Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvVFytnkgqKhjJ0xf6NlnweK8u8.roa
File: uvVFytnkgqKhjJ0xf6NlnweK8u8.roa (raw, json)
Hash identifier: pNleQty3npwii8ypuexYlgGThAdfFh8ajHR7FmkCSfA=
Subject key identifier: BA:F5:45:CA:D9:E4:82:A2:A1:8C:9D:31:7F:A3:65:9F:07:8A:F2:EF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184EC1307582A5B1969EBAA866DC3511F31
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvVFytnkgqKhjJ0xf6NlnweK8u8.roa
Signing time: Wed 07 Dec 2022 10:13:00 +0000
ROA not before: Wed 07 Dec 2022 10:13:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:13:07:58:2a:5b:19:69:eb:aa:86:6d:c3:51:1f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 7 10:13:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=baf545cad9e482a2a18c9d317fa3659f078af2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:89:1e:c3:f4:97:0b:2e:fa:e6:07:21:36:50:
fe:4e:c3:c2:53:38:50:fd:d8:8f:4a:32:da:69:fe:
4b:74:0e:2f:55:28:ec:67:79:d2:18:2d:09:02:a9:
77:5d:e5:41:aa:e1:86:9b:57:5d:83:c6:d4:b8:c6:
12:94:9b:38:71:66:8b:33:fb:0d:47:be:2f:87:a7:
d7:ed:95:bd:79:12:c4:8e:37:6a:b1:ea:68:99:48:
a5:64:96:05:e7:d8:55:9b:d0:a1:7d:26:7f:fa:07:
9e:12:a3:a1:25:82:bb:65:49:2c:39:de:76:d8:54:
4b:52:d8:f0:a2:4b:81:a3:33:50:7d:e9:3f:c1:8e:
64:1c:ec:da:1b:3a:41:b9:f5:d0:71:d4:b6:fa:37:
86:26:95:ed:5c:a8:5d:f6:1b:71:15:d8:ad:cd:3f:
79:2b:a3:15:7a:be:00:ee:95:e7:19:68:3c:c7:5e:
62:5d:51:72:b4:c7:28:7a:a1:c3:2e:fc:c7:d0:24:
9a:2b:16:a1:3e:9c:8a:63:68:0b:d2:81:23:95:07:
da:9d:b7:0e:96:b5:dc:1d:3f:6b:2b:d5:10:6f:53:
54:17:f8:d2:b7:3d:fd:6f:30:af:de:86:f1:33:90:
8e:8c:9f:96:07:15:c9:0f:17:06:7b:b9:f8:23:1c:
bb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F5:45:CA:D9:E4:82:A2:A1:8C:9D:31:7F:A3:65:9F:07:8A:F2:EF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uvVFytnkgqKhjJ0xf6NlnweK8u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:fa:0a:c1:b5:d5:d9:26:5b:71:7b:08:c7:d6:82:a0:4a:7a:
78:80:ef:15:49:d5:5a:c8:90:53:37:02:67:04:53:6c:94:92:
9e:ed:b8:b3:5e:26:d5:27:31:b5:ff:22:28:b4:3a:98:a1:e6:
b2:02:ca:91:b0:d1:f4:81:ab:40:7d:10:62:23:06:37:44:4f:
53:92:ab:08:3e:4e:6d:ab:7d:93:67:c2:cb:87:7c:2c:6d:f4:
92:fa:8a:1c:bc:44:81:c9:f1:07:c6:6d:ac:b3:67:40:c7:e3:
24:4a:99:8c:83:57:32:b1:34:da:37:d3:bd:de:ea:95:5c:ea:
51:cd:bc:47:c8:87:b9:b1:f7:4b:d5:0a:80:dd:8b:6d:54:5f:
58:ed:25:9d:00:dc:01:45:db:d2:fe:b6:2d:f8:88:b7:5c:be:
60:21:1f:6c:63:ff:30:d9:c4:d0:d1:a5:2d:a9:8e:25:d2:d7:
35:15:86:44:e5:63:41:a4:86:ad:a9:c1:44:48:94:3e:20:69:
6a:e8:60:6e:ec:7e:ea:6f:e1:91:a2:08:89:95:37:cb:ea:af:
9d:48:b4:11:e7:87:ee:52:e7:db:72:db:31:1d:7d:7a:6e:f8:
8c:57:75:cf:24:97:fa:50:5d:ca:2b:f8:f2:85:5c:9f:b7:a4:
c9:88:0d:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTsEwdYKlsZaeuqhm3DUR8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA3MTAxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY1NDVjYWQ5ZTQ4MmEyYTE4YzlkMzE3ZmEzNjU5ZjA3OGFmMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIkew/SXCy765gchNlD+TsPCUzhQ
/diPSjLaaf5LdA4vVSjsZ3nSGC0JAql3XeVBquGGm1ddg8bUuMYSlJs4cWaLM/sN
R74vh6fX7ZW9eRLEjjdqsepomUilZJYF59hVm9ChfSZ/+geeEqOhJYK7ZUksOd52
2FRLUtjwokuBozNQfek/wY5kHOzaGzpBufXQcdS2+jeGJpXtXKhd9htxFditzT95
K6MVer4A7pXnGWg8x15iXVFytMcoeqHDLvzH0CSaKxahPpyKY2gL0oEjlQfanbcO
lrXcHT9rK9UQb1NUF/jStz39bzCv3obxM5COjJ+WBxXJDxcGe7n4Ixy7HQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLr1RcrZ5IKioYydMX+jZZ8HivLvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdXZWRnl0bmtncUtoakoweGY2Tmxud2VLOHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFL6CsG11dkmW3F7CMfW
gqBKeniA7xVJ1VrIkFM3AmcEU2yUkp7tuLNeJtUnMbX/Iii0Opih5rICypGw0fSB
q0B9EGIjBjdET1OSqwg+Tm2rfZNnwsuHfCxt9JL6ihy8RIHJ8QfGbayzZ0DH4yRK
mYyDVzKxNNo3073e6pVc6lHNvEfIh7mx90vVCoDdi21UX1jtJZ0A3AFF29L+ti34
iLdcvmAhH2xj/zDZxNDRpS2pjiXS1zUVhkTlY0Gkhq2pwURIlD4gaWroYG7sfupv
4ZGiCImVN8vqr51ItBHnh+5S59ty2zEdfXpu+IxXdc8kl/pQXcor+PKFXJ+3pMmI
DbI=
-----END CERTIFICATE-----
Generated at Sun May 4 05:23:46 2025 by rpki-client