Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cui08h5DG1VfHQwsGdus_yqID6Y.roa
File: cui08h5DG1VfHQwsGdus_yqID6Y.roa (raw, json)
Hash identifier: moXvn1HjMFa+7Kn2F2WyD2awARVscgIHoBizdlk/uNY=
Subject key identifier: 72:E8:B4:F2:1E:43:1B:55:5F:1D:0C:2C:19:DB:AC:FF:2A:88:0F:A6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E0B1550D7484E565CB128E5DFF0D906F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cui08h5DG1VfHQwsGdus_yqID6Y.roa
Signing time: Mon 05 Dec 2022 05:10:28 +0000
ROA not before: Mon 05 Dec 2022 05:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e0:b1:55:0d:74:84:e5:65:cb:12:8e:5d:ff:0d:90:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 5 05:10:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72e8b4f21e431b555f1d0c2c19dbacff2a880fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f3:ab:40:39:43:9a:7b:7b:f9:70:45:6e:2c:
9b:08:2b:8a:d3:eb:4a:ac:ac:3c:e8:a8:6a:9d:5d:
65:54:a5:89:04:8d:54:46:c4:ef:43:cb:61:4d:15:
9b:6b:1d:cf:b9:10:01:7a:3b:ce:fc:ac:76:e8:a2:
3a:09:6c:98:13:b5:35:d8:a2:47:63:66:e8:60:9f:
c4:a0:7e:a7:91:43:4e:6a:cf:5c:49:e9:79:12:26:
ea:34:93:87:5b:18:d4:2c:16:28:b5:1b:58:a4:94:
f9:f6:45:79:ed:8b:08:12:a3:47:de:88:e0:cd:a5:
7d:53:a2:1a:68:c2:1b:6a:d9:02:2f:8f:e6:a4:34:
6f:24:7e:7b:51:1a:d7:07:20:0f:f6:fd:a8:2b:b1:
ce:71:8a:b6:56:11:36:94:5a:35:d1:a4:99:3d:22:
51:d3:8e:92:b2:97:4d:4b:e9:28:dd:53:32:e9:74:
d5:79:38:cd:4d:77:4f:73:14:ec:ec:7b:73:2f:8c:
5c:bb:ba:e6:f2:60:6a:a7:c3:90:a3:ce:b9:17:4a:
41:25:bc:22:8e:51:eb:1c:39:3c:35:4a:7d:d7:26:
35:8d:00:04:d0:33:69:8c:1c:61:33:2c:4c:89:12:
76:84:c6:b7:99:a9:31:f8:d0:00:0c:e9:aa:91:b2:
ec:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E8:B4:F2:1E:43:1B:55:5F:1D:0C:2C:19:DB:AC:FF:2A:88:0F:A6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cui08h5DG1VfHQwsGdus_yqID6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:e7:59:9f:dc:25:a2:fb:57:22:d5:a5:85:d8:84:08:d4:cb:
46:15:b3:d4:35:b7:7c:e8:56:46:0d:9c:15:e1:c6:45:68:58:
44:92:19:44:c8:55:98:1e:a9:6f:42:e3:03:d6:6b:ef:7b:99:
f7:16:c4:45:d3:54:b6:95:56:8c:a3:77:f7:a7:7b:df:6d:e5:
60:f0:3a:94:3d:9e:dd:24:5b:43:be:44:62:df:39:d9:5c:40:
c2:32:3b:7b:03:7b:ac:0f:91:1d:00:cd:5f:0e:b3:b0:13:73:
4e:a4:af:fa:68:1d:a7:03:31:01:c9:6c:f3:fe:3f:3f:fb:09:
66:ba:8e:2c:2d:30:4c:37:56:93:01:11:42:7f:32:a0:6d:76:
76:36:8d:14:c7:7a:ff:04:ca:77:30:3f:44:38:88:5a:9c:58:
45:19:42:3c:4a:5f:ef:9b:29:fa:48:9e:9e:43:68:a9:e9:18:
22:98:4b:a7:9e:a1:42:2e:59:de:23:ba:c1:ae:e5:45:c3:a3:
99:13:59:37:ef:1f:08:78:a4:73:17:6a:31:76:f1:a5:4f:b2:
bf:f9:af:5e:70:a6:a9:c0:81:ff:f0:68:8d:9b:c4:d0:5f:73:
df:f6:48:5f:b7:19:8e:89:bc:e4:74:33:2f:bc:db:90:7c:e8:
72:30:d8:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTgsVUNdITlZcsSjl3/DZBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA1MDUxMDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU4YjRmMjFlNDMxYjU1NWYxZDBjMmMxOWRiYWNmZjJhODgwZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfOrQDlDmnt7+XBFbiybCCuK0+tK
rKw86KhqnV1lVKWJBI1URsTvQ8thTRWbax3PuRABejvO/Kx26KI6CWyYE7U12KJH
Y2boYJ/EoH6nkUNOas9cSel5EibqNJOHWxjULBYotRtYpJT59kV57YsIEqNH3ojg
zaV9U6IaaMIbatkCL4/mpDRvJH57URrXByAP9v2oK7HOcYq2VhE2lFo10aSZPSJR
046SspdNS+ko3VMy6XTVeTjNTXdPcxTs7HtzL4xcu7rm8mBqp8OQo865F0pBJbwi
jlHrHDk8NUp91yY1jQAE0DNpjBxhMyxMiRJ2hMa3makx+NAADOmqkbLs+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLotPIeQxtVXx0MLBnbrP8qiA+mMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY3VpMDhoNURHMVZmSFF3c0dkdXNfeXFJRDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKvnWZ/cJaL7VyLVpYXY
hAjUy0YVs9Q1t3zoVkYNnBXhxkVoWESSGUTIVZgeqW9C4wPWa+97mfcWxEXTVLaV
Voyjd/ene99t5WDwOpQ9nt0kW0O+RGLfOdlcQMIyO3sDe6wPkR0AzV8Os7ATc06k
r/poHacDMQHJbPP+Pz/7CWa6jiwtMEw3VpMBEUJ/MqBtdnY2jRTHev8EyncwP0Q4
iFqcWEUZQjxKX++bKfpInp5DaKnpGCKYS6eeoUIuWd4jusGu5UXDo5kTWTfvHwh4
pHMXajF28aVPsr/5r15wpqnAgf/waI2bxNBfc9/2SF+3GY6JvOR0My+825B86HIw
2Pg=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:45:55 2025 by rpki-client