Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uX0NMExgofLUTzs4reS5Bpxx3RI.roa
File: uX0NMExgofLUTzs4reS5Bpxx3RI.roa (raw, json)
Hash identifier: /7sSMLEJIwRkngs27FOe3FqXEAWpRnCypUnqlD774tg=
Subject key identifier: B9:7D:0D:30:4C:60:A1:F2:D4:4F:3B:38:AD:E4:B9:06:9C:71:DD:12
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018684A1169B8E0417CE349CA6089A015A6A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uX0NMExgofLUTzs4reS5Bpxx3RI.roa
Signing time: Fri 24 Feb 2023 18:13:14 +0000
ROA not before: Fri 24 Feb 2023 18:13:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:84:a1:16:9b:8e:04:17:ce:34:9c:a6:08:9a:01:5a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 18:13:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b97d0d304c60a1f2d44f3b38ade4b9069c71dd12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cb:38:c4:48:f0:65:16:23:65:73:fc:ef:17:
f6:d6:1a:60:c6:34:43:74:3c:f5:7b:cb:36:98:eb:
b0:1d:fe:f6:60:95:0b:4e:64:ef:08:d0:41:67:c2:
d7:7e:bd:81:fa:6c:86:27:9e:93:af:c8:91:d3:5e:
c8:50:8f:18:db:f9:69:dc:fc:05:16:5e:db:17:7d:
f2:fb:d1:6a:6e:73:6a:b8:ce:53:08:8d:4d:23:9a:
cf:dd:25:1d:82:91:52:f0:e7:cf:82:ab:b0:ae:ff:
89:ff:86:44:91:f1:77:4f:6c:e8:21:0e:cd:af:9d:
fd:ff:30:6b:a4:fe:9e:2d:21:1a:87:1c:82:b5:f6:
54:ac:83:7e:1b:0c:8f:a1:f8:96:39:ad:73:06:7b:
e7:fc:d2:f0:25:62:37:95:a5:58:f5:bd:2f:f5:c0:
16:51:c2:8c:22:24:df:f6:3c:11:f4:62:7a:bb:93:
d5:76:e2:54:b8:7b:75:16:f9:75:c1:69:a4:99:a5:
ca:a9:c9:f4:48:72:56:43:e9:2b:f1:67:1c:97:fc:
b8:94:b1:5f:0f:b4:a7:e8:5f:ff:c9:60:42:e8:ae:
78:1f:2c:c2:fe:a4:a1:80:63:82:bb:d0:16:3a:e2:
eb:b7:39:3f:90:ba:0d:58:62:a7:68:62:db:40:d2:
6d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7D:0D:30:4C:60:A1:F2:D4:4F:3B:38:AD:E4:B9:06:9C:71:DD:12
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uX0NMExgofLUTzs4reS5Bpxx3RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:bc:f2:43:81:ef:6e:4b:93:27:98:04:e2:d5:e5:4a:0f:ab:
04:80:5f:f3:dc:11:9d:5e:12:da:25:f7:90:25:1e:21:4d:f1:
f9:a4:a1:6e:5b:be:e0:55:ad:50:9b:7b:37:4b:7d:c7:00:4b:
0d:d0:79:82:77:04:86:aa:a3:8c:15:96:79:f7:37:c2:49:61:
af:99:6c:90:46:e0:4d:96:f0:cc:56:14:ec:2c:72:95:87:cd:
62:e4:00:9b:d0:c1:68:32:ec:ec:50:44:a9:c3:55:7e:7d:a2:
89:79:57:63:2d:63:7c:df:6c:c2:93:06:ff:f6:e5:30:f2:38:
e8:ad:e3:d6:45:ac:51:c8:21:9a:04:7d:e8:fc:18:b6:39:86:
26:31:79:4f:25:09:f3:df:27:83:75:c7:4e:c5:0a:db:70:2c:
0f:76:c7:b3:58:aa:d4:dd:b7:d3:bc:5d:d9:80:c9:71:35:33:
b2:6c:1a:f1:72:c5:f4:44:39:4f:ad:b7:37:6d:9c:9b:55:6a:
9e:4e:86:44:f9:30:1e:93:fe:26:88:f9:e6:08:ea:c7:c3:96:
55:b7:e8:37:50:43:77:65:13:e0:c5:91:64:75:60:12:ca:63:
bd:c1:5a:d7:cd:89:c6:62:78:9d:1f:4e:75:5c:bd:4e:47:13:
13:81:09:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaEoRabjgQXzjScpgiaAVpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MTgxMzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdkMGQzMDRjNjBhMWYyZDQ0ZjNiMzhhZGU0YjkwNjljNzFkZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcs4xEjwZRYjZXP87xf21hpgxjRD
dDz1e8s2mOuwHf72YJULTmTvCNBBZ8LXfr2B+myGJ56Tr8iR017IUI8Y2/lp3PwF
Fl7bF33y+9FqbnNquM5TCI1NI5rP3SUdgpFS8OfPgquwrv+J/4ZEkfF3T2zoIQ7N
r539/zBrpP6eLSEahxyCtfZUrIN+GwyPofiWOa1zBnvn/NLwJWI3laVY9b0v9cAW
UcKMIiTf9jwR9GJ6u5PVduJUuHt1Fvl1wWmkmaXKqcn0SHJWQ+kr8Wccl/y4lLFf
D7Sn6F//yWBC6K54HyzC/qShgGOCu9AWOuLrtzk/kLoNWGKnaGLbQNJtewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLl9DTBMYKHy1E87OK3kuQaccd0SMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVgwTk1FeGdvZkxVVHpzNHJlUzVCcHh4M1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKu88kOB725LkyeYBOLV
5UoPqwSAX/PcEZ1eEtol95AlHiFN8fmkoW5bvuBVrVCbezdLfccASw3QeYJ3BIaq
o4wVlnn3N8JJYa+ZbJBG4E2W8MxWFOwscpWHzWLkAJvQwWgy7OxQRKnDVX59ool5
V2MtY3zfbMKTBv/25TDyOOit49ZFrFHIIZoEfej8GLY5hiYxeU8lCfPfJ4N1x07F
CttwLA92x7NYqtTdt9O8XdmAyXE1M7JsGvFyxfREOU+ttzdtnJtVap5OhkT5MB6T
/iaI+eYI6sfDllW36DdQQ3dlE+DFkWR1YBLKY73BWtfNicZieJ0fTnVcvU5HExOB
CQY=
-----END CERTIFICATE-----
Generated at Thu May 1 08:26:30 2025 by rpki-client