Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uaNkwGcRxuBsfx4l4YEyzYqIfTU.roa
File: uaNkwGcRxuBsfx4l4YEyzYqIfTU.roa (raw, json)
Hash identifier: H3hOXx32MjnWYq2ekmGh7xm/F7GuFabPzcGhEUnnBvY=
Subject key identifier: B9:A3:64:C0:67:11:C6:E0:6C:7F:1E:25:E1:81:32:CD:8A:88:7D:35
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A3778A3CFE6DB6AB0E21E7960762034F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uaNkwGcRxuBsfx4l4YEyzYqIfTU.roa
Signing time: Sat 29 Jul 2023 21:04:27 +0000
ROA not before: Sat 29 Jul 2023 21:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:a377:6dd0/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a3:77:8a:3c:fe:6d:b6:ab:0e:21:e7:96:07:62:03:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 29 21:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9a364c06711c6e06c7f1e25e18132cd8a887d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a1:17:5d:ae:6b:16:56:af:3e:93:09:76:70:
76:38:78:2e:85:95:9b:83:9e:94:0c:b1:a9:60:d6:
bb:28:20:fc:dd:98:bd:9e:9f:bf:cc:3e:92:c8:35:
85:9f:c4:d6:9c:32:54:54:7e:66:44:80:74:59:1a:
0e:fa:92:d3:9e:90:b3:11:0f:83:65:fb:36:56:ab:
55:1e:e6:d6:34:82:0f:4f:a6:9b:cf:9d:5a:c8:48:
1b:de:e1:96:11:c1:9b:49:ad:9e:ac:d1:d7:05:6a:
41:08:41:03:15:64:71:26:ff:25:ce:48:0a:6c:6b:
60:1f:3f:08:9b:6b:b1:56:82:4a:96:5f:15:a3:5a:
a4:ac:57:d5:57:dc:ed:a4:0a:d5:49:1e:96:29:34:
ea:0e:2b:6e:63:de:10:61:82:18:31:72:6a:8f:73:
b2:48:03:e3:15:36:ed:90:c9:1e:09:a8:02:d5:a2:
5f:8b:8f:5a:23:05:2d:9d:94:0d:78:0e:23:c1:71:
a9:51:6b:f7:cc:de:b0:56:ff:ac:e9:4d:34:e5:36:
15:77:b7:fa:3f:8b:32:f9:c5:cc:1b:c9:45:4c:00:
a0:47:0c:21:f2:ef:d6:ff:4f:d0:92:f4:2c:4b:bd:
0c:f0:a3:e8:c0:76:b5:a1:a8:6f:f6:fe:b9:c5:66:
78:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A3:64:C0:67:11:C6:E0:6C:7F:1E:25:E1:81:32:CD:8A:88:7D:35
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uaNkwGcRxuBsfx4l4YEyzYqIfTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:fe:d2:6e:65:2a:12:e4:ae:d7:2e:ea:61:00:95:81:91:ca:
ed:cf:0e:9b:74:5b:2e:c4:6d:57:07:af:1a:bd:10:b1:6f:86:
50:de:40:9c:97:05:f9:ec:95:30:65:c2:1e:a9:27:58:8c:92:
b2:40:d3:0d:96:b4:d8:be:d2:1f:e6:b8:49:b1:65:61:94:0c:
a2:66:c0:a1:99:8e:c1:bc:ba:47:d6:23:a3:44:7a:2c:23:b4:
0b:82:bc:e9:4e:cc:7c:ce:5a:8a:ed:4c:3d:22:7e:ed:17:ac:
52:49:61:70:c7:33:94:8c:94:ed:24:a7:92:93:c2:da:cd:ab:
e6:26:37:27:c2:a0:72:a1:06:9a:66:8c:22:9d:71:a1:0c:a6:
ba:59:45:65:1d:ed:e8:b0:34:12:5e:dd:dc:e5:0c:92:73:89:
90:ed:e8:30:5a:28:60:05:39:1e:6c:35:1c:f6:bd:fa:73:44:
85:22:14:79:bc:77:a3:51:1c:d7:0f:27:3c:f2:0e:50:02:2c:
5e:6b:fb:6a:84:6b:c5:57:2e:b4:c0:6b:70:b2:7e:f9:ab:36:
b6:e5:92:6a:8b:bf:73:b6:9e:09:98:97:f1:31:81:d2:7b:ff:
6b:e7:56:7a:52:e8:06:aa:5b:14:ca:c4:54:7b:99:a1:8a:56:
dc:44:0b:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmjd4o8/m22qw4h55YHYgNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI5MjEwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWEzNjRjMDY3MTFjNmUwNmM3ZjFlMjVlMTgxMzJjZDhhODg3ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaEXXa5rFlavPpMJdnB2OHguhZWb
g56UDLGpYNa7KCD83Zi9np+/zD6SyDWFn8TWnDJUVH5mRIB0WRoO+pLTnpCzEQ+D
Zfs2VqtVHubWNIIPT6abz51ayEgb3uGWEcGbSa2erNHXBWpBCEEDFWRxJv8lzkgK
bGtgHz8Im2uxVoJKll8Vo1qkrFfVV9ztpArVSR6WKTTqDituY94QYYIYMXJqj3Oy
SAPjFTbtkMkeCagC1aJfi49aIwUtnZQNeA4jwXGpUWv3zN6wVv+s6U005TYVd7f6
P4sy+cXMG8lFTACgRwwh8u/W/0/QkvQsS70M8KPowHa1oahv9v65xWZ4QwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmjZMBnEcbgbH8eJeGBMs2KiH01MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdWFOa3dHY1J4dUJzZng0bDRZRXl6WXFJZlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAn+0m5lKhLkrtcu6mEA
lYGRyu3PDpt0Wy7EbVcHrxq9ELFvhlDeQJyXBfnslTBlwh6pJ1iMkrJA0w2WtNi+
0h/muEmxZWGUDKJmwKGZjsG8ukfWI6NEeiwjtAuCvOlOzHzOWortTD0ifu0XrFJJ
YXDHM5SMlO0kp5KTwtrNq+YmNyfCoHKhBppmjCKdcaEMprpZRWUd7eiwNBJe3dzl
DJJziZDt6DBaKGAFOR5sNRz2vfpzRIUiFHm8d6NRHNcPJzzyDlACLF5r+2qEa8VX
LrTAa3CyfvmrNrblkmqLv3O2ngmYl/ExgdJ7/2vnVnpS6AaqWxTKxFR7maGKVtxE
C30=
-----END CERTIFICATE-----
Generated at Fri May 2 08:47:54 2025 by rpki-client