Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ujhR2DGAxLu6laATJXLw9gPXelU.roa
File: ujhR2DGAxLu6laATJXLw9gPXelU.roa (raw, json)
Hash identifier: 5NZFiUORj+8NsdM6nMdEl5HtnUYI/dQQWKB7bdCTmFA=
Subject key identifier: BA:38:51:D8:31:80:C4:BB:BA:95:A0:13:25:72:F0:F6:03:D7:7A:55
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185266E35D540D0FAB05D03881DD3B96992
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ujhR2DGAxLu6laATJXLw9gPXelU.roa
Signing time: Sun 18 Dec 2022 18:10:35 +0000
ROA not before: Sun 18 Dec 2022 18:10:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:26:6e:35:d5:40:d0:fa:b0:5d:03:88:1d:d3:b9:69:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 18:10:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba3851d83180c4bbba95a0132572f0f603d77a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:41:32:5d:5c:be:26:4a:8d:0e:96:ec:e6:3c:
81:c3:36:46:ab:cf:28:83:95:6d:13:71:81:cc:ff:
18:8c:59:6e:be:79:10:cd:e1:03:e0:f6:15:ce:2b:
e5:ff:eb:88:a8:d5:f1:59:2d:af:d2:46:b1:5f:33:
22:ed:50:f6:26:be:c6:a7:70:71:19:14:e7:af:fe:
21:c5:4e:03:9c:71:73:5b:34:25:d9:d7:fd:54:dd:
13:1d:f0:ad:c9:b1:00:5b:db:c4:2b:97:4f:cf:a2:
0e:d5:72:32:64:62:67:17:d1:59:fd:07:4f:84:f3:
5a:91:eb:82:7a:c6:da:35:d5:3b:d0:a7:ac:db:ee:
71:93:b0:ec:60:a8:e5:43:d4:3b:ed:17:5e:a1:90:
a9:8e:5e:ba:43:6c:28:0d:88:26:98:1b:6b:76:e7:
78:70:e6:3c:ed:da:b6:42:87:5c:28:0f:56:d8:d1:
47:6f:18:22:5b:b9:9d:58:96:5f:4a:31:95:5c:c8:
f2:d5:8f:84:77:02:24:15:fd:e6:8b:8b:1f:37:92:
44:2f:09:93:36:58:62:70:0f:3c:94:05:ad:d4:4a:
69:04:75:8f:80:d5:69:5e:92:aa:7d:83:28:e7:f4:
c1:65:e1:9b:0e:86:90:79:2b:ab:5a:94:7e:17:cd:
2e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:38:51:D8:31:80:C4:BB:BA:95:A0:13:25:72:F0:F6:03:D7:7A:55
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ujhR2DGAxLu6laATJXLw9gPXelU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:4d:9c:1c:61:a9:d2:bc:1e:d5:23:23:e0:b1:1d:35:a8:61:
5f:cf:b3:f8:08:ff:25:97:d6:48:3d:71:95:aa:97:6a:56:2e:
cf:8c:06:f8:76:b3:fa:c9:92:4e:b4:83:2b:7d:af:f1:23:50:
cc:df:0e:45:0a:6f:21:3a:fb:d8:76:4e:16:34:70:8f:78:63:
8f:8f:5c:aa:0f:a0:14:5a:a3:4b:1d:9e:3d:16:c2:12:ca:88:
28:2b:95:95:e4:e2:ec:a4:10:24:50:4c:4c:d8:9d:f6:77:0c:
95:62:fb:4a:5f:f5:69:ba:03:66:c0:e6:83:10:c3:c8:c8:c6:
3a:c2:a8:ab:3d:37:67:42:0a:1b:a9:cf:69:e1:63:44:5f:3f:
ee:24:9b:4c:32:ce:df:0e:ac:45:de:40:5e:01:3e:cb:78:ec:
d6:27:32:11:83:d6:2f:19:e4:ac:f7:b3:4f:6e:f5:93:37:bf:
0f:cf:f4:88:58:a8:7c:23:14:13:1a:2b:d7:99:b2:69:51:bf:
9c:24:5f:c8:f7:41:ea:76:a5:1a:2a:e3:e3:e7:18:8f:37:b3:
63:ab:cf:26:1d:67:fd:f6:fa:d7:ca:6f:c8:2c:45:b2:e0:11:
5a:14:1a:d7:54:cb:72:4e:44:a4:9a:ce:94:ee:75:35:00:19:
7f:47:2d:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUmbjXVQND6sF0DiB3TuWmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MTgxMDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTM4NTFkODMxODBjNGJiYmE5NWEwMTMyNTcyZjBmNjAzZDc3YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUEyXVy+JkqNDpbs5jyBwzZGq88o
g5VtE3GBzP8YjFluvnkQzeED4PYVzivl/+uIqNXxWS2v0kaxXzMi7VD2Jr7Gp3Bx
GRTnr/4hxU4DnHFzWzQl2df9VN0THfCtybEAW9vEK5dPz6IO1XIyZGJnF9FZ/QdP
hPNakeuCesbaNdU70Kes2+5xk7DsYKjlQ9Q77RdeoZCpjl66Q2woDYgmmBtrdud4
cOY87dq2QodcKA9W2NFHbxgiW7mdWJZfSjGVXMjy1Y+EdwIkFf3mi4sfN5JELwmT
NlhicA88lAWt1EppBHWPgNVpXpKqfYMo5/TBZeGbDoaQeSurWpR+F80umQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLo4UdgxgMS7upWgEyVy8PYD13pVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdWpoUjJER0F4THU2bGFBVEpYTHc5Z1BYZWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIVNnBxhqdK8HtUjI+Cx
HTWoYV/Ps/gI/yWX1kg9cZWql2pWLs+MBvh2s/rJkk60gyt9r/EjUMzfDkUKbyE6
+9h2ThY0cI94Y4+PXKoPoBRao0sdnj0WwhLKiCgrlZXk4uykECRQTEzYnfZ3DJVi
+0pf9Wm6A2bA5oMQw8jIxjrCqKs9N2dCChupz2nhY0RfP+4km0wyzt8OrEXeQF4B
Pst47NYnMhGD1i8Z5Kz3s09u9ZM3vw/P9IhYqHwjFBMaK9eZsmlRv5wkX8j3Qep2
pRoq4+PnGI83s2OrzyYdZ/32+tfKb8gsRbLgEVoUGtdUy3JORKSazpTudTUAGX9H
LcE=
-----END CERTIFICATE-----
Generated at Thu May 1 10:03:31 2025 by rpki-client