Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uwFsR3Q_DL5PNO-mnb3SWnUCgtE.roa
File: uwFsR3Q_DL5PNO-mnb3SWnUCgtE.roa (raw, json)
Hash identifier: nLVqL6ZwVeRAwSV3e8FIBvGmvrGtUgi6Hp5P++0qxGs=
Subject key identifier: BB:01:6C:47:74:3F:0C:BE:4F:34:EF:A6:9D:BD:D2:5A:75:02:82:D1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1314328F3A419667AAA41FCF16DE333F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uwFsR3Q_DL5PNO-mnb3SWnUCgtE.roa
Signing time: Sun 20 Aug 2023 13:13:25 +0000
ROA not before: Sun 20 Aug 2023 13:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:13:14:32:8f:3a:41:96:67:aa:a4:1f:cf:16:de:33:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 20 13:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb016c47743f0cbe4f34efa69dbdd25a750282d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ce:92:01:b8:92:ba:1d:78:61:29:07:d4:11:
ef:e0:dc:7f:73:ff:21:75:ab:bb:5d:57:8c:37:db:
ea:9c:ff:c9:fa:d8:8b:c0:a1:29:57:49:ca:a1:16:
79:4f:70:e6:00:4e:4e:1b:1f:f4:d0:06:40:86:32:
83:be:4f:95:c6:62:25:97:24:66:2c:cf:51:d4:9d:
cb:e4:0d:90:a0:25:76:d4:df:4e:ff:4a:ff:e9:5d:
87:41:6c:68:d4:8c:80:8c:79:7e:6e:2b:40:4e:17:
6a:6f:ee:0c:45:f6:f8:a6:1a:a6:5e:91:2b:5c:53:
eb:16:a5:47:10:ec:de:3d:fa:23:8d:54:84:32:c0:
d6:27:09:c1:b0:cb:69:d9:c5:e9:0f:84:9c:1e:50:
23:e8:8f:11:19:f8:c0:f8:06:88:95:fd:e2:3d:a5:
d3:2c:41:a5:60:dd:7c:46:dd:98:1f:02:2b:ca:ce:
86:a0:42:2f:15:62:51:78:29:05:42:eb:0c:96:00:
22:2c:21:bf:7a:03:8c:1c:02:1e:d9:a4:0b:d0:e0:
d5:fe:91:2b:b4:ed:55:f2:4e:55:08:ef:7b:d2:2c:
14:91:aa:cb:68:35:21:c1:ae:72:43:18:5d:a4:c3:
d8:47:f0:a3:30:15:51:75:f9:f8:14:df:08:e8:53:
69:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:01:6C:47:74:3F:0C:BE:4F:34:EF:A6:9D:BD:D2:5A:75:02:82:D1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uwFsR3Q_DL5PNO-mnb3SWnUCgtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:7e:8d:fb:58:22:86:97:46:7a:12:e0:f7:be:70:46:6f:66:
de:a0:f3:f2:e4:d2:bb:a9:a1:7a:cc:72:30:a7:1a:60:86:01:
83:19:26:77:ef:fb:ae:23:51:5e:9f:1d:0d:ec:d0:e6:19:27:
27:d0:ea:43:28:ab:83:6d:bc:f8:56:0a:f8:b6:75:ba:24:f2:
e0:44:29:7c:f9:ec:35:2b:05:14:5e:2e:93:ef:2c:46:7a:a6:
62:c7:54:a9:a1:dd:cc:27:16:c6:25:52:da:5a:8c:94:74:61:
95:6a:01:5c:3e:a7:70:44:16:1a:84:a5:09:ac:0e:de:f1:29:
3d:01:e6:da:c0:07:a3:87:1f:4c:57:9e:25:5e:ff:82:08:77:
99:63:58:39:1b:47:a8:db:ef:53:6f:01:37:dc:67:2a:93:e1:
f4:37:63:83:0b:c2:97:b4:de:44:c5:83:82:8f:73:65:2d:e9:
c2:2e:c1:77:7a:92:30:46:9e:80:32:50:e7:c8:20:cd:ff:22:
30:1e:60:7b:72:18:17:96:db:9c:f8:76:ca:fd:6a:a9:66:32:
f3:b1:69:39:15:5f:14:9e:c1:92:8f:ab:04:fa:20:88:d1:1b:
00:ae:49:19:8b:f2:2d:37:c1:b3:06:df:35:84:6d:d0:5c:bf:
a4:fb:6c:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoTFDKPOkGWZ6qkH88W3jM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIwMTMxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjAxNmM0Nzc0M2YwY2JlNGYzNGVmYTY5ZGJkZDI1YTc1MDI4MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM6SAbiSuh14YSkH1BHv4Nx/c/8h
dau7XVeMN9vqnP/J+tiLwKEpV0nKoRZ5T3DmAE5OGx/00AZAhjKDvk+VxmIllyRm
LM9R1J3L5A2QoCV21N9O/0r/6V2HQWxo1IyAjHl+bitAThdqb+4MRfb4phqmXpEr
XFPrFqVHEOzePfojjVSEMsDWJwnBsMtp2cXpD4ScHlAj6I8RGfjA+AaIlf3iPaXT
LEGlYN18Rt2YHwIrys6GoEIvFWJReCkFQusMlgAiLCG/egOMHAIe2aQL0ODV/pEr
tO1V8k5VCO970iwUkarLaDUhwa5yQxhdpMPYR/CjMBVRdfn4FN8I6FNp4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLsBbEd0Pwy+TzTvpp290lp1AoLRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdXdGc1IzUV9ETDVQTk8tbW5iM1NXblVDZ3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEp+jftYIoaXRnoS4Pe+
cEZvZt6g8/Lk0rupoXrMcjCnGmCGAYMZJnfv+64jUV6fHQ3s0OYZJyfQ6kMoq4Nt
vPhWCvi2dbok8uBEKXz57DUrBRReLpPvLEZ6pmLHVKmh3cwnFsYlUtpajJR0YZVq
AVw+p3BEFhqEpQmsDt7xKT0B5trAB6OHH0xXniVe/4IId5ljWDkbR6jb71NvATfc
ZyqT4fQ3Y4MLwpe03kTFg4KPc2Ut6cIuwXd6kjBGnoAyUOfIIM3/IjAeYHtyGBeW
25z4dsr9aqlmMvOxaTkVXxSewZKPqwT6IIjRGwCuSRmL8i03wbMG3zWEbdBcv6T7
bGY=
-----END CERTIFICATE-----
Generated at Thu May 1 10:00:02 2025 by rpki-client