Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uZfKhfrv9kBKtK230X2dey_HVZE.roa
File: uZfKhfrv9kBKtK230X2dey_HVZE.roa (raw, json)
Hash identifier: ZI4x7pDjMg57RRTM0CzMZ1F17LCpUOyzwRZ5ysIuHxg=
Subject key identifier: B9:97:CA:85:FA:EF:F6:40:4A:B4:AD:B7:D1:7D:9D:7B:2F:C7:55:91
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869E326AEFD0E49BC6F8CBF1D98715DFD3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uZfKhfrv9kBKtK230X2dey_HVZE.roa
Signing time: Wed 01 Mar 2023 17:22:29 +0000
ROA not before: Wed 01 Mar 2023 17:22:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:32:6a:ef:d0:e4:9b:c6:f8:cb:f1:d9:87:15:df:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 17:22:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b997ca85faeff6404ab4adb7d17d9d7b2fc75591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:05:ba:36:41:2f:71:d6:6f:1e:03:90:c8:d6:
80:31:42:d7:de:e9:a3:88:46:50:bb:af:36:26:41:
77:03:2e:82:20:76:1b:4d:f7:05:68:5a:72:a5:04:
7e:75:92:b1:53:7b:99:f9:1b:6f:d7:25:1d:f8:67:
06:e4:2a:b9:e8:f2:f7:11:59:d9:2c:9c:76:d1:15:
c7:f3:bb:c2:59:fb:80:67:33:01:3d:71:04:db:70:
3b:73:b6:1e:2f:c4:01:88:38:70:a0:30:0c:3f:22:
4b:86:8f:2c:67:93:ff:68:e1:4f:a5:2c:e2:1e:f0:
a3:9e:cf:de:7d:f6:1b:15:5c:43:60:57:ae:00:55:
39:62:f4:74:ab:75:fa:70:49:f8:74:a6:e2:55:d8:
d3:a7:53:cb:7e:dc:f8:58:6e:ad:f1:8f:a8:f7:10:
40:e4:b3:4f:48:b6:ed:51:1c:d9:c5:b7:dd:d5:85:
ac:ca:18:e7:9a:43:03:12:9b:77:61:47:72:28:a0:
86:51:b4:d9:97:5c:78:e2:e6:e3:aa:91:75:41:b6:
a3:85:1c:50:f5:1d:d3:58:13:9c:a9:78:b0:45:10:
b1:51:84:0d:d1:ab:e4:1d:3f:dd:27:aa:62:52:c7:
09:3e:d4:40:90:ed:6b:be:6b:c0:80:1c:b7:cd:b1:
87:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:97:CA:85:FA:EF:F6:40:4A:B4:AD:B7:D1:7D:9D:7B:2F:C7:55:91
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uZfKhfrv9kBKtK230X2dey_HVZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:af:02:04:88:b0:b5:17:8e:90:75:95:43:6e:e2:49:f2:07:
00:1a:31:ee:21:5b:d5:ad:55:a4:7b:c1:a2:3e:63:31:aa:d2:
1a:ac:43:0c:80:ba:e7:77:80:8f:bf:dc:3f:17:4f:ad:20:60:
5d:ca:fd:a4:8e:bb:52:a4:6e:18:02:93:8e:67:4a:1c:66:c8:
f1:e5:a7:4e:77:ca:40:54:72:8f:06:69:43:39:16:e8:99:c0:
fd:a1:c6:c1:7e:48:43:27:3b:f1:8c:91:3a:29:3a:4f:d8:58:
16:21:34:06:b0:bd:dc:e5:24:85:c3:b1:00:b0:d2:de:d3:b2:
42:a5:eb:dd:2f:bf:23:13:47:f3:af:16:5a:13:94:30:9a:63:
14:80:3e:03:88:14:2b:44:ab:6f:36:55:29:b8:96:fd:02:ea:
db:67:24:cb:d6:73:6f:d1:dd:5b:b2:1d:37:c3:d1:2b:4a:a3:
ff:58:3a:3d:7f:68:ab:77:a7:4a:2a:83:77:60:aa:cd:aa:65:
70:e9:8e:26:a7:a6:57:89:95:74:95:ac:47:f1:b4:cb:31:d7:
74:38:ee:46:64:4b:6b:52:96:46:1d:33:15:98:09:19:c1:e0:
a1:cc:9d:17:3d:4e:ef:d9:45:af:0e:fb:08:bd:93:95:bd:07:
90:de:c4:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaeMmrv0OSbxvjL8dmHFd/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMTcyMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk3Y2E4NWZhZWZmNjQwNGFiNGFkYjdkMTdkOWQ3YjJmYzc1NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwW6NkEvcdZvHgOQyNaAMULX3umj
iEZQu682JkF3Ay6CIHYbTfcFaFpypQR+dZKxU3uZ+Rtv1yUd+GcG5Cq56PL3EVnZ
LJx20RXH87vCWfuAZzMBPXEE23A7c7YeL8QBiDhwoDAMPyJLho8sZ5P/aOFPpSzi
HvCjns/effYbFVxDYFeuAFU5YvR0q3X6cEn4dKbiVdjTp1PLftz4WG6t8Y+o9xBA
5LNPSLbtURzZxbfd1YWsyhjnmkMDEpt3YUdyKKCGUbTZl1x44ubjqpF1QbajhRxQ
9R3TWBOcqXiwRRCxUYQN0avkHT/dJ6piUscJPtRAkO1rvmvAgBy3zbGH3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmXyoX67/ZASrStt9F9nXsvx1WRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVpmS2hmcnY5a0JLdEsyMzBYMmRleV9IVlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKKvAgSIsLUXjpB1lUNu
4knyBwAaMe4hW9WtVaR7waI+YzGq0hqsQwyAuud3gI+/3D8XT60gYF3K/aSOu1Kk
bhgCk45nShxmyPHlp053ykBUco8GaUM5FuiZwP2hxsF+SEMnO/GMkTopOk/YWBYh
NAawvdzlJIXDsQCw0t7TskKl690vvyMTR/OvFloTlDCaYxSAPgOIFCtEq282VSm4
lv0C6ttnJMvWc2/R3VuyHTfD0StKo/9YOj1/aKt3p0oqg3dgqs2qZXDpjianpleJ
lXSVrEfxtMsx13Q47kZkS2tSlkYdMxWYCRnB4KHMnRc9Tu/ZRa8O+wi9k5W9B5De
xDQ=
-----END CERTIFICATE-----
Generated at Sun May 4 22:13:40 2025 by rpki-client