Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cutmUT1xfDHCjiHHD6pacOG18hs.roa
File: cutmUT1xfDHCjiHHD6pacOG18hs.roa (raw, json)
Hash identifier: kU6s7cyTOS+H3zIvL//znj6yyCLeugYUBJuqu2D2cA4=
Subject key identifier: 72:EB:66:51:3D:71:7C:31:C2:8E:21:C7:0F:AA:5A:70:E1:B5:F2:1B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185EAC3B7A8977F17E66A5FA0452F9CE4D0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cutmUT1xfDHCjiHHD6pacOG18hs.roa
Signing time: Wed 25 Jan 2023 21:09:33 +0000
ROA not before: Wed 25 Jan 2023 21:09:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ea:c3:b7:a8:97:7f:17:e6:6a:5f:a0:45:2f:9c:e4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 25 21:09:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72eb66513d717c31c28e21c70faa5a70e1b5f21b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:21:90:91:2a:f9:e2:df:54:1e:67:a8:ee:
9e:e3:4f:cd:1f:3d:12:ba:98:5e:29:93:35:8c:57:
84:dd:9a:8c:5a:27:ff:df:5b:1c:9f:bc:fd:7c:07:
a7:6d:dc:2f:9e:74:81:28:5f:7e:9b:3c:2c:6e:9b:
8d:21:b5:58:01:ff:60:4b:a5:c8:f5:75:b4:61:a6:
27:d1:68:c8:99:7a:b3:74:88:1f:8b:6b:d6:c8:2c:
f7:70:d1:d2:1c:42:8f:4b:f4:46:cd:cf:fd:7f:b4:
6f:7e:12:e6:01:bb:62:fa:41:82:60:2b:cc:1e:4c:
54:f0:49:19:78:45:6c:38:35:eb:fc:ee:11:ae:21:
14:9b:32:99:06:96:4d:f2:5a:c1:11:df:45:63:16:
66:ef:b1:d1:38:26:23:fd:36:12:00:80:12:a0:b1:
20:f9:7b:4c:66:a5:d1:9f:a3:13:96:f7:95:4e:70:
14:14:88:ef:32:14:7a:a1:55:e6:ed:d2:c8:71:b9:
2d:a9:f0:15:e7:a3:cc:41:59:28:d1:4c:4d:17:af:
c5:f0:25:e9:fc:5b:7b:14:f2:55:21:51:9e:0d:0d:
37:eb:68:76:ce:89:1d:1f:48:7b:17:ed:1c:83:67:
b4:39:55:f7:75:b7:4a:26:16:e0:dd:3b:c2:69:b8:
ca:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EB:66:51:3D:71:7C:31:C2:8E:21:C7:0F:AA:5A:70:E1:B5:F2:1B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cutmUT1xfDHCjiHHD6pacOG18hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:38:5f:d1:a7:0b:06:1d:d3:dd:39:4a:96:9f:f6:aa:92:0b:
f5:ac:9f:e0:29:0f:00:ff:38:45:d0:7e:4a:1b:52:3f:77:c0:
45:5b:b0:7e:ae:7c:c0:75:28:7e:5d:84:23:67:1f:de:5d:b3:
b9:a0:53:75:84:fc:fa:18:65:a9:c6:7b:d2:0a:0c:32:69:6c:
f5:a7:a3:b0:ff:15:26:d0:5e:4f:da:2a:80:20:71:78:cd:e6:
9f:78:33:49:71:a6:df:4d:1b:9e:fb:cf:84:b6:60:7e:58:f9:
9d:16:0b:e5:9c:0c:61:40:77:05:83:a5:0b:37:7f:0c:b2:75:
d3:e3:11:dd:64:5c:41:d7:07:db:be:0f:fe:0b:7c:b5:80:1d:
6a:e7:e2:63:b5:18:7e:83:ad:9f:fe:d7:77:b0:af:d6:c5:89:
a4:07:0c:e1:94:f5:b5:5f:6e:5e:2c:95:d2:e2:42:b4:c4:cc:
a7:8b:1c:8f:93:f7:a5:2d:17:87:1c:23:09:54:ee:56:ff:db:
cc:9a:22:76:28:f2:aa:03:c0:c6:9d:d4:9a:53:e6:9f:f9:e0:
87:9e:a5:18:01:1d:d5:75:ad:4a:52:62:f4:e8:3f:ae:1c:41:
7b:c5:25:f9:4f:86:02:e9:a3:17:69:f6:f6:b3:1d:70:8d:54:
2f:ff:ef:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXqw7eol38X5mpfoEUvnOTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI1MjEwOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmViNjY1MTNkNzE3YzMxYzI4ZTIxYzcwZmFhNWE3MGUxYjVmMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCYhkJEq+eLfVB5nqO6e40/NHz0S
upheKZM1jFeE3ZqMWif/31scn7z9fAenbdwvnnSBKF9+mzwsbpuNIbVYAf9gS6XI
9XW0YaYn0WjImXqzdIgfi2vWyCz3cNHSHEKPS/RGzc/9f7RvfhLmAbti+kGCYCvM
HkxU8EkZeEVsODXr/O4RriEUmzKZBpZN8lrBEd9FYxZm77HROCYj/TYSAIASoLEg
+XtMZqXRn6MTlveVTnAUFIjvMhR6oVXm7dLIcbktqfAV56PMQVko0UxNF6/F8CXp
/Ft7FPJVIVGeDQ0362h2zokdH0h7F+0cg2e0OVX3dbdKJhbg3TvCabjKfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLrZlE9cXwxwo4hxw+qWnDhtfIbMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY3V0bVVUMXhmREhDamlISEQ2cGFjT0cxOGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABg4X9GnCwYd0905Spaf
9qqSC/Wsn+ApDwD/OEXQfkobUj93wEVbsH6ufMB1KH5dhCNnH95ds7mgU3WE/PoY
ZanGe9IKDDJpbPWno7D/FSbQXk/aKoAgcXjN5p94M0lxpt9NG577z4S2YH5Y+Z0W
C+WcDGFAdwWDpQs3fwyyddPjEd1kXEHXB9u+D/4LfLWAHWrn4mO1GH6DrZ/+13ew
r9bFiaQHDOGU9bVfbl4sldLiQrTEzKeLHI+T96UtF4ccIwlU7lb/28yaInYo8qoD
wMad1JpT5p/54IeepRgBHdV1rUpSYvToP64cQXvFJflPhgLpoxdp9vazHXCNVC//
7yI=
-----END CERTIFICATE-----
Generated at Thu May 1 08:28:10 2025 by rpki-client