:83:cc:ec:26:dd:49:
c5:4e:c5:ba:8e:9e:32:a7:8c:c4:b0:1a:cb:39:ad:
c5:87:a6:e9:fc:6c:e6:c2:82:e5:bd:b4:52:05:0c:
0f:5c:37:20:99:0b:a4:ee:31:b1:c7:87:25:6b:0b:
c4:67:ae:c2:56:e4:2c:3f:4c:0a:97:7d:78:7d:9f:
80:5f:b5:4d:6a:b3:46:aa:48:28:28:ad:39:18:61:
64:03:f4:a5:3d:b0:12:bf:97:d2:c4:f7:ac:f9:e7:
5a:63:ca:95:de:17:ad:ab:70:d8:b4:a7:95:01:18:
64:c1:35:99:93:a3:41:63:58:3f:f0:2a:25:7c:c7:
2b:16:7f:ad:c4:d4:08:cb:cc:c2:4e:91:5a:16:0e:
e8:be:35:4c:b3:b3:ea:52:86:9e:ca:c9:69:1f:ac:
9c:c3:45:50:c3:dc:a3:e2:4f:11:4a:8a:bb:b8:db:
23:4b:c4:a8:a6:14:b7:60:07:7e:9f:8f:7c:20:b8:
02:d4:f2:35:d6:3c:17:49:e7:97:f7:0e:94:8a:64:
6d:e5:fc:df:db:43:0a:1c:08:dc:4b:05:b0:f8:05:
9b:9e:58:03:af:d3:54:25:7e:55:e6:90:a3:fb:78:
c8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E4:6F:82:EA:C2:45:84:72:F5:A3:5A:13:70:9C:E9:28:28:0D:DD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UuRvgurCRYRy9aNaE3Cc6SgoDd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:77:3e:f5:c8:73:1b:7f:e6:d7:77:71:fc:b6:77:27:46:44:
8e:87:15:a8:53:58:16:91:58:23:91:08:f1:5a:fa:b5:0d:d1:
96:93:e3:1f:db:c5:3d:55:a9:28:6a:e6:fa:9a:20:22:71:f2:
fa:84:1e:15:55:09:6d:72:45:de:b8:cb:b0:b5:46:b9:a1:dd:
ba:d8:2e:af:0c:c0:ac:9b:67:5d:89:31:2f:69:e4:58:3f:30:
23:01:fa:11:28:da:4e:3f:09:ae:4d:d0:94:83:28:38:c6:2e:
b5:88:79:cd:98:f0:8c:b5:9e:24:d1:c1:f2:29:2a:93:71:37:
7b:da:25:a8:9b:d9:40:cd:b8:7e:9d:8f:5a:e6:fa:c1:76:e7:
6c:94:cb:24:7a:e1:8e:7e:a8:bc:0e:2b:85:1c:2d:4e:9b:06:
21:56:9e:48:32:80:51:51:f6:30:56:b6:3d:7e:ee:e4:1b:cb:
81:5e:b7:d5:f0:96:c9:2a:f2:c2:54:a6:4c:b3:02:90:1e:68:
31:6a:cb:c1:23:0c:dc:cb:cd:76:38:b3:76:87:42:20:3f:a8:
85:9a:50:24:f8:89:68:dd:5b:88:75:4b:82:27:85:da:e3:2f:
90:b9:a0:29:4b:20:5e:c5:84:f4:71:46:9e:b9:5d:3e:03:95:
a2:c9:4f:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYosy6ppSzIKencKedGUyMXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI1MTMwNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU0NmY4MmVhYzI0NTg0NzJmNWEzNWExMzcwOWNlOTI4MjgwZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkRChd0CDjZslQVKP537RKHZytBx
C5uDzOwm3UnFTsW6jp4yp4zEsBrLOa3Fh6bp/GzmwoLlvbRSBQwPXDcgmQuk7jGx
x4clawvEZ67CVuQsP0wKl314fZ+AX7VNarNGqkgoKK05GGFkA/SlPbASv5fSxPes
+edaY8qV3hetq3DYtKeVARhkwTWZk6NBY1g/8ColfMcrFn+txNQIy8zCTpFaFg7o
vjVMs7PqUoaeyslpH6ycw0VQw9yj4k8RSoq7uNsjS8SophS3YAd+n498ILgC1PI1
1jwXSeeX9w6UimRt5fzf20MKHAjcSwWw+AWbnlgDr9NUJX5V5pCj+3jIsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFLkb4LqwkWEcvWjWhNwnOkoKA3dMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVXVSdmd1ckNSWVJ5OWFOYUUzQ2M2U2dvRGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHt3PvXIcxt/5td3cfy2
dydGRI6HFahTWBaRWCORCPFa+rUN0ZaT4x/bxT1VqShq5vqaICJx8vqEHhVVCW1y
Rd64y7C1Rrmh3brYLq8MwKybZ12JMS9p5Fg/MCMB+hEo2k4/Ca5N0JSDKDjGLrWI
ec2Y8Iy1niTRwfIpKpNxN3vaJaib2UDNuH6dj1rm+sF252yUyyR64Y5+qLwOK4Uc
LU6bBiFWnkgygFFR9jBWtj1+7uQby4Fet9Xwlskq8sJUpkyzApAeaDFqy8EjDNzL
zXY4s3aHQiA/qIWaUCT4iWjdW4h1S4InhdrjL5C5oClLIF7FhPRxRp65XT4DlaLJ
T2o=
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:07 2025 by rpki-client