Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uSthD8D5P_tTqPOr0yvENJfjoRc.roa
File: uSthD8D5P_tTqPOr0yvENJfjoRc.roa (raw, json)
Hash identifier: KjJwKF+djHUQLNJIzWL+YLR1gHETpqWt2NblL/BuEWk=
Subject key identifier: B9:2B:61:0F:C0:F9:3F:FB:53:A8:F3:AB:D3:2B:C4:34:97:E3:A1:17
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018579ADF7F3081C8F42E0FE568E4BC7EEEB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uSthD8D5P_tTqPOr0yvENJfjoRc.roa
Signing time: Tue 03 Jan 2023 22:08:42 +0000
ROA not before: Tue 03 Jan 2023 22:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:79:ad:f7:f3:08:1c:8f:42:e0:fe:56:8e:4b:c7:ee:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 3 22:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b92b610fc0f93ffb53a8f3abd32bc43497e3a117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1a:b0:18:9a:96:e4:4e:e3:66:8b:db:8b:f7:
bd:da:43:53:a6:8f:61:6a:c7:e1:dc:7c:9d:c7:e7:
c1:52:69:a4:fd:6b:09:7f:e0:ed:d7:57:d0:bb:ed:
33:75:45:b8:e3:6c:f1:27:85:d7:b1:b3:9a:2d:6f:
d9:ae:61:4c:3c:42:b0:dc:a7:a3:52:36:66:6a:da:
75:f7:d5:ae:62:1f:9d:83:0e:e1:dc:95:78:ce:57:
fc:ad:6f:65:bb:dd:1c:0d:d9:66:98:3c:95:39:17:
9b:88:44:b5:90:06:c9:68:44:d1:7d:03:76:6d:37:
82:63:ad:68:89:0d:9a:cc:be:c5:be:f2:67:d3:87:
41:aa:90:23:31:56:69:fe:9a:b5:0d:09:f0:42:fb:
a0:19:4b:ef:1c:80:6a:56:7c:a0:c8:1e:49:59:52:
f1:4b:2b:8b:13:b7:7c:39:aa:1a:a2:40:a6:2c:e9:
c2:be:53:5d:0a:6b:86:70:99:0a:eb:5c:5e:0f:7e:
be:93:54:d1:35:b9:aa:0f:1e:3f:e1:97:2e:9d:1a:
d5:57:24:aa:68:8f:da:c5:47:8c:cb:56:70:93:1a:
ff:1e:0d:c9:80:08:26:b8:f8:63:c8:7e:1d:68:03:
29:48:88:fe:e7:d0:ee:ae:69:49:1e:17:69:90:fb:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2B:61:0F:C0:F9:3F:FB:53:A8:F3:AB:D3:2B:C4:34:97:E3:A1:17
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uSthD8D5P_tTqPOr0yvENJfjoRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:2c:28:0d:ea:08:21:7c:26:8f:09:60:01:01:c9:d5:a8:b4:
5a:25:e5:2c:15:6f:8e:0d:ce:c2:21:dd:b6:86:6f:ec:ea:2c:
0c:84:75:91:e0:d2:15:2d:54:e5:a0:e3:73:bf:90:8b:8c:92:
bc:6b:de:a4:9c:df:80:94:fc:54:e1:92:a2:a3:7c:de:b1:a6:
c3:5e:49:f4:a4:34:89:91:38:dd:5e:6d:22:73:c4:ee:d7:3d:
ee:4b:d9:4b:85:10:24:1b:e4:8d:5e:1c:cd:cd:72:c4:b4:b6:
5e:10:38:73:17:fd:f6:91:28:fb:a2:98:5e:24:c5:50:02:a1:
a8:e1:df:39:ea:be:ac:13:bd:ee:eb:3d:51:e8:e4:b2:14:57:
10:0d:8c:3b:e3:43:ee:2b:0a:fb:e7:f4:25:89:d2:1d:36:1c:
d0:00:4c:7d:b2:92:b3:2d:d4:83:ad:d0:8a:fe:dc:87:2a:de:
18:aa:04:9d:cb:cd:98:66:8e:a9:33:7a:9e:02:f7:43:e3:3e:
ff:57:7b:83:65:f8:27:c7:6d:59:8c:88:40:1d:c0:d4:5b:c9:
c4:6a:12:79:fc:2d:15:3d:1f:38:66:4f:19:19:27:7e:56:dc:
49:2b:47:8e:a3:d4:51:1c:39:a5:b5:b6:80:06:ca:64:28:6f:
3f:c7:b9:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV5rffzCByPQuD+Vo5Lx+7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAzMjIwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTJiNjEwZmMwZjkzZmZiNTNhOGYzYWJkMzJiYzQzNDk3ZTNhMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhqwGJqW5E7jZovbi/e92kNTpo9h
asfh3Hydx+fBUmmk/WsJf+Dt11fQu+0zdUW442zxJ4XXsbOaLW/ZrmFMPEKw3Kej
UjZmatp199WuYh+dgw7h3JV4zlf8rW9lu90cDdlmmDyVORebiES1kAbJaETRfQN2
bTeCY61oiQ2azL7FvvJn04dBqpAjMVZp/pq1DQnwQvugGUvvHIBqVnygyB5JWVLx
SyuLE7d8OaoaokCmLOnCvlNdCmuGcJkK61xeD36+k1TRNbmqDx4/4ZcunRrVVySq
aI/axUeMy1Zwkxr/Hg3JgAgmuPhjyH4daAMpSIj+59DurmlJHhdpkPvBEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLkrYQ/A+T/7U6jzq9MrxDSX46EXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVN0aEQ4RDVQX3RUcVBPcjB5dkVOSmZqb1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGYsKA3qCCF8Jo8JYAEB
ydWotFol5SwVb44NzsIh3baGb+zqLAyEdZHg0hUtVOWg43O/kIuMkrxr3qSc34CU
/FThkqKjfN6xpsNeSfSkNImRON1ebSJzxO7XPe5L2UuFECQb5I1eHM3NcsS0tl4Q
OHMX/faRKPuimF4kxVACoajh3znqvqwTve7rPVHo5LIUVxANjDvjQ+4rCvvn9CWJ
0h02HNAATH2ykrMt1IOt0Ir+3Icq3hiqBJ3LzZhmjqkzep4C90PjPv9Xe4Nl+CfH
bVmMiEAdwNRbycRqEnn8LRU9HzhmTxkZJ35W3EkrR46j1FEcOaW1toAGymQobz/H
uSs=
-----END CERTIFICATE-----
Generated at Thu May 1 11:12:20 2025 by rpki-client