Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U8TfjL1LIO2Tlh7xts7zfJnOw6Q.roa
File: U8TfjL1LIO2Tlh7xts7zfJnOw6Q.roa (raw, json)
Hash identifier: YcygtHs65rxpp/SXQ7ON9k02mzAbq0Ostq9bk5SAbRQ=
Subject key identifier: 53:C4:DF:8C:BD:4B:20:ED:93:96:1E:F1:B6:CE:F3:7C:99:CE:C3:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018597B857AAD302BBF8721F8CAD8B27F06F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U8TfjL1LIO2Tlh7xts7zfJnOw6Q.roa
Signing time: Mon 09 Jan 2023 18:08:38 +0000
ROA not before: Mon 09 Jan 2023 18:08:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:b8:57:aa:d3:02:bb:f8:72:1f:8c:ad:8b:27:f0:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 9 18:08:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53c4df8cbd4b20ed93961ef1b6cef37c99cec3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:15:c1:dc:47:11:39:a3:35:6d:2a:af:97:cd:
d2:4c:02:c8:85:61:1f:a0:20:06:0b:8d:d5:ee:a2:
87:55:12:72:5f:4d:18:ae:0d:84:c5:e1:e9:e1:82:
f8:ce:19:57:48:70:89:fe:4d:4e:7a:d4:62:de:e6:
51:31:d9:31:d0:37:71:6f:76:47:e8:88:84:2e:d1:
66:5c:8f:e2:c3:5e:27:8c:4c:eb:c2:97:9e:b4:de:
22:e8:bb:0f:af:94:c6:fc:d7:71:46:6a:4b:ec:c3:
27:65:2d:b6:2e:9b:d1:eb:63:24:29:a8:cf:27:2b:
bc:ad:0a:9e:7d:81:25:08:a2:8d:fa:0d:92:8b:90:
6b:26:f1:56:69:10:fa:fd:c0:bd:42:ba:bd:40:f6:
b3:0e:1e:51:fc:bf:5b:34:4e:dc:6e:ca:da:79:ea:
2b:26:8d:71:b5:dc:c8:52:c4:b7:9c:98:c9:3c:ef:
48:e1:3c:6c:9e:2b:33:cd:42:e7:08:a7:4e:04:39:
90:5b:37:74:b0:fc:69:33:2c:34:61:d7:35:bf:01:
36:c7:f5:3d:3c:cc:63:db:92:0a:74:99:c7:9f:02:
b1:1b:af:e4:72:c9:56:bb:5d:7a:0f:55:8c:31:88:
3c:b7:38:d2:a8:fa:d3:7b:7e:4b:d3:7d:60:79:db:
49:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C4:DF:8C:BD:4B:20:ED:93:96:1E:F1:B6:CE:F3:7C:99:CE:C3:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/U8TfjL1LIO2Tlh7xts7zfJnOw6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:6c:97:65:a2:ac:52:1c:4b:44:93:d1:89:d0:ce:fe:c1:b6:
8d:94:2a:e6:91:56:61:df:15:38:1f:bf:29:c5:a7:81:2f:39:
4c:af:d1:80:a9:85:8c:98:1f:3d:a7:2e:4a:50:b0:5f:ca:74:
d4:d7:d5:66:12:df:ce:60:c2:37:1c:85:3b:a8:33:7d:30:33:
e8:ce:30:74:f3:c2:6c:e7:8f:55:0f:60:40:5a:3e:2f:61:c0:
0a:14:4e:77:ab:72:b3:d0:d8:a0:0a:89:27:08:51:55:67:96:
7b:6c:7b:7f:7b:1f:8e:d2:09:08:ea:a3:60:e3:3e:64:67:97:
7a:20:f9:47:13:34:e1:25:09:f0:8c:be:12:89:cc:3a:a8:90:
2b:c5:d9:3a:79:17:0f:dc:d3:2a:3c:f1:c6:73:03:2a:cb:d7:
5d:81:8f:f3:a5:16:45:23:61:08:f6:9d:65:5a:42:3a:d9:3b:
06:c9:14:1d:0f:b6:9c:cd:9c:a1:20:c3:5f:8a:28:a4:82:9c:
7d:0b:dc:05:5d:ea:1b:61:92:66:ad:33:9f:27:38:99:ff:2d:
d3:83:ee:ea:d6:5b:f1:ea:52:ff:89:3f:43:a6:69:46:95:57:
ed:51:a9:ed:96:a1:bd:6f:8e:4e:29:38:fa:a2:4d:c5:12:f6:
42:c7:e6:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWXuFeq0wK7+HIfjK2LJ/BvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA5MTgwODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2M0ZGY4Y2JkNGIyMGVkOTM5NjFlZjFiNmNlZjM3Yzk5Y2VjM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRXB3EcROaM1bSqvl83STALIhWEf
oCAGC43V7qKHVRJyX00Yrg2ExeHp4YL4zhlXSHCJ/k1OetRi3uZRMdkx0Ddxb3ZH
6IiELtFmXI/iw14njEzrwpeetN4i6LsPr5TG/NdxRmpL7MMnZS22LpvR62MkKajP
Jyu8rQqefYElCKKN+g2Si5BrJvFWaRD6/cC9Qrq9QPazDh5R/L9bNE7cbsraeeor
Jo1xtdzIUsS3nJjJPO9I4TxsniszzULnCKdOBDmQWzd0sPxpMyw0Ydc1vwE2x/U9
PMxj25IKdJnHnwKxG6/kcslWu116D1WMMYg8tzjSqPrTe35L031gedtJ8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFPE34y9SyDtk5Ye8bbO83yZzsOkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVThUZmpMMUxJTzJUbGg3eHRzN3pmSm5PdzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFtsl2WirFIcS0ST0YnQ
zv7Bto2UKuaRVmHfFTgfvynFp4EvOUyv0YCphYyYHz2nLkpQsF/KdNTX1WYS385g
wjcchTuoM30wM+jOMHTzwmznj1UPYEBaPi9hwAoUTnercrPQ2KAKiScIUVVnlnts
e397H47SCQjqo2DjPmRnl3og+UcTNOElCfCMvhKJzDqokCvF2Tp5Fw/c0yo88cZz
AyrL112Bj/OlFkUjYQj2nWVaQjrZOwbJFB0PtpzNnKEgw1+KKKSCnH0L3AVd6hth
kmatM58nOJn/LdOD7urWW/HqUv+JP0OmaUaVV+1Rqe2Wob1vjk4pOPqiTcUS9kLH
5iw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 09:05:11 2025 by rpki-client