Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4XfTUoTCM511TDaARLv8t_udAcU.roa
File: 4XfTUoTCM511TDaARLv8t_udAcU.roa (raw, json)
Hash identifier: TXVb6EhGui3mUDi7BDG10w27gukOEeG7Dc271WaOEIQ=
Subject key identifier: E1:77:D3:52:84:C2:33:9D:75:4C:36:80:44:BB:FC:B7:FB:9D:01:C5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188872E3425F79405AB96203AA95AE18D67
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4XfTUoTCM511TDaARLv8t_udAcU.roa
Signing time: Sun 04 Jun 2023 16:12:12 +0000
ROA not before: Sun 04 Jun 2023 16:12:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:87:2e:34:25:f7:94:05:ab:96:20:3a:a9:5a:e1:8d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 4 16:12:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e177d35284c2339d754c368044bbfcb7fb9d01c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b2:1c:d7:80:13:0a:1b:d7:9c:b2:14:9e:99:
e2:53:cc:9f:26:cd:70:c5:97:5a:89:cd:62:28:f4:
41:a4:c5:84:96:71:8c:c8:a0:2b:e5:68:99:07:a0:
9c:9f:a1:75:3f:9c:bf:4a:78:c0:a8:3c:b3:96:30:
79:a3:14:f6:c1:43:95:bd:0b:b8:46:2f:6d:a1:e8:
83:d8:77:f3:50:7f:0f:31:a8:b7:6b:64:6a:5f:55:
19:3e:f3:d0:cb:85:4c:f1:d2:4c:f3:14:38:ae:1f:
78:b7:cd:4d:e6:47:72:b4:0d:b6:de:4a:a9:54:64:
87:4b:8a:3c:88:e2:83:cb:0d:a4:bf:f0:46:b3:eb:
bb:16:d8:eb:d8:7c:99:ba:bd:b1:1e:03:91:87:c6:
f3:43:42:13:92:c9:89:3e:5d:74:a4:38:29:88:0d:
60:e1:d7:96:56:42:17:3a:1f:4f:de:ba:6d:27:1b:
e8:8d:10:bd:19:49:f2:62:02:56:60:61:2f:c3:ca:
f0:45:e3:71:2a:ef:f6:0f:c5:1e:4c:c8:e6:db:57:
64:56:85:ec:46:19:2f:ce:11:ec:e2:99:ee:13:47:
1a:55:1e:38:fe:12:4a:7a:e0:f1:71:11:a6:8b:1d:
95:8c:e3:6d:e3:07:f2:f7:ce:40:75:94:b7:a5:c2:
cb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:77:D3:52:84:C2:33:9D:75:4C:36:80:44:BB:FC:B7:FB:9D:01:C5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4XfTUoTCM511TDaARLv8t_udAcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:58:62:a2:29:ff:d4:86:cc:e9:8e:ad:20:2f:13:b8:06:45:
3c:4a:a4:ef:8d:82:72:ba:e8:66:29:79:99:01:bd:f1:6b:33:
45:56:65:29:e7:60:c7:cc:ee:42:17:bd:f0:e4:92:d1:03:0c:
5e:ce:49:e5:9a:56:1d:90:9f:db:04:ed:16:bf:8a:1e:a2:a2:
c5:0c:86:c6:16:d0:14:24:ed:67:e2:06:22:d5:f5:fd:d6:4b:
df:a7:04:b9:6b:a4:70:2b:4b:90:2b:9d:72:4e:b9:3d:bf:c7:
2e:41:e5:1b:43:f7:d4:1f:61:f5:48:6d:47:1c:b9:86:63:b0:
ba:8e:09:f1:f7:bc:75:13:c8:8f:1f:9a:24:ce:63:09:3d:a4:
5a:a5:c6:ba:73:b1:0b:b7:ab:22:49:8e:62:74:ee:9f:8f:98:
26:67:dd:6a:82:b9:c9:ae:10:92:25:25:16:2f:54:39:df:c6:
b1:23:74:df:b3:43:16:95:05:0f:ee:48:d6:c2:c9:e5:92:12:
f8:7d:08:9c:d5:07:81:75:51:dc:0d:80:86:ca:34:f9:a4:e8:
c7:44:7c:90:3f:d5:93:2e:84:e0:75:31:02:a0:5a:e6:0e:27:
43:4b:ff:66:5e:8c:74:3a:ab:b4:c8:32:7a:52:fb:1e:e7:9e:
2a:02:c5:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiHLjQl95QFq5YgOqla4Y1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA0MTYxMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc3ZDM1Mjg0YzIzMzlkNzU0YzM2ODA0NGJiZmNiN2ZiOWQwMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbIc14ATChvXnLIUnpniU8yfJs1w
xZdaic1iKPRBpMWElnGMyKAr5WiZB6Ccn6F1P5y/SnjAqDyzljB5oxT2wUOVvQu4
Ri9toeiD2HfzUH8PMai3a2RqX1UZPvPQy4VM8dJM8xQ4rh94t81N5kdytA223kqp
VGSHS4o8iOKDyw2kv/BGs+u7Ftjr2HyZur2xHgORh8bzQ0ITksmJPl10pDgpiA1g
4deWVkIXOh9P3rptJxvojRC9GUnyYgJWYGEvw8rwReNxKu/2D8UeTMjm21dkVoXs
RhkvzhHs4pnuE0caVR44/hJKeuDxcRGmix2VjONt4wfy985AdZS3pcLLGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOF301KEwjOddUw2gES7/Lf7nQHFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNFhmVFVvVENNNTExVERhQVJMdjh0X3VkQWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC9YYqIp/9SGzOmOrSAv
E7gGRTxKpO+NgnK66GYpeZkBvfFrM0VWZSnnYMfM7kIXvfDkktEDDF7OSeWaVh2Q
n9sE7Ra/ih6iosUMhsYW0BQk7WfiBiLV9f3WS9+nBLlrpHArS5ArnXJOuT2/xy5B
5RtD99QfYfVIbUccuYZjsLqOCfH3vHUTyI8fmiTOYwk9pFqlxrpzsQu3qyJJjmJ0
7p+PmCZn3WqCucmuEJIlJRYvVDnfxrEjdN+zQxaVBQ/uSNbCyeWSEvh9CJzVB4F1
UdwNgIbKNPmk6MdEfJA/1ZMuhOB1MQKgWuYOJ0NL/2ZejHQ6q7TIMnpS+x7nnioC
xTA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:08:49 2025 by rpki-client