Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UZ9cb_xPy6k48gFUNZfL4QVkvYo.roa
File: UZ9cb_xPy6k48gFUNZfL4QVkvYo.roa (raw, json)
Hash identifier: OT3S/Q1FRRcb6/erc1ubQmDQjWLCZk0OBNXI4Zk/yxc=
Subject key identifier: 51:9F:5C:6F:FC:4F:CB:A9:38:F2:01:54:35:97:CB:E1:05:64:BD:8A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F6F832B2ADE469F9082FFEE02EF4D36E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UZ9cb_xPy6k48gFUNZfL4QVkvYo.roa
Signing time: Tue 15 Aug 2023 02:13:28 +0000
ROA not before: Tue 15 Aug 2023 02:13:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f6:f8:32:b2:ad:e4:69:f9:08:2f:fe:e0:2e:f4:d3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 15 02:13:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=519f5c6ffc4fcba938f201543597cbe10564bd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:47:ae:35:ca:bc:54:33:55:1a:da:a7:cf:
e3:5b:d2:74:3f:d5:04:ad:86:73:68:42:ed:62:cc:
58:30:c5:a0:d4:6c:a5:c9:d0:02:1f:e0:02:b3:0c:
31:8e:0e:ab:2c:eb:87:3a:b5:59:48:a2:11:05:cf:
f6:29:ef:34:4c:48:77:c5:3d:19:e5:88:9b:83:01:
b2:3d:65:19:d7:f8:89:90:8c:7f:d5:4a:1f:8f:76:
db:dd:76:b4:42:26:ad:66:1b:8e:f3:77:18:02:cf:
37:bc:10:90:f1:13:9c:40:c8:35:b4:ec:1d:23:3a:
6a:27:66:e0:27:25:a5:a2:eb:fb:ac:e0:ce:72:66:
db:65:db:97:7b:ce:59:b4:e0:a3:ec:b0:7f:4a:3f:
4b:b2:a3:de:09:81:de:ae:a5:2f:b6:c6:33:51:6d:
f1:58:0b:7a:f8:58:d1:85:f5:cb:fc:78:58:eb:c7:
79:9a:73:80:73:87:d4:87:48:59:b8:14:c8:e4:a7:
5b:f8:8d:9b:2e:7e:b0:59:d7:c4:b2:ec:b7:d9:cc:
40:84:66:f4:52:1b:49:d8:7d:75:76:e5:13:8f:02:
f8:c6:15:4d:0c:e4:7b:fb:dd:eb:53:2a:d8:4c:1b:
aa:9d:db:dc:dc:c4:00:a7:7b:1f:11:50:37:a6:36:
9d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9F:5C:6F:FC:4F:CB:A9:38:F2:01:54:35:97:CB:E1:05:64:BD:8A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UZ9cb_xPy6k48gFUNZfL4QVkvYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:e3:cf:d4:ca:8c:0e:f5:54:80:ce:80:34:77:d1:1c:06:8f:
d5:1a:35:6e:1d:41:63:c5:70:bc:6a:69:14:f4:bf:29:fc:cd:
62:c0:f7:e4:b5:f2:3a:03:1f:1a:1e:c2:a4:ba:81:cd:ec:8b:
3c:18:a2:50:6f:9b:4a:cd:75:68:c1:9c:fb:c1:71:59:4b:ed:
be:7e:db:24:b4:a7:95:40:a7:7e:9f:03:17:30:08:cc:04:d3:
89:b9:f0:a7:b2:d1:44:95:9a:92:c1:1c:3e:15:e9:65:c3:8b:
0d:f9:20:89:3e:97:98:c3:d2:d5:4e:3e:1c:ea:74:6f:1d:43:
cc:02:fb:89:52:82:71:0c:f9:96:84:fd:6d:ea:41:71:b6:3e:
0d:bb:d7:9d:7e:43:00:a6:4e:02:ff:3d:96:dd:9c:26:53:2b:
c8:a1:53:9f:ef:0e:de:b7:0e:8b:d4:00:7a:4f:d8:63:af:68:
5d:aa:71:28:84:f1:ad:c8:e1:59:31:d1:43:1d:ef:e5:31:3a:
59:69:4b:c3:86:53:eb:6e:0d:0e:76:c1:8d:9c:99:69:4e:bf:
4d:4f:83:89:3a:a4:1f:6f:48:75:7f:13:1e:59:26:c7:bc:a8:
48:91:94:04:de:c2:e8:f4:5a:bb:49:e0:99:5f:8e:88:d6:0f:
55:e8:40:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn2+DKyreRp+Qgv/uAu9NNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE1MDIxMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTlmNWM2ZmZjNGZjYmE5MzhmMjAxNTQzNTk3Y2JlMTA1NjRiZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosVHrjXKvFQzVRrap8/jW9J0P9UE
rYZzaELtYsxYMMWg1GylydACH+ACswwxjg6rLOuHOrVZSKIRBc/2Ke80TEh3xT0Z
5YibgwGyPWUZ1/iJkIx/1Uofj3bb3Xa0QiatZhuO83cYAs83vBCQ8ROcQMg1tOwd
IzpqJ2bgJyWlouv7rODOcmbbZduXe85ZtOCj7LB/Sj9LsqPeCYHerqUvtsYzUW3x
WAt6+FjRhfXL/HhY68d5mnOAc4fUh0hZuBTI5Kdb+I2bLn6wWdfEsuy32cxAhGb0
UhtJ2H11duUTjwL4xhVNDOR7+93rUyrYTBuqndvc3MQAp3sfEVA3pjadkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFGfXG/8T8upOPIBVDWXy+EFZL2KMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVVo5Y2JfeFB5Nms0OGdGVU5aZkw0UVZrdllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADPjz9TKjA71VIDOgDR3
0RwGj9UaNW4dQWPFcLxqaRT0vyn8zWLA9+S18joDHxoewqS6gc3sizwYolBvm0rN
dWjBnPvBcVlL7b5+2yS0p5VAp36fAxcwCMwE04m58Key0USVmpLBHD4V6WXDiw35
IIk+l5jD0tVOPhzqdG8dQ8wC+4lSgnEM+ZaE/W3qQXG2Pg27151+QwCmTgL/PZbd
nCZTK8ihU5/vDt63DovUAHpP2GOvaF2qcSiE8a3I4Vkx0UMd7+UxOllpS8OGU+tu
DQ52wY2cmWlOv01Pg4k6pB9vSHV/Ex5ZJse8qEiRlATewuj0WrtJ4JlfjojWD1Xo
QNo=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:20:45 2025 by rpki-client