Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uZLwX7zdIhIVMw-xp7X0I1uRC1E.roa
File: uZLwX7zdIhIVMw-xp7X0I1uRC1E.roa (raw, json)
Hash identifier: jcMWh9e4/Zz2p8qUPfHAB0RdpISs3sGqJjLbLp8KBx4=
Subject key identifier: B9:92:F0:5F:BC:DD:22:12:15:33:0F:B1:A7:B5:F4:23:5B:91:0B:51
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185F65A41427B4352240CCAE67E61973EB4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uZLwX7zdIhIVMw-xp7X0I1uRC1E.roa
Signing time: Sat 28 Jan 2023 03:09:48 +0000
ROA not before: Sat 28 Jan 2023 03:09:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f6:5a:41:42:7b:43:52:24:0c:ca:e6:7e:61:97:3e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 28 03:09:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b992f05fbcdd221215330fb1a7b5f4235b910b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:68:18:d3:89:b5:bc:69:e3:58:29:bb:1a:f7:
b7:d6:60:3e:b7:a3:d8:9e:da:8d:b9:42:2f:1a:94:
b0:69:66:5c:44:03:2d:8a:81:34:b4:1f:e5:7d:23:
c9:88:6f:e4:27:9a:19:28:95:25:3b:b9:71:cb:b0:
fd:a0:53:f6:30:59:06:d6:99:95:d4:b6:ef:87:03:
43:33:59:76:16:dc:8a:8d:a2:f1:79:08:8a:49:5b:
47:aa:8d:fa:6e:52:34:b8:82:4a:a0:19:41:4e:62:
04:48:da:01:c3:27:7d:bc:64:7f:1c:61:12:4e:57:
c4:0a:75:cc:de:20:17:7f:86:79:60:e7:fa:9f:e4:
8b:e9:c4:37:d7:2f:11:89:28:a6:77:c4:bb:6e:55:
80:c9:91:c0:51:f4:de:6a:aa:7c:da:76:c6:88:9a:
b3:e5:d1:5e:84:1b:b1:4f:6c:c8:e5:87:29:45:3c:
69:9a:0a:97:ac:f6:65:aa:c2:fc:67:34:9c:a7:09:
98:ee:1d:36:87:f8:fd:c7:6a:10:b6:d9:20:92:b5:
8b:04:27:fb:b7:2d:bc:2e:7e:23:90:21:e4:7d:eb:
49:f5:a7:4a:3d:f3:b7:84:24:bf:ed:8f:bb:0a:c0:
33:ac:df:b8:ed:5b:25:20:f6:b6:12:3d:c4:1a:b4:
6f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:92:F0:5F:BC:DD:22:12:15:33:0F:B1:A7:B5:F4:23:5B:91:0B:51
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uZLwX7zdIhIVMw-xp7X0I1uRC1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:9e:f8:33:cb:d8:f8:41:6b:dd:c9:8f:2f:cf:9f:b3:a2:2c:
65:8d:79:d7:c1:81:fa:30:13:b5:e4:13:fa:87:2f:cb:5a:8c:
c0:ac:8a:59:b0:25:ee:15:9e:5e:91:61:8a:54:2d:bf:79:73:
19:2e:1e:25:ef:2c:b9:a0:64:84:6c:22:1f:d7:6f:e5:a1:94:
5d:86:a9:59:7e:64:4d:97:19:54:bf:7f:69:4b:67:cc:5d:7c:
ec:5f:63:b3:c5:44:8a:be:57:31:d2:0c:5a:bf:53:86:ba:1a:
85:66:d4:80:57:b5:37:e4:e6:3d:ec:32:31:10:a0:d5:d2:a1:
86:7a:96:4c:67:36:ac:dd:c8:e2:e7:eb:25:b0:f1:d8:71:fc:
bd:94:9f:da:8e:15:25:29:a4:6f:f4:cd:da:fa:1c:cf:96:f6:
e1:98:df:aa:ad:1a:1b:c2:02:c3:8b:d5:b7:0a:46:7c:6b:51:
f2:a3:03:a5:a1:95:a6:a8:af:ca:38:0a:c8:cc:8a:76:c0:14:
73:a4:64:44:db:66:f1:b0:4c:26:e0:ca:2a:53:e9:12:7e:11:
d2:a1:d3:a9:21:a9:63:60:ab:0d:d4:c4:77:d8:e9:a0:03:f0:
98:43:f6:bf:de:64:09:77:9a:b2:ad:3f:e3:f7:83:18:bb:76:
b0:c2:99:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYX2WkFCe0NSJAzK5n5hlz60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI4MDMwOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTkyZjA1ZmJjZGQyMjEyMTUzMzBmYjFhN2I1ZjQyMzViOTEwYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWgY04m1vGnjWCm7Gve31mA+t6PY
ntqNuUIvGpSwaWZcRAMtioE0tB/lfSPJiG/kJ5oZKJUlO7lxy7D9oFP2MFkG1pmV
1LbvhwNDM1l2FtyKjaLxeQiKSVtHqo36blI0uIJKoBlBTmIESNoBwyd9vGR/HGES
TlfECnXM3iAXf4Z5YOf6n+SL6cQ31y8RiSimd8S7blWAyZHAUfTeaqp82nbGiJqz
5dFehBuxT2zI5YcpRTxpmgqXrPZlqsL8ZzScpwmY7h02h/j9x2oQttkgkrWLBCf7
ty28Ln4jkCHkfetJ9adKPfO3hCS/7Y+7CsAzrN+47VslIPa2Ej3EGrRvvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmS8F+83SISFTMPsae19CNbkQtRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVpMd1g3emRJaElWTXcteHA3WDBJMXVSQzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE2e+DPL2PhBa93Jjy/P
n7OiLGWNedfBgfowE7XkE/qHL8tajMCsilmwJe4Vnl6RYYpULb95cxkuHiXvLLmg
ZIRsIh/Xb+WhlF2GqVl+ZE2XGVS/f2lLZ8xdfOxfY7PFRIq+VzHSDFq/U4a6GoVm
1IBXtTfk5j3sMjEQoNXSoYZ6lkxnNqzdyOLn6yWw8dhx/L2Un9qOFSUppG/0zdr6
HM+W9uGY36qtGhvCAsOL1bcKRnxrUfKjA6Whlaaor8o4CsjMinbAFHOkZETbZvGw
TCbgyipT6RJ+EdKh06khqWNgqw3UxHfY6aAD8JhD9r/eZAl3mrKtP+P3gxi7drDC
mXo=
-----END CERTIFICATE-----
Generated at Thu May 1 02:23:19 2025 by rpki-client