Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uTw18JK2r7f7Rn0MqnqxNGkQVso.roa
File: uTw18JK2r7f7Rn0MqnqxNGkQVso.roa (raw, json)
Hash identifier: 4xW1xWzFt3epz/h4bRPm4BDvPoFyDwQNrYdNISAvKbk=
Subject key identifier: B9:3C:35:F0:92:B6:AF:B7:FB:46:7D:0C:AA:7A:B1:34:69:10:56:CA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01846E4DCCECEB3ADC98BBE4552CF3E7E47A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uTw18JK2r7f7Rn0MqnqxNGkQVso.roa
Signing time: Sun 13 Nov 2022 00:05:03 +0000
ROA not before: Sun 13 Nov 2022 00:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64:ffff:0:184:6e4d:8028/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6e:4d:cc:ec:eb:3a:dc:98:bb:e4:55:2c:f3:e7:e4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 13 00:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b93c35f092b6afb7fb467d0caa7ab134691056ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:8c:05:b8:a1:1d:b3:1c:bb:b8:cf:ba:60:
92:62:97:47:b7:87:dc:9e:f4:94:c4:b8:73:8b:aa:
15:3a:f5:a0:ec:82:32:28:65:f6:5b:27:50:d7:43:
35:8d:f9:40:1d:73:d9:e3:a6:2c:b4:0a:97:96:79:
13:56:a4:7b:b8:67:d9:d4:c5:dc:01:b0:05:54:7f:
da:b6:6c:39:71:94:05:cb:0b:6b:7d:32:a0:d3:61:
ab:f4:6b:c7:47:9b:ae:a7:25:df:5f:91:64:49:4d:
68:82:5f:95:ee:45:bc:69:ea:65:15:eb:30:3a:3a:
b9:e8:e7:67:f2:23:fd:17:79:01:91:91:bf:11:33:
c6:44:2a:87:f0:60:43:0d:ac:05:45:05:e3:86:14:
31:68:bf:bb:80:a4:5c:9c:cd:45:80:61:99:5c:f0:
b5:80:df:f1:e1:7d:71:e9:eb:be:e9:6d:6a:2b:a5:
8e:2c:6c:d7:8e:84:68:d7:74:d8:90:fe:c1:7d:97:
e5:6f:c3:d1:3b:2e:ce:6d:cc:59:e5:15:d0:74:5a:
c7:31:3d:30:db:f3:86:66:e2:82:88:e3:a9:31:f4:
55:2a:3a:cd:40:d3:6a:8e:24:f6:40:d6:8f:b8:e0:
54:93:f6:9d:4b:5a:72:84:da:43:44:82:75:23:6d:
37:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3C:35:F0:92:B6:AF:B7:FB:46:7D:0C:AA:7A:B1:34:69:10:56:CA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uTw18JK2r7f7Rn0MqnqxNGkQVso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:f5:76:6e:00:40:fd:a4:4d:4a:cd:ba:2a:ff:f6:92:f4:cb:
0b:45:b4:34:f9:61:cf:b7:c4:a6:82:72:5b:9a:f5:1f:61:3c:
98:ed:c9:fb:d1:90:84:94:46:8d:58:3f:37:72:70:ea:b4:ec:
2d:db:63:6b:9d:1d:02:dd:48:b7:2c:f9:06:a4:e6:e8:0f:15:
f9:25:71:28:97:a3:43:03:1f:cd:4f:9d:fe:06:21:ce:00:04:
7c:46:46:6d:3c:f2:a7:45:54:9a:c2:15:f8:2e:77:8c:d1:56:
a7:01:a0:79:ac:05:00:75:dc:01:ff:2d:a6:1f:2d:09:6e:98:
77:87:ad:c8:70:eb:38:97:d7:5a:98:45:45:a6:3c:12:88:0a:
20:03:ba:a2:91:1d:4f:b1:6f:76:ba:47:1f:3f:7a:32:d8:2c:
55:57:62:7e:da:44:05:c0:e3:73:e1:53:7d:3a:ef:63:47:52:
e7:4b:c4:a4:ca:92:1b:9d:bb:01:a5:2f:7c:13:0d:3d:3f:93:
98:be:84:b8:ba:78:96:5d:57:84:d3:6c:0f:77:2a:b8:3e:a6:
12:11:41:8b:43:b1:3c:ab:49:2e:ba:fa:fd:7d:86:1b:0e:f6:
6e:92:40:8e:8f:68:70:c7:e4:20:4e:e9:e8:7d:f6:05:dd:16:
c6:50:a9:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYRuTczs6zrcmLvkVSzz5+R6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTEzMDAwNTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTNjMzVmMDkyYjZhZmI3ZmI0NjdkMGNhYTdhYjEzNDY5MTA1NmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssyMBbihHbMcu7jPumCSYpdHt4fc
nvSUxLhzi6oVOvWg7IIyKGX2WydQ10M1jflAHXPZ46YstAqXlnkTVqR7uGfZ1MXc
AbAFVH/atmw5cZQFywtrfTKg02Gr9GvHR5uupyXfX5FkSU1ogl+V7kW8aeplFesw
Ojq56Odn8iP9F3kBkZG/ETPGRCqH8GBDDawFRQXjhhQxaL+7gKRcnM1FgGGZXPC1
gN/x4X1x6eu+6W1qK6WOLGzXjoRo13TYkP7BfZflb8PROy7ObcxZ5RXQdFrHMT0w
2/OGZuKCiOOpMfRVKjrNQNNqjiT2QNaPuOBUk/adS1pyhNpDRIJ1I203eQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLk8NfCStq+3+0Z9DKp6sTRpEFbKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVR3MThKSzJyN2Y3Um4wTXFucXhOR2tRVnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAET1dm4AQP2kTUrNuir/
9pL0ywtFtDT5Yc+3xKaCclua9R9hPJjtyfvRkISURo1YPzdycOq07C3bY2udHQLd
SLcs+Qak5ugPFfklcSiXo0MDH81Pnf4GIc4ABHxGRm088qdFVJrCFfgud4zRVqcB
oHmsBQB13AH/LaYfLQlumHeHrchw6ziX11qYRUWmPBKICiADuqKRHU+xb3a6Rx8/
ejLYLFVXYn7aRAXA43PhU30672NHUudLxKTKkhuduwGlL3wTDT0/k5i+hLi6eJZd
V4TTbA93Krg+phIRQYtDsTyrSS66+v19hhsO9m6SQI6PaHDH5CBO6eh99gXdFsZQ
qSc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:24:13 2025 by rpki-client