Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1UDKZIzRZwzl3r3LMWaKybRq9K8.roa
File: 1UDKZIzRZwzl3r3LMWaKybRq9K8.roa (raw, json)
Hash identifier: usFj/5xlHWYRRiZl2XwGOwE/h6nsYTLVb/1trBBqD04=
Subject key identifier: D5:40:CA:64:8C:D1:67:0C:E5:DE:BD:CB:31:66:8A:C9:B4:6A:F4:AF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188D8117C479B16DBD6D55DD0CDDFB983F3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1UDKZIzRZwzl3r3LMWaKybRq9K8.roa
Signing time: Tue 20 Jun 2023 09:10:04 +0000
ROA not before: Tue 20 Jun 2023 09:10:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:11:7c:47:9b:16:db:d6:d5:5d:d0:cd:df:b9:83:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 20 09:10:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d540ca648cd1670ce5debdcb31668ac9b46af4af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:17:6c:61:b4:67:ee:f0:3e:9c:0b:38:18:62:
6f:3d:d1:29:39:0f:4a:e9:58:8a:4f:3f:b9:74:dd:
66:09:8e:b6:1f:b7:1e:2f:94:48:d0:2b:1f:28:56:
5f:61:2b:7a:23:f2:06:ec:9d:b5:9c:25:fa:b8:3c:
fb:42:14:92:3d:8d:a2:f1:6e:d9:87:c6:6f:70:51:
15:d7:55:fe:0c:3f:ec:7d:30:aa:f3:6a:2d:22:1a:
8d:4e:7b:13:66:11:26:ae:ee:c7:05:78:8e:97:87:
ac:b0:0f:cc:35:5e:a3:80:00:fb:26:b8:9c:22:87:
0e:92:2b:7c:31:89:b8:ee:69:73:c5:22:2b:dd:99:
72:90:a1:4e:5f:a5:3e:e5:aa:ab:b2:f9:74:ae:f5:
4a:be:11:5d:47:19:71:a5:bb:55:b9:c1:8b:0b:9e:
f7:97:46:ef:41:ee:72:9e:3e:c5:7c:39:95:7c:72:
a5:10:2b:32:f5:f8:f8:f9:b0:03:44:3d:f7:4e:ab:
e3:66:8f:b1:b8:0c:cb:ab:99:6a:22:6d:5c:19:01:
14:91:9a:5a:43:8d:fc:00:c3:53:85:99:8b:2b:42:
fa:76:f9:11:fe:03:e1:27:b3:fc:65:1c:8b:58:20:
95:0e:97:cb:ee:b5:19:e4:0f:3f:6e:3a:0d:b9:20:
7b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:40:CA:64:8C:D1:67:0C:E5:DE:BD:CB:31:66:8A:C9:B4:6A:F4:AF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1UDKZIzRZwzl3r3LMWaKybRq9K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:ea:00:bb:4a:12:0b:95:53:ba:5e:2b:37:9d:28:98:c6:94:
e6:3d:1c:8b:46:98:d0:25:40:d0:17:63:4c:8e:68:f5:79:f5:
b2:4a:84:e7:47:3b:32:5c:9e:49:64:84:1c:e5:9b:90:d4:9f:
ce:b5:7c:7f:f0:2a:75:ce:21:9d:36:0e:44:92:82:f3:4d:71:
fd:44:00:10:37:2e:a0:c4:c9:54:5b:c3:f6:a7:c9:fc:d8:c1:
a2:54:0a:7f:8c:f0:52:a8:e0:04:be:6f:0a:83:43:c6:9d:ff:
d3:72:c5:ce:c7:d7:42:b3:a7:a0:db:73:8d:e3:1e:b9:74:3b:
11:7d:e5:a4:a2:68:69:f6:eb:ea:b6:aa:36:24:1f:ac:80:2d:
ba:9a:73:a8:01:f0:7b:37:f7:0d:01:33:be:be:80:f1:c9:00:
6b:af:5d:89:c0:9a:65:a4:c1:ee:9e:14:bd:04:6e:67:ae:e4:
7d:ab:ec:36:36:5e:e0:05:11:25:00:75:51:a7:24:50:0b:53:
ff:b6:09:50:c9:43:3f:23:36:88:32:74:77:fc:b0:0b:15:32:
31:b9:d6:5f:60:ff:fd:c2:6f:cd:31:5e:35:02:49:8e:bd:60:
c1:fc:6d:a1:2b:12:78:10:9b:a6:e3:85:3c:52:88:c8:10:e6:
f8:87:6f:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjYEXxHmxbb1tVd0M3fuYPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjIwMDkxMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQwY2E2NDhjZDE2NzBjZTVkZWJkY2IzMTY2OGFjOWI0NmFmNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRdsYbRn7vA+nAs4GGJvPdEpOQ9K
6ViKTz+5dN1mCY62H7ceL5RI0CsfKFZfYSt6I/IG7J21nCX6uDz7QhSSPY2i8W7Z
h8ZvcFEV11X+DD/sfTCq82otIhqNTnsTZhEmru7HBXiOl4essA/MNV6jgAD7Jric
IocOkit8MYm47mlzxSIr3ZlykKFOX6U+5aqrsvl0rvVKvhFdRxlxpbtVucGLC573
l0bvQe5ynj7FfDmVfHKlECsy9fj4+bADRD33TqvjZo+xuAzLq5lqIm1cGQEUkZpa
Q438AMNThZmLK0L6dvkR/gPhJ7P8ZRyLWCCVDpfL7rUZ5A8/bjoNuSB7nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNVAymSM0WcM5d69yzFmism0avSvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMVVES1pJelJad3psM3IzTE1XYUt5YlJxOUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABvqALtKEguVU7peKzed
KJjGlOY9HItGmNAlQNAXY0yOaPV59bJKhOdHOzJcnklkhBzlm5DUn861fH/wKnXO
IZ02DkSSgvNNcf1EABA3LqDEyVRbw/anyfzYwaJUCn+M8FKo4AS+bwqDQ8ad/9Ny
xc7H10Kzp6Dbc43jHrl0OxF95aSiaGn26+q2qjYkH6yALbqac6gB8Hs39w0BM76+
gPHJAGuvXYnAmmWkwe6eFL0Ebmeu5H2r7DY2XuAFESUAdVGnJFALU/+2CVDJQz8j
NogydHf8sAsVMjG51l9g//3Cb80xXjUCSY69YMH8baErEngQm6bjhTxSiMgQ5viH
b3E=
-----END CERTIFICATE-----
Generated at Thu Jun 12 21:29:28 2025 by rpki-client