Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXlYj5IL-7WcURSZEJITaZbB2IU.roa
File: NXlYj5IL-7WcURSZEJITaZbB2IU.roa (raw, json)
Hash identifier: V1xRM6dM9mtoGjbzBFdgiNZtKYMUVDPqXhVcaQjM7Js=
Subject key identifier: 35:79:58:8F:92:0B:FB:B5:9C:51:14:99:10:92:13:69:96:C1:D8:85
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187FA9B76E58DD87297E5C811470D923982
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXlYj5IL-7WcURSZEJITaZbB2IU.roa
Signing time: Mon 08 May 2023 09:05:05 +0000
ROA not before: Mon 08 May 2023 09:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:9b:76:e5:8d:d8:72:97:e5:c8:11:47:0d:92:39:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 8 09:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3579588f920bfbb59c5114991092136996c1d885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bf:a5:82:bc:8b:21:3c:6b:0d:66:02:92:b3:
58:e3:59:e2:e4:9c:a5:38:56:b5:61:e8:0e:e2:c5:
3c:41:23:19:3d:b6:98:6c:b4:29:db:ca:39:8c:d4:
14:64:b2:be:1d:a4:65:4a:b7:00:b2:8c:70:b9:ea:
f6:63:15:8f:f4:f8:6c:5c:38:fb:44:7f:54:c3:aa:
ad:01:24:a6:f0:a6:6b:b8:35:b9:32:5e:f1:01:84:
f7:a2:aa:c4:05:bd:41:39:92:ab:53:19:da:95:8a:
77:2d:4a:60:2b:dd:78:27:96:76:8f:75:3e:7f:42:
f4:5e:ef:77:01:a3:6c:a5:aa:aa:dd:d9:6e:66:ea:
ab:80:3e:f8:6f:71:a0:0e:bf:e0:03:8f:7a:e6:7d:
42:bd:18:ba:bc:56:a4:4d:65:45:53:4b:e0:d3:47:
46:db:dc:63:a9:32:f7:c2:bf:4d:a6:e8:be:ac:4a:
83:4c:ee:10:3e:66:6c:0b:6f:20:9a:23:f5:de:f1:
10:06:7d:a6:c8:59:bd:55:39:84:e3:55:2e:1d:1c:
e8:0d:ae:62:63:32:2e:c6:28:a3:d9:f8:eb:03:32:
f5:3c:71:2c:39:3b:c1:c1:fc:29:38:8e:ce:47:cf:
c7:db:66:98:43:ac:0b:69:6b:6c:f5:b9:c5:25:f8:
cc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:79:58:8F:92:0B:FB:B5:9C:51:14:99:10:92:13:69:96:C1:D8:85
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXlYj5IL-7WcURSZEJITaZbB2IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:25:21:84:49:e8:57:60:93:af:0f:74:13:1c:e3:bb:fd:ff:
cf:70:2f:d9:b9:6b:24:63:dd:73:57:c3:c3:b5:fc:a2:d2:24:
ac:29:19:a7:20:12:6f:de:9f:0d:2d:ac:8f:2a:74:26:d9:9e:
10:f4:2a:2f:06:ac:a3:af:7b:eb:5a:0e:44:4a:05:ef:93:6f:
92:0e:35:d4:f3:5f:54:31:2e:d3:00:ab:af:12:28:72:94:b9:
d3:52:b7:10:cc:37:b5:62:95:57:d3:19:19:79:e7:eb:09:be:
ba:6c:19:86:f7:af:7a:08:f4:ae:94:39:04:52:2f:90:82:48:
b4:5c:78:c6:03:4c:f3:fe:99:b2:28:d9:5a:c5:85:6e:e9:5f:
ad:07:e1:35:53:ec:46:60:da:6f:8b:40:c5:3c:c0:82:a4:1d:
b8:8b:17:2a:4a:50:34:f5:0c:c4:dc:e0:17:36:77:37:07:15:
42:4a:87:86:64:80:39:bd:06:d9:6d:41:e5:11:bd:56:c8:1a:
fc:23:22:ea:17:1d:05:32:c0:9c:df:68:31:9d:b7:a8:18:38:
9e:e1:53:f0:f5:07:c0:14:65:09:c0:e2:70:c7:cc:73:9d:d5:
2b:5e:bf:94:3d:54:0c:66:4b:05:96:94:e4:f3:f5:a5:8a:e4:
a8:aa:33:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYf6m3bljdhyl+XIEUcNkjmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA4MDkwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc5NTg4ZjkyMGJmYmI1OWM1MTE0OTkxMDkyMTM2OTk2YzFkODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr+lgryLITxrDWYCkrNY41ni5Jyl
OFa1YegO4sU8QSMZPbaYbLQp28o5jNQUZLK+HaRlSrcAsoxwuer2YxWP9PhsXDj7
RH9Uw6qtASSm8KZruDW5Ml7xAYT3oqrEBb1BOZKrUxnalYp3LUpgK914J5Z2j3U+
f0L0Xu93AaNspaqq3dluZuqrgD74b3GgDr/gA4965n1CvRi6vFakTWVFU0vg00dG
29xjqTL3wr9Npui+rEqDTO4QPmZsC28gmiP13vEQBn2myFm9VTmE41UuHRzoDa5i
YzIuxiij2fjrAzL1PHEsOTvBwfwpOI7OR8/H22aYQ6wLaWts9bnFJfjMvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDV5WI+SC/u1nFEUmRCSE2mWwdiFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTlhsWWo1SUwtN1djVVJTWkVKSVRhWmJCMklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ4lIYRJ6Fdgk68PdBMc
47v9/89wL9m5ayRj3XNXw8O1/KLSJKwpGacgEm/enw0trI8qdCbZnhD0Ki8GrKOv
e+taDkRKBe+Tb5IONdTzX1QxLtMAq68SKHKUudNStxDMN7VilVfTGRl55+sJvrps
GYb3r3oI9K6UOQRSL5CCSLRceMYDTPP+mbIo2VrFhW7pX60H4TVT7EZg2m+LQMU8
wIKkHbiLFypKUDT1DMTc4Bc2dzcHFUJKh4ZkgDm9BtltQeURvVbIGvwjIuoXHQUy
wJzfaDGdt6gYOJ7hU/D1B8AUZQnA4nDHzHOd1Stev5Q9VAxmSwWWlOTz9aWK5Kiq
M3E=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:42:45 2025 by rpki-client