Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RXFGvGVKUcd8ADFMb0ucp4aWL_s.roa
File: RXFGvGVKUcd8ADFMb0ucp4aWL_s.roa (raw, json)
Hash identifier: vLFn4rMmpKo7E0m1FDJjbmlaM28nmZO4lp5OIqdmf1Y=
Subject key identifier: 45:71:46:BC:65:4A:51:C7:7C:00:31:4C:6F:4B:9C:A7:86:96:2F:FB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869BD271E4A02734EE6BC405C4C804F17E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RXFGvGVKUcd8ADFMb0ucp4aWL_s.roa
Signing time: Wed 01 Mar 2023 06:18:25 +0000
ROA not before: Wed 01 Mar 2023 06:18:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:d2:71:e4:a0:27:34:ee:6b:c4:05:c4:c8:04:f1:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 06:18:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=457146bc654a51c77c00314c6f4b9ca786962ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:45:c4:18:85:61:3a:21:d2:1b:5d:14:96:80:
93:fc:d0:3f:8b:77:f9:cf:a3:46:df:03:51:a3:09:
90:33:ef:94:fe:dc:38:f5:c9:ae:a0:c0:ae:cd:b2:
d8:67:f2:43:61:1c:61:05:7f:ab:55:59:ef:9e:39:
a9:03:77:53:f4:97:2a:2b:e4:18:49:49:ee:ef:64:
e3:62:e7:5d:db:ed:11:cf:89:88:1b:ca:fa:e7:af:
68:23:3a:55:23:73:6c:07:f2:c7:83:aa:a9:10:70:
04:d7:52:57:bf:90:ce:19:b1:73:5f:31:75:81:b1:
f6:e5:22:bc:26:c2:46:de:13:8d:e6:f4:79:5d:49:
de:88:dd:71:da:4a:a0:d1:17:15:37:16:66:53:de:
da:49:e3:8c:c6:53:3e:5a:0d:5b:2d:3b:14:2b:c7:
cc:82:94:b4:27:da:5d:96:06:e0:1d:27:1f:73:f9:
c8:38:fa:cc:92:77:e1:fd:c7:f0:4b:22:78:06:5b:
96:9c:7f:01:f1:80:9a:45:c4:7a:35:d3:e8:22:80:
a6:30:d3:b4:c6:d3:48:b5:7d:20:5b:b4:df:a7:17:
52:38:40:5a:bf:4b:80:d0:93:b1:ac:00:c7:57:57:
9a:67:2f:85:b5:92:fd:fa:69:8e:78:36:23:48:0a:
87:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:71:46:BC:65:4A:51:C7:7C:00:31:4C:6F:4B:9C:A7:86:96:2F:FB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RXFGvGVKUcd8ADFMb0ucp4aWL_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
aa:2b:d9:59:0a:1d:b7:e1:f5:a2:71:2e:8c:b1:43:65:b6:f5:
cf:25:2b:cd:f5:d3:16:3d:f4:f9:af:c3:a1:98:6e:b7:02:e4:
b0:dc:25:e1:d1:bd:18:fe:b2:3e:b9:38:fc:6f:4e:44:a0:b6:
ac:7e:6a:68:b6:d2:c6:ce:78:fb:9c:53:50:ba:c3:88:0d:af:
72:1c:10:3d:08:ae:58:8d:7f:23:0e:3c:bf:42:3d:3a:6b:36:
81:31:db:91:43:47:2b:ea:56:23:be:80:ff:5a:62:18:88:63:
0a:3d:15:3d:c8:fa:79:76:53:99:c7:14:13:db:5b:c5:c4:18:
db:52:29:33:89:e5:c4:db:09:d0:d1:86:0c:6c:74:6f:a8:75:
a5:7d:f8:0d:c2:1e:da:ec:3e:e2:2b:60:37:c4:92:51:b3:7c:
a7:a0:b8:ea:18:32:05:9e:e7:d3:1c:8b:20:6d:4f:fe:2c:b5:
2a:64:c4:15:9b:82:a8:3d:e2:7c:ff:9a:ee:9f:17:bb:4d:9b:
4f:70:46:52:ba:3b:53:f9:05:bf:bb:c9:f7:09:15:8b:7e:cf:
3c:21:6b:38:e7:f8:f2:04:95:8b:22:12:29:b6:be:f7:f9:16:
08:44:ca:fa:32:bb:05:66:89:ce:52:be:95:35:48:24:97:d5:
24:be:d1:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYab0nHkoCc07mvEBcTIBPF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMDYxODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTcxNDZiYzY1NGE1MWM3N2MwMDMxNGM2ZjRiOWNhNzg2OTYyZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUXEGIVhOiHSG10UloCT/NA/i3f5
z6NG3wNRowmQM++U/tw49cmuoMCuzbLYZ/JDYRxhBX+rVVnvnjmpA3dT9JcqK+QY
SUnu72TjYudd2+0Rz4mIG8r6569oIzpVI3NsB/LHg6qpEHAE11JXv5DOGbFzXzF1
gbH25SK8JsJG3hON5vR5XUneiN1x2kqg0RcVNxZmU97aSeOMxlM+Wg1bLTsUK8fM
gpS0J9pdlgbgHScfc/nIOPrMknfh/cfwSyJ4BluWnH8B8YCaRcR6NdPoIoCmMNO0
xtNItX0gW7TfpxdSOEBav0uA0JOxrADHV1eaZy+FtZL9+mmOeDYjSAqHLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEVxRrxlSlHHfAAxTG9LnKeGli/7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUlhGR3ZHVktVY2Q4QURGTWIwdWNwNGFXTF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKor2VkKHbfh9aJxLoyx
Q2W29c8lK8310xY99Pmvw6GYbrcC5LDcJeHRvRj+sj65OPxvTkSgtqx+ami20sbO
ePucU1C6w4gNr3IcED0IrliNfyMOPL9CPTprNoEx25FDRyvqViO+gP9aYhiIYwo9
FT3I+nl2U5nHFBPbW8XEGNtSKTOJ5cTbCdDRhgxsdG+odaV9+A3CHtrsPuIrYDfE
klGzfKeguOoYMgWe59MciyBtT/4stSpkxBWbgqg94nz/mu6fF7tNm09wRlK6O1P5
Bb+7yfcJFYt+zzwhazjn+PIElYsiEim2vvf5FghEyvoyuwVmic5SvpU1SCSX1SS+
0eY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:45:18 2025 by rpki-client