Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uXKmLDIHOe-ZSyACJ6ovLvwRPwY.roa
File: uXKmLDIHOe-ZSyACJ6ovLvwRPwY.roa (raw, json)
Hash identifier: zwYjOZLN//tW+Io8nJSZ6QflBaNh0mZ42lvzcOjrT1o=
Subject key identifier: B9:72:A6:2C:32:07:39:EF:99:4B:20:02:27:AA:2F:2E:FC:11:3F:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184EBDA44428D9280CF7BA03E91E5850744
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uXKmLDIHOe-ZSyACJ6ovLvwRPwY.roa
Signing time: Wed 07 Dec 2022 09:11:00 +0000
ROA not before: Wed 07 Dec 2022 09:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:da:44:42:8d:92:80:cf:7b:a0:3e:91:e5:85:07:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 7 09:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b972a62c320739ef994b200227aa2f2efc113f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8b:89:ed:fd:7a:37:42:25:79:4e:2d:d2:19:
31:95:89:4c:0c:3d:eb:14:04:47:04:a5:8f:fe:0c:
8a:73:85:a5:ea:02:dc:84:62:ad:f1:b2:36:cb:6b:
75:a9:ef:86:fc:9d:8f:42:43:16:37:48:ce:2f:fc:
93:0b:9d:f7:6a:23:29:ab:7b:2c:a3:e5:d1:e6:82:
c0:8b:ca:9b:b6:3d:cd:93:5e:24:98:65:ae:c5:75:
07:04:4c:d9:b9:e7:4e:7c:88:a2:95:a2:91:76:a4:
71:1a:66:60:92:1e:26:ef:f6:b1:65:8e:ef:49:c9:
d3:4f:1d:4d:91:b1:dd:f4:75:5c:67:19:ab:33:32:
a2:35:ad:0e:7f:c5:82:c2:6a:f8:ec:93:2b:81:2b:
07:8e:9a:3a:3e:10:31:63:1c:37:da:b9:28:51:12:
fc:ed:5b:19:04:59:73:d4:cb:b4:ea:05:b7:4c:48:
10:dd:b0:0d:83:22:0c:47:e1:a1:d8:2d:12:95:aa:
d3:a0:2a:e3:97:ad:c8:29:93:9a:12:80:51:df:99:
1a:16:c7:18:98:24:6c:4b:86:dd:37:2b:a6:4f:58:
ff:f9:bb:7d:8c:99:0d:03:28:8e:dd:87:a4:82:00:
e1:d0:a0:64:7b:42:d8:60:8d:90:46:02:79:c0:43:
11:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:72:A6:2C:32:07:39:EF:99:4B:20:02:27:AA:2F:2E:FC:11:3F:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/uXKmLDIHOe-ZSyACJ6ovLvwRPwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:a5:0e:8e:33:6f:05:13:62:fd:63:e3:49:af:27:a9:bd:68:
92:9f:ae:c0:c1:4f:3f:e9:69:15:f7:ef:c4:a1:57:ca:ca:49:
ec:44:3c:84:8d:3e:c6:28:ff:28:03:37:fd:3a:0d:b6:0d:a4:
8e:db:a3:32:2a:fa:01:97:ca:b5:91:c9:06:97:18:f7:79:94:
22:9c:14:3c:90:d1:1c:be:f4:ec:55:e2:7b:fc:e0:bb:da:fe:
23:d2:28:81:1c:11:d7:c8:c8:8b:0e:13:ca:ce:ab:88:93:24:
18:24:54:fe:e5:90:89:12:08:c3:55:57:af:6d:74:3e:e0:a5:
a9:3d:06:cf:e1:6b:f6:88:87:95:20:c2:5b:8d:72:f2:c8:db:
47:e3:96:fa:01:df:7c:86:03:71:9d:2a:93:b8:4b:6c:ec:5f:
a6:99:54:82:6c:80:24:2c:c0:22:1e:af:87:a7:a9:a5:31:40:
8f:ab:73:e5:e7:fd:a2:07:c7:9e:4a:03:c7:53:4f:a0:16:d9:
20:a0:ff:e5:7d:10:77:40:db:12:23:85:3f:79:47:a0:bb:e4:
28:5b:e7:bf:2a:b1:3c:17:c1:ee:ed:37:24:74:5e:06:c0:02:
f8:46:bd:bf:52:72:54:9a:94:47:5a:aa:ce:51:e6:20:69:84:
3d:91:94:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTr2kRCjZKAz3ugPpHlhQdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA3MDkxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTcyYTYyYzMyMDczOWVmOTk0YjIwMDIyN2FhMmYyZWZjMTEzZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIuJ7f16N0IleU4t0hkxlYlMDD3r
FARHBKWP/gyKc4Wl6gLchGKt8bI2y2t1qe+G/J2PQkMWN0jOL/yTC533aiMpq3ss
o+XR5oLAi8qbtj3Nk14kmGWuxXUHBEzZuedOfIiilaKRdqRxGmZgkh4m7/axZY7v
ScnTTx1NkbHd9HVcZxmrMzKiNa0Of8WCwmr47JMrgSsHjpo6PhAxYxw32rkoURL8
7VsZBFlz1Mu06gW3TEgQ3bANgyIMR+Gh2C0SlarToCrjl63IKZOaEoBR35kaFscY
mCRsS4bdNyumT1j/+bt9jJkNAyiO3YekggDh0KBke0LYYI2QRgJ5wEMRKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLlypiwyBznvmUsgAieqLy78ET8GMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdVhLbUxESUhPZS1aU3lBQ0o2b3ZMdndSUHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK6lDo4zbwUTYv1j40mv
J6m9aJKfrsDBTz/paRX378ShV8rKSexEPISNPsYo/ygDN/06DbYNpI7bozIq+gGX
yrWRyQaXGPd5lCKcFDyQ0Ry+9OxV4nv84Lva/iPSKIEcEdfIyIsOE8rOq4iTJBgk
VP7lkIkSCMNVV69tdD7gpak9Bs/ha/aIh5UgwluNcvLI20fjlvoB33yGA3GdKpO4
S2zsX6aZVIJsgCQswCIer4enqaUxQI+rc+Xn/aIHx55KA8dTT6AW2SCg/+V9EHdA
2xIjhT95R6C75Chb578qsTwXwe7tNyR0XgbAAvhGvb9SclSalEdaqs5R5iBphD2R
lEs=
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:26:29 2025 by rpki-client