Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uPkaoV06dvOS5elV7diH-vO0RoI.roa
File: uPkaoV06dvOS5elV7diH-vO0RoI.roa (raw, json)
Hash identifier: ihRly4EMzuQPU+qYhDzf4EZ+9OeR9vXVyXI1Zuv+hcM=
Subject key identifier: B8:F9:1A:A1:5D:3A:76:F3:92:E5:E9:55:ED:D8:87:FA:F3:B4:46:82
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186928BD895B7D11D72FFB4BD838215A6E1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uPkaoV06dvOS5elV7diH-vO0RoI.roa
Signing time: Mon 27 Feb 2023 11:04:43 +0000
ROA not before: Mon 27 Feb 2023 11:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:928b:69ad/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:8b:d8:95:b7:d1:1d:72:ff:b4:bd:83:82:15:a6:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 11:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8f91aa15d3a76f392e5e955edd887faf3b44682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:79:fc:d9:29:4e:9a:c6:ff:ff:93:d5:89:ca:
2b:8e:f2:ee:be:a0:99:0c:f1:1b:59:a2:22:3f:a7:
b5:8a:1d:99:8b:bd:d2:24:d7:fe:53:eb:17:dc:ce:
f0:6b:6e:fb:49:b8:dd:f3:d2:c1:6b:10:98:e8:5f:
9a:0f:11:2a:99:70:e8:d6:81:9f:33:f1:5c:85:32:
67:a0:9d:e9:9e:6a:5d:88:19:dd:6f:a9:83:31:33:
cc:86:3b:e3:38:1b:b7:e5:53:e8:a3:4e:af:a0:31:
35:95:66:cb:1a:70:e7:97:6d:c0:c2:66:a3:ca:cf:
90:aa:60:38:67:f2:2a:5a:2c:4d:80:15:71:b6:81:
01:fb:62:10:5f:f6:6c:f6:d4:bb:f7:26:9b:c8:be:
b0:2f:3b:58:87:ae:d8:c9:bf:0f:2d:41:88:76:19:
fa:0c:10:5d:2d:61:90:74:d6:5a:cb:00:cd:a2:1d:
7e:7f:34:a0:4e:39:c9:f4:72:25:27:56:58:8f:d8:
82:12:7a:5e:db:4b:bf:0c:2a:ad:a2:9b:73:0c:19:
a8:82:e5:a9:fd:06:8f:d4:62:d3:c5:6d:01:e2:bd:
2f:35:c8:6e:d4:08:e2:21:06:fd:44:df:ae:04:bd:
d9:f0:9b:8e:ed:56:19:ca:b3:d9:60:91:f7:ef:25:
4e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F9:1A:A1:5D:3A:76:F3:92:E5:E9:55:ED:D8:87:FA:F3:B4:46:82
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uPkaoV06dvOS5elV7diH-vO0RoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:cf:3d:75:92:b6:dc:d0:65:09:b3:a1:a3:f4:03:77:c7:2d:
9a:2a:c7:0f:a8:ff:ef:e6:56:be:0e:b6:46:f6:37:f2:90:dc:
1a:af:fa:bf:0c:f3:36:72:f4:ac:f6:5c:e5:b5:62:41:7d:ad:
a4:d3:b1:5a:56:72:ca:03:08:e0:9c:6e:1c:ea:f5:1d:95:bd:
03:cf:d8:a9:a1:7b:c0:18:53:b5:73:bb:55:39:12:4d:58:2e:
dd:35:2c:e9:47:d6:52:00:83:14:16:83:8a:ec:5b:a9:54:01:
b5:e7:78:b2:0f:32:ea:6e:b7:9c:98:d1:27:72:67:a4:ca:3a:
b1:05:1b:81:0d:3b:bb:36:dc:6f:f2:7c:80:b9:26:c1:4d:5a:
b0:19:2f:51:33:ba:a4:a9:69:1d:7f:48:23:10:42:8d:75:b3:
05:d0:57:e0:07:53:a2:a8:24:e1:e0:db:ad:33:2a:ba:8c:53:
da:83:e7:6e:0b:93:28:22:69:d7:e9:e1:7b:7f:94:91:b1:6b:
fd:92:c1:cc:9c:9b:6f:2b:58:ad:f4:04:9f:46:f9:6f:30:27:
e7:70:d2:6d:07:2c:28:87:d5:a0:aa:12:06:2d:81:ec:42:cc:
c4:e1:43:27:59:f7:47:88:96:56:ef:ae:b4:61:34:57:00:19:
64:73:7f:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaSi9iVt9Edcv+0vYOCFabhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MTEwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGY5MWFhMTVkM2E3NmYzOTJlNWU5NTVlZGQ4ODdmYWYzYjQ0NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHn82SlOmsb//5PVicorjvLuvqCZ
DPEbWaIiP6e1ih2Zi73SJNf+U+sX3M7wa277Sbjd89LBaxCY6F+aDxEqmXDo1oGf
M/FchTJnoJ3pnmpdiBndb6mDMTPMhjvjOBu35VPoo06voDE1lWbLGnDnl23Awmaj
ys+QqmA4Z/IqWixNgBVxtoEB+2IQX/Zs9tS79yabyL6wLztYh67Yyb8PLUGIdhn6
DBBdLWGQdNZaywDNoh1+fzSgTjnJ9HIlJ1ZYj9iCEnpe20u/DCqtoptzDBmoguWp
/QaP1GLTxW0B4r0vNchu1AjiIQb9RN+uBL3Z8JuO7VYZyrPZYJH37yVO4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLj5GqFdOnbzkuXpVe3Yh/rztEaCMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVBrYW9WMDZkdk9TNWVsVjdkaUgtdk8wUm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFTPPXWSttzQZQmzoaP0
A3fHLZoqxw+o/+/mVr4Otkb2N/KQ3Bqv+r8M8zZy9Kz2XOW1YkF9raTTsVpWcsoD
COCcbhzq9R2VvQPP2Kmhe8AYU7Vzu1U5Ek1YLt01LOlH1lIAgxQWg4rsW6lUAbXn
eLIPMuput5yY0SdyZ6TKOrEFG4ENO7s23G/yfIC5JsFNWrAZL1EzuqSpaR1/SCMQ
Qo11swXQV+AHU6KoJOHg260zKrqMU9qD524Lkygiadfp4Xt/lJGxa/2Swcycm28r
WK30BJ9G+W8wJ+dw0m0HLCiH1aCqEgYtgexCzMThQydZ90eIllbvrrRhNFcAGWRz
f/k=
-----END CERTIFICATE-----
Generated at Thu May 1 04:41:15 2025 by rpki-client