Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UqRP2INsMVjcz7m4-5U0S4fhwdw.roa
File: UqRP2INsMVjcz7m4-5U0S4fhwdw.roa (raw, json)
Hash identifier: fWZnaI8xxhrWX8GxIM4T/Jr8GdtqtA1D4mZ62/9iUSg=
Subject key identifier: 52:A4:4F:D8:83:6C:31:58:DC:CF:B9:B8:FB:95:34:4B:87:E1:C1:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2F96B1068A249A027198FD671E865E20
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UqRP2INsMVjcz7m4-5U0S4fhwdw.roa
Signing time: Sat 26 Aug 2023 02:05:19 +0000
ROA not before: Sat 26 Aug 2023 02:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:2f95:d578/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2f:96:b1:06:8a:24:9a:02:71:98:fd:67:1e:86:5e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 02:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52a44fd8836c3158dccfb9b8fb95344b87e1c1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:05:4d:81:ab:62:65:df:8b:5d:c2:d5:0e:b4:
c2:54:7a:d0:4f:8e:6a:93:31:6a:e2:ce:b2:5b:6a:
88:ea:eb:0f:c5:68:30:39:50:24:ee:ed:7d:19:fc:
e0:55:19:0f:7d:f7:28:d0:54:20:8a:d7:3a:86:bb:
c6:38:53:0f:7c:9c:b2:4e:ab:29:69:e2:25:ed:a9:
cb:51:d9:bf:e3:f5:c0:cb:94:1d:12:dc:a6:3d:7e:
0f:41:5e:97:11:f4:49:53:26:b2:93:a4:6a:75:eb:
eb:3f:98:b5:37:34:8e:64:e0:85:6b:a2:0d:59:55:
f8:4c:46:98:12:db:66:72:4a:66:68:4c:85:91:a6:
74:5e:a9:0c:ff:d8:7c:b0:ca:b1:ae:27:6e:41:40:
60:17:82:f6:33:8e:b8:63:d2:ac:4b:f3:90:04:f6:
75:64:b3:b8:0a:7a:7d:8c:12:e2:a1:c5:b8:0f:d5:
de:55:10:19:f7:73:c7:23:40:2f:9f:b7:d2:b7:77:
eb:35:ea:d7:59:73:02:b2:fe:c0:b4:ac:a7:b1:eb:
60:95:f8:b5:92:b9:f3:87:14:37:d8:59:58:1f:c7:
43:d1:79:ff:b6:bc:ba:14:c7:1d:86:91:c4:3e:52:
0c:bd:71:f3:86:b3:9b:7f:74:72:53:37:38:ce:ba:
af:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A4:4F:D8:83:6C:31:58:DC:CF:B9:B8:FB:95:34:4B:87:E1:C1:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UqRP2INsMVjcz7m4-5U0S4fhwdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:83:d1:90:0b:96:65:18:4e:c1:5c:f8:dd:57:7a:e2:46:44:
0b:62:06:59:db:fb:2e:b3:81:8c:36:b4:ad:7f:33:af:fe:4f:
cf:93:4d:e8:87:02:8c:ee:e1:ac:a0:3d:d1:f9:61:bc:e1:7c:
dd:24:ca:96:5a:e8:64:0a:21:63:1b:a6:39:4d:89:3e:cf:48:
cd:1f:54:49:2b:d0:1d:7d:1d:6b:d1:53:da:eb:2b:76:55:bf:
0e:77:ec:01:20:d5:6d:c6:d1:6b:12:e8:37:e5:5d:55:ea:30:
cd:52:52:4c:29:00:7b:a5:a6:7d:64:95:8e:e5:a8:bc:49:fc:
9b:c8:78:8b:00:31:4e:ea:6a:2a:5a:5e:a7:8b:b3:cb:40:e8:
8c:f5:12:7e:6e:c9:b1:d7:a5:49:2b:89:eb:c7:8b:24:36:32:
6b:ca:e6:97:04:14:29:2a:5f:44:e4:5a:16:44:55:99:e4:34:
d4:3a:af:65:dc:d1:8d:64:40:ca:f0:ca:ce:f0:e6:83:48:06:
08:25:83:56:75:96:07:ad:56:23:0a:6a:ec:ee:45:fd:a8:6b:
30:b3:ff:2b:35:7e:0b:92:bd:6d:49:72:69:15:79:4e:11:4e:
a6:dc:98:5e:d7:85:98:f6:90:03:5e:24:ec:1d:01:21:30:f2:
91:d4:4b:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYovlrEGiiSaAnGY/Wcehl4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI2MDIwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmE0NGZkODgzNmMzMTU4ZGNjZmI5YjhmYjk1MzQ0Yjg3ZTFjMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gVNgatiZd+LXcLVDrTCVHrQT45q
kzFq4s6yW2qI6usPxWgwOVAk7u19GfzgVRkPffco0FQgitc6hrvGOFMPfJyyTqsp
aeIl7anLUdm/4/XAy5QdEtymPX4PQV6XEfRJUyayk6RqdevrP5i1NzSOZOCFa6IN
WVX4TEaYEttmckpmaEyFkaZ0XqkM/9h8sMqxriduQUBgF4L2M464Y9KsS/OQBPZ1
ZLO4Cnp9jBLiocW4D9XeVRAZ93PHI0Avn7fSt3frNerXWXMCsv7AtKynsetglfi1
krnzhxQ32FlYH8dD0Xn/try6FMcdhpHEPlIMvXHzhrObf3RyUzc4zrqvhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFKkT9iDbDFY3M+5uPuVNEuH4cHcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVXFSUDJJTnNNVmpjejdtNC01VTBTNGZod2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHuD0ZALlmUYTsFc+N1X
euJGRAtiBlnb+y6zgYw2tK1/M6/+T8+TTeiHAozu4aygPdH5YbzhfN0kypZa6GQK
IWMbpjlNiT7PSM0fVEkr0B19HWvRU9rrK3ZVvw537AEg1W3G0WsS6DflXVXqMM1S
UkwpAHulpn1klY7lqLxJ/JvIeIsAMU7qaipaXqeLs8tA6Iz1En5uybHXpUkrievH
iyQ2MmvK5pcEFCkqX0TkWhZEVZnkNNQ6r2Xc0Y1kQMrwys7w5oNIBgglg1Z1lget
ViMKauzuRf2oazCz/ys1fguSvW1JcmkVeU4RTqbcmF7XhZj2kANeJOwdASEw8pHU
S3I=
-----END CERTIFICATE-----
Generated at Thu Jun 12 08:36:13 2025 by rpki-client