Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/UsHKGW6ARy7gLT5NWVUP1MK-i_o.roa
File: UsHKGW6ARy7gLT5NWVUP1MK-i_o.roa (raw, json)
Hash identifier: opyPv9Ojy8cS2Uko7zBhKK0HoTXF4orTZPOauyDAtw8=
Subject key identifier: 52:C1:CA:19:6E:80:47:2E:E0:2D:3E:4D:59:55:0F:D4:C2:BE:8B:FA
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF231FE3F68CCEE9F7F5CD9560E5994A4
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/UsHKGW6ARy7gLT5NWVUP1MK-i_o.roa
Signing time: Thu 18 Apr 2024 17:12:26 +0000
ROA not before: Thu 18 Apr 2024 17:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f2:31:fe:3f:68:cc:ee:9f:7f:5c:d9:56:0e:59:94:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 17:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52c1ca196e80472ee02d3e4d59550fd4c2be8bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:94:ce:9b:d8:7d:f0:9d:5b:73:68:bc:2b:d2:
25:40:c0:fc:bd:2d:d7:f3:1e:1f:5a:e0:d1:4f:59:
55:dd:49:ac:7b:a0:a8:72:05:99:12:ee:95:5e:02:
58:36:60:1e:f2:d2:5e:3c:ff:4f:41:6d:95:47:40:
51:0f:f3:b7:65:6a:3f:1a:43:66:d3:ab:82:5f:5c:
65:98:20:ba:fb:f6:c8:23:76:e7:7d:1c:9c:67:eb:
f4:8c:2c:b8:8c:a3:14:2a:a0:5e:92:6b:04:1d:15:
81:0b:0d:eb:e3:9e:35:80:85:db:21:1b:ce:2e:81:
ce:80:ed:91:37:88:96:c8:d8:07:58:5f:0a:ff:c0:
eb:8b:dc:2e:46:1e:71:27:57:d9:2d:ed:d2:6c:74:
90:3f:db:64:43:10:d3:20:7f:18:0b:8f:4d:6f:7a:
56:fe:10:79:45:f2:89:2f:47:8a:0a:73:f8:e8:af:
e7:b6:bb:d7:d6:24:80:91:8b:41:82:6b:44:cc:f6:
3f:1a:16:64:7e:ab:d1:f2:87:b8:7e:5a:ea:57:ac:
37:9d:4f:1a:10:26:45:66:aa:31:5e:8b:fc:f8:c0:
30:d2:90:a4:40:17:31:f1:1d:ff:10:76:8a:56:28:
9a:e4:a3:8c:c4:1d:be:74:c5:d5:1b:4f:86:23:70:
17:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C1:CA:19:6E:80:47:2E:E0:2D:3E:4D:59:55:0F:D4:C2:BE:8B:FA
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/UsHKGW6ARy7gLT5NWVUP1MK-i_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:fc:c7:06:4b:37:aa:e7:c1:4f:6f:f5:28:61:7e:41:6a:1b:
e6:97:3b:37:ad:0d:7c:9e:d4:1b:81:2e:7d:e0:73:44:46:85:
9e:39:07:dd:c8:cd:2c:52:1f:c0:8a:29:c2:c4:c2:6e:af:3f:
90:13:dd:04:20:81:8e:ed:0f:3c:e8:50:10:13:bd:08:41:65:
c6:a3:f8:9c:6a:b1:30:0f:a1:5a:08:8e:7e:38:64:af:4d:62:
a2:33:15:6b:1a:81:f7:03:bc:a4:49:d6:ce:b4:75:e3:62:a9:
bc:b6:f7:ec:3b:71:7e:b7:31:a7:c4:31:1b:1a:81:3e:7c:9b:
06:2d:bf:44:51:04:b2:94:31:1b:3e:e0:b2:97:c9:d4:f7:45:
9e:71:fa:0b:14:4e:30:c5:86:e2:6c:a6:f2:4e:7d:35:c8:aa:
36:0e:c9:f2:6f:1a:7b:fb:a6:39:60:c1:b5:75:ee:07:38:4b:
f7:ff:28:48:d2:e8:36:1b:a6:6b:ec:8b:75:2e:8f:31:0b:1e:
69:50:7e:0e:02:6f:5b:cb:f2:70:da:ca:2f:0c:83:fa:26:0e:
e6:79:d5:9f:d5:93:84:c5:75:96:5a:4f:ae:00:d9:36:94:18:
54:28:c0:4a:67:81:05:b9:5e:22:df:b6:b0:7c:a4:0e:34:78:
c3:a5:5d:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7yMf4/aMzun39c2VYOWZSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MTcxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmMxY2ExOTZlODA0NzJlZTAyZDNlNGQ1OTU1MGZkNGMyYmU4YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5TOm9h98J1bc2i8K9IlQMD8vS3X
8x4fWuDRT1lV3Umse6CocgWZEu6VXgJYNmAe8tJePP9PQW2VR0BRD/O3ZWo/GkNm
06uCX1xlmCC6+/bII3bnfRycZ+v0jCy4jKMUKqBekmsEHRWBCw3r4541gIXbIRvO
LoHOgO2RN4iWyNgHWF8K/8Dri9wuRh5xJ1fZLe3SbHSQP9tkQxDTIH8YC49Nb3pW
/hB5RfKJL0eKCnP46K/ntrvX1iSAkYtBgmtEzPY/GhZkfqvR8oe4flrqV6w3nU8a
ECZFZqoxXov8+MAw0pCkQBcx8R3/EHaKViia5KOMxB2+dMXVG0+GI3AXHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFLByhlugEcu4C0+TVlVD9TCvov6MB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvVXNIS0dXNkFSeTdnTFQ1TldWVVAxTUstaV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACz8xwZLN6rnwU9v9Shh
fkFqG+aXOzetDXye1BuBLn3gc0RGhZ45B93IzSxSH8CKKcLEwm6vP5AT3QQggY7t
DzzoUBATvQhBZcaj+JxqsTAPoVoIjn44ZK9NYqIzFWsagfcDvKRJ1s60deNiqby2
9+w7cX63MafEMRsagT58mwYtv0RRBLKUMRs+4LKXydT3RZ5x+gsUTjDFhuJspvJO
fTXIqjYOyfJvGnv7pjlgwbV17gc4S/f/KEjS6DYbpmvsi3UujzELHmlQfg4Cb1vL
8nDayi8Mg/omDuZ51Z/Vk4TFdZZaT64A2TaUGFQowEpngQW5XiLftrB8pA40eMOl
XbA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:59:34 2025 by rpki-client