Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uRTCsoHVoEEXUPba9o4hiFPbb44.roa
File: uRTCsoHVoEEXUPba9o4hiFPbb44.roa (raw, json)
Hash identifier: IeRmhKqGh1j2/zw1niRCCWGQ8z4G1IqxVuv+0yKM6Ag=
Subject key identifier: B9:14:C2:B2:81:D5:A0:41:17:50:F6:DA:F6:8E:21:88:53:DB:6F:8E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B81170EFBC1B075D3188351E12976D90
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uRTCsoHVoEEXUPba9o4hiFPbb44.roa
Signing time: Wed 02 Aug 2023 21:04:58 +0000
ROA not before: Wed 02 Aug 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:b810:ebd6/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b8:11:70:ef:bc:1b:07:5d:31:88:35:1e:12:97:6d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 2 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b914c2b281d5a0411750f6daf68e218853db6f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:8f:ac:1c:8d:72:41:d6:ef:f0:de:99:df:
89:ea:78:bd:3f:ae:3d:d7:42:b3:59:c5:0c:90:bd:
be:13:40:ec:ce:de:26:0a:44:a7:d7:d1:5a:ee:62:
2e:9d:bc:c6:71:8f:02:14:97:60:bb:50:8d:ae:18:
2b:21:eb:b4:f5:3b:88:25:e1:e8:bf:6a:25:df:b7:
e2:db:7a:28:78:33:65:11:8f:b4:60:4e:04:d3:f5:
88:e6:4d:38:5c:1d:5d:9f:68:12:9a:01:8c:13:8f:
28:e7:5e:16:37:ec:63:3c:3e:f6:4c:19:17:17:a6:
a6:7f:e5:54:be:99:91:fc:4b:40:af:b7:8e:0c:7a:
94:ca:9a:57:49:6d:a6:79:22:f9:0c:66:41:e8:e1:
87:3e:67:43:6f:97:6d:0d:ff:b4:b1:10:5a:72:e0:
22:c4:19:61:fe:32:fb:db:40:c4:44:09:4e:6f:f0:
35:b2:db:a8:fb:4d:a1:1c:89:79:a3:c2:21:6e:61:
3f:bd:5a:b3:b5:af:6b:5e:0d:78:b5:0b:ef:29:4e:
b5:8d:54:7a:8c:3a:e7:24:02:00:f5:03:61:bb:f0:
23:7d:6a:f4:fc:7f:5b:17:df:a1:90:ee:b8:03:c6:
dc:5f:5f:02:54:58:49:27:25:e4:43:88:a2:38:6d:
57:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:14:C2:B2:81:D5:A0:41:17:50:F6:DA:F6:8E:21:88:53:DB:6F:8E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uRTCsoHVoEEXUPba9o4hiFPbb44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:04:5f:ce:be:81:4b:ee:f9:c7:01:8a:69:9d:09:82:f9:00:
a7:83:ea:c0:98:57:7a:76:79:43:ab:6a:20:4a:b5:50:01:4f:
f4:84:dd:0e:ed:6e:7e:12:6c:e8:9a:6a:62:c6:9b:89:dc:ea:
4f:f1:90:c1:05:b0:a2:0d:6d:43:d2:e1:82:21:e3:88:c2:f3:
17:e3:a0:f1:04:7b:0d:fa:0b:11:79:51:22:9f:e0:89:85:85:
8b:17:f4:55:37:4c:fa:4a:57:26:0e:92:61:9f:56:50:5c:3d:
b1:99:6f:bc:5c:cf:91:74:6a:d3:a0:46:dc:28:c7:39:c4:69:
ad:2b:d6:dd:1b:85:2b:0a:da:16:cf:46:0e:3e:36:4a:e9:1e:
fb:5c:4b:72:c5:3b:95:7a:9b:5a:c5:5b:5e:d4:54:34:c5:16:
b4:b5:33:f0:1f:a1:9e:58:a8:7b:f6:05:2e:89:20:bb:73:41:
48:ce:3b:53:a9:43:80:f2:67:61:71:5e:c3:48:8e:97:1d:65:
87:71:63:98:1a:07:3e:a1:bf:fe:85:99:50:e3:d6:8e:2a:ec:
f1:92:bd:81:15:3e:06:c3:63:aa:4e:00:1f:93:0f:40:28:c1:
7b:ab:86:9f:71:96:7e:8c:31:fd:a9:87:de:a7:86:92:27:11:
24:f2:c5:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm4EXDvvBsHXTGINR4Sl22QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAyMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTE0YzJiMjgxZDVhMDQxMTc1MGY2ZGFmNjhlMjE4ODUzZGI2ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmuPrByNckHW7/Demd+J6ni9P649
10KzWcUMkL2+E0Dszt4mCkSn19Fa7mIunbzGcY8CFJdgu1CNrhgrIeu09TuIJeHo
v2ol37fi23ooeDNlEY+0YE4E0/WI5k04XB1dn2gSmgGME48o514WN+xjPD72TBkX
F6amf+VUvpmR/EtAr7eODHqUyppXSW2meSL5DGZB6OGHPmdDb5dtDf+0sRBacuAi
xBlh/jL720DERAlOb/A1stuo+02hHIl5o8IhbmE/vVqzta9rXg14tQvvKU61jVR6
jDrnJAIA9QNhu/AjfWr0/H9bF9+hkO64A8bcX18CVFhJJyXkQ4iiOG1X/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLkUwrKB1aBBF1D22vaOIYhT22+OMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVJUQ3NvSFZvRUVYVVBiYTlvNGhpRlBiYjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADgEX86+gUvu+ccBimmd
CYL5AKeD6sCYV3p2eUOraiBKtVABT/SE3Q7tbn4SbOiaamLGm4nc6k/xkMEFsKIN
bUPS4YIh44jC8xfjoPEEew36CxF5USKf4ImFhYsX9FU3TPpKVyYOkmGfVlBcPbGZ
b7xcz5F0atOgRtwoxznEaa0r1t0bhSsK2hbPRg4+NkrpHvtcS3LFO5V6m1rFW17U
VDTFFrS1M/AfoZ5YqHv2BS6JILtzQUjOO1OpQ4DyZ2FxXsNIjpcdZYdxY5gaBz6h
v/6FmVDj1o4q7PGSvYEVPgbDY6pOAB+TD0AowXurhp9xln6MMf2ph96nhpInESTy
xZs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:31 2025 by rpki-client