Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uSv9aH3ZHkXCk8Em-vTA6K-jINI.roa
File: uSv9aH3ZHkXCk8Em-vTA6K-jINI.roa (raw, json)
Hash identifier: OMGkBFLaoUm1u55EcwHqIMaBDTCOvL6IYoWrvDbK8ME=
Subject key identifier: B9:2B:FD:68:7D:D9:1E:45:C2:93:C1:26:FA:F4:C0:E8:AF:A3:20:D2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D43F4C7EB5D449C72AC87AF2BB3CD5AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uSv9aH3ZHkXCk8Em-vTA6K-jINI.roa
Signing time: Fri 02 Dec 2022 19:10:28 +0000
ROA not before: Fri 02 Dec 2022 19:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d4:3f:4c:7e:b5:d4:49:c7:2a:c8:7a:f2:bb:3c:d5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 2 19:10:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b92bfd687dd91e45c293c126faf4c0e8afa320d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2c:d0:d6:e4:a2:fc:af:1a:b0:e8:9f:b6:8d:
9d:25:e1:42:ae:76:a2:98:cd:ff:95:38:a7:a0:77:
a3:09:55:31:11:e5:3b:4f:c8:59:ab:49:9b:78:ec:
0d:b4:b3:99:75:e8:ed:77:5d:f7:1a:30:72:c6:29:
e7:b9:f5:c2:bf:99:da:e4:c6:0b:07:24:17:fe:06:
ed:7e:46:7f:44:6e:aa:f9:7f:c1:f1:15:9a:0e:4e:
41:f0:53:51:18:a7:e6:1d:df:99:e4:79:f0:fa:48:
08:fd:ad:37:a0:c9:2d:7b:bf:0b:d8:78:c3:d2:93:
d2:a1:44:c5:dc:27:fa:8b:42:c1:e4:bd:da:f5:e3:
b4:ed:58:d8:58:09:76:d8:4f:31:e1:81:06:91:d4:
5d:82:96:f2:08:70:ac:80:dd:e6:81:93:c5:86:a9:
c9:1a:6a:ed:9a:ba:cb:a8:aa:b0:52:a9:bd:e9:da:
dc:a0:5c:fc:fa:7d:83:05:73:5d:23:2b:aa:00:52:
ba:31:5b:84:03:e7:4c:d7:30:ac:f3:db:42:54:77:
be:68:ff:96:ae:0d:92:d6:bb:21:2c:38:2b:db:42:
a1:1e:36:b0:5f:51:68:37:14:cd:f2:3b:93:46:28:
6f:3d:54:92:ca:f1:0d:23:2a:4c:61:c0:7c:3f:65:
c3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2B:FD:68:7D:D9:1E:45:C2:93:C1:26:FA:F4:C0:E8:AF:A3:20:D2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uSv9aH3ZHkXCk8Em-vTA6K-jINI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:d9:58:9c:5e:fb:51:f1:65:d0:1a:aa:e9:3f:ee:94:c1:59:
e0:42:98:b4:cf:0c:76:02:2d:65:89:e3:f1:b6:51:8b:11:0c:
6d:73:c8:7b:17:bd:d3:e6:04:2b:37:e8:59:ff:23:ae:29:a3:
44:de:ad:db:70:7d:ad:df:a1:91:b6:17:fe:5f:c5:a4:a4:35:
e8:21:99:1b:90:09:f6:91:b0:9a:55:4e:2f:95:42:c0:1b:52:
8a:f3:37:fa:5f:dd:ac:62:f2:cc:28:f6:e6:c5:27:a5:a7:2b:
e6:fa:a5:d8:54:ad:a2:d7:1d:ed:40:e4:f8:55:9b:25:df:e2:
62:78:c3:f5:7f:8d:e2:08:3a:a6:ab:62:ba:fc:1b:15:0a:a2:
d4:78:2f:50:e3:0f:22:7d:06:c1:27:27:1f:04:00:8d:e7:56:
3f:26:08:4c:09:53:61:ca:a6:b2:cf:8c:53:25:e2:57:a5:e2:
55:a2:73:30:cc:80:51:a0:8e:13:10:9c:f3:d7:08:be:35:1f:
7b:19:a5:bb:f7:ce:1f:88:40:ed:23:1a:cf:cb:94:3e:48:72:
e0:64:71:8c:c5:fc:94:67:5b:f1:25:07:81:12:c2:f5:d7:39:
80:f1:53:a2:1e:38:81:c1:be:e9:c6:9f:99:d5:9a:45:06:ce:
fe:a7:ee:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTUP0x+tdRJxyrIevK7PNWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAyMTkxMDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTJiZmQ2ODdkZDkxZTQ1YzI5M2MxMjZmYWY0YzBlOGFmYTMyMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyzQ1uSi/K8asOifto2dJeFCrnai
mM3/lTinoHejCVUxEeU7T8hZq0mbeOwNtLOZdejtd133GjByxinnufXCv5na5MYL
ByQX/gbtfkZ/RG6q+X/B8RWaDk5B8FNRGKfmHd+Z5Hnw+kgI/a03oMkte78L2HjD
0pPSoUTF3Cf6i0LB5L3a9eO07VjYWAl22E8x4YEGkdRdgpbyCHCsgN3mgZPFhqnJ
GmrtmrrLqKqwUqm96drcoFz8+n2DBXNdIyuqAFK6MVuEA+dM1zCs89tCVHe+aP+W
rg2S1rshLDgr20KhHjawX1FoNxTN8juTRihvPVSSyvENIypMYcB8P2XD+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLkr/Wh92R5FwpPBJvr0wOivoyDSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVN2OWFIM1pIa1hDazhFbS12VEE2Sy1qSU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvZWJxe+1HxZdAaquk/
7pTBWeBCmLTPDHYCLWWJ4/G2UYsRDG1zyHsXvdPmBCs36Fn/I64po0Terdtwfa3f
oZG2F/5fxaSkNeghmRuQCfaRsJpVTi+VQsAbUorzN/pf3axi8swo9ubFJ6WnK+b6
pdhUraLXHe1A5PhVmyXf4mJ4w/V/jeIIOqarYrr8GxUKotR4L1DjDyJ9BsEnJx8E
AI3nVj8mCEwJU2HKprLPjFMl4lel4lWiczDMgFGgjhMQnPPXCL41H3sZpbv3zh+I
QO0jGs/LlD5IcuBkcYzF/JRnW/ElB4ESwvXXOYDxU6IeOIHBvunGn5nVmkUGzv6n
7lw=
-----END CERTIFICATE-----
Generated at Thu May 1 04:20:33 2025 by rpki-client