Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uRtX-ZdMYeNlHdmBq7ryvfPDP48.roa
File: uRtX-ZdMYeNlHdmBq7ryvfPDP48.roa (raw, json)
Hash identifier: 43TKdO1+580i4hbaszyOIL91UwsQ/XoR6WGXLOjlzF4=
Subject key identifier: B9:1B:57:F9:97:4C:61:E3:65:1D:D9:81:AB:BA:F2:BD:F3:C3:3F:8F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018696709461CE33C42BE1D676092329DBD0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uRtX-ZdMYeNlHdmBq7ryvfPDP48.roa
Signing time: Tue 28 Feb 2023 05:13:25 +0000
ROA not before: Tue 28 Feb 2023 05:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:96:70:94:61:ce:33:c4:2b:e1:d6:76:09:23:29:db:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 05:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b91b57f9974c61e3651dd981abbaf2bdf3c33f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c5:73:55:ac:94:f6:ea:8d:fe:fb:37:5b:58:
3a:2a:89:c7:8d:27:2a:6c:af:bc:fe:d2:8c:26:94:
8b:39:b2:b3:ad:bb:bf:af:8d:5d:38:2f:22:cb:8d:
df:f9:9b:b8:18:dd:e8:01:fb:c4:91:6e:2c:ec:37:
77:19:13:29:42:80:f0:1b:53:10:e9:35:56:d4:50:
c5:ec:fe:88:bb:fa:ba:9f:b3:d5:e8:71:86:e8:88:
59:ee:b8:d6:56:b0:8d:57:aa:e5:b1:46:3a:b5:9c:
54:50:46:c0:e9:06:4e:7b:20:11:d4:9f:a5:d3:fd:
f6:93:ee:7b:95:6a:97:d3:d2:01:5d:0d:71:e1:46:
f1:b0:2d:8a:f3:72:ed:00:29:30:63:94:43:ff:cc:
3b:9a:d4:20:49:37:1e:db:a8:68:c5:a3:1c:c3:3b:
7e:06:9e:63:a4:b5:11:f6:cc:db:9d:74:21:bf:2e:
ba:aa:3e:06:cb:41:2d:01:02:91:7d:50:64:6e:42:
ec:41:d7:5e:b2:ae:37:40:48:98:21:a6:a4:4a:f2:
57:52:a0:94:cb:84:a5:32:c1:51:bb:3a:18:ac:98:
2b:49:d3:ff:20:5e:31:29:90:43:75:9e:24:2c:30:
39:81:1a:1b:81:58:ec:1c:19:68:0c:b5:a9:bb:22:
49:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1B:57:F9:97:4C:61:E3:65:1D:D9:81:AB:BA:F2:BD:F3:C3:3F:8F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uRtX-ZdMYeNlHdmBq7ryvfPDP48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:f2:ff:b6:41:34:f8:1d:a1:a2:df:a9:45:69:37:9f:d8:ae:
49:3e:28:cb:52:f5:28:e3:6b:aa:c4:d5:54:cd:ac:10:88:ed:
73:52:7b:70:51:24:8e:63:28:0c:0a:68:83:92:64:b4:e6:95:
d0:44:fa:78:04:f3:5d:52:4e:78:39:58:7a:c3:3a:3f:77:39:
5f:81:1c:c6:62:2f:eb:52:8f:de:35:36:a5:3f:da:06:a4:a6:
74:31:56:2f:5b:b6:9b:bd:8e:a7:4e:38:4e:3d:6a:63:61:f6:
15:d0:f6:97:95:0a:1b:18:79:83:cd:62:30:07:b2:f9:27:10:
86:de:b1:b2:39:7a:e3:72:57:9e:10:28:32:bf:2c:51:30:5e:
fc:0b:3c:35:93:c3:e4:85:ea:4b:be:20:65:8f:d9:c2:0a:6c:
b4:f8:c7:b2:36:1a:83:93:d5:a5:ed:c2:16:15:46:9c:8d:4a:
4f:04:b4:c1:4c:76:11:a7:3c:cf:54:88:46:f3:20:15:00:25:
c7:42:37:2f:5b:eb:fa:a6:3a:82:94:d6:58:da:85:95:a7:71:
10:b5:ee:55:bb:41:b2:b9:8f:b3:03:84:1e:13:66:64:3b:49:
fd:e4:fa:94:ff:2e:ec:17:67:b1:a0:38:e4:a5:c5:2a:ba:e9:
ca:74:b3:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaWcJRhzjPEK+HWdgkjKdvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MDUxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFiNTdmOTk3NGM2MWUzNjUxZGQ5ODFhYmJhZjJiZGYzYzMzZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsVzVayU9uqN/vs3W1g6KonHjScq
bK+8/tKMJpSLObKzrbu/r41dOC8iy43f+Zu4GN3oAfvEkW4s7Dd3GRMpQoDwG1MQ
6TVW1FDF7P6Iu/q6n7PV6HGG6IhZ7rjWVrCNV6rlsUY6tZxUUEbA6QZOeyAR1J+l
0/32k+57lWqX09IBXQ1x4UbxsC2K83LtACkwY5RD/8w7mtQgSTce26hoxaMcwzt+
Bp5jpLUR9szbnXQhvy66qj4Gy0EtAQKRfVBkbkLsQddesq43QEiYIaakSvJXUqCU
y4SlMsFRuzoYrJgrSdP/IF4xKZBDdZ4kLDA5gRobgVjsHBloDLWpuyJJCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLkbV/mXTGHjZR3Zgau68r3zwz+PMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVJ0WC1aZE1ZZU5sSGRtQnE3cnl2ZlBEUDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAzy/7ZBNPgdoaLfqUVp
N5/Yrkk+KMtS9Sjja6rE1VTNrBCI7XNSe3BRJI5jKAwKaIOSZLTmldBE+ngE811S
Tng5WHrDOj93OV+BHMZiL+tSj941NqU/2gakpnQxVi9btpu9jqdOOE49amNh9hXQ
9peVChsYeYPNYjAHsvknEIbesbI5euNyV54QKDK/LFEwXvwLPDWTw+SF6ku+IGWP
2cIKbLT4x7I2GoOT1aXtwhYVRpyNSk8EtMFMdhGnPM9UiEbzIBUAJcdCNy9b6/qm
OoKU1ljahZWncRC17lW7QbK5j7MDhB4TZmQ7Sf3k+pT/LuwXZ7GgOOSlxSq66cp0
s8M=
-----END CERTIFICATE-----
Generated at Thu May 1 05:38:34 2025 by rpki-client