Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/X5yywKMgBG0AAuJcTrUAzzaMZ80.roa
File: X5yywKMgBG0AAuJcTrUAzzaMZ80.roa (raw, json)
Hash identifier: w3sylhBuIKljHdTPRACpSUksKpjpGjjtll+UWQgG4NA=
Subject key identifier: 5F:9C:B2:C0:A3:20:04:6D:00:02:E2:5C:4E:B5:00:CF:36:8C:67:CD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2C33B00F1AA1E046E985F643D8D08B68
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/X5yywKMgBG0AAuJcTrUAzzaMZ80.roa
Signing time: Fri 25 Aug 2023 10:18:19 +0000
ROA not before: Fri 25 Aug 2023 10:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:33:b0:0f:1a:a1:e0:46:e9:85:f6:43:d8:d0:8b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 25 10:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f9cb2c0a320046d0002e25c4eb500cf368c67cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8c:8e:ed:e0:1e:34:ad:27:57:7a:96:59:ca:
e1:85:9b:df:76:ee:e2:c6:f2:9b:2a:05:bb:f7:a8:
4a:a8:5c:2a:08:b0:3f:98:e4:a5:88:ca:32:5e:e5:
de:76:94:75:3a:24:74:7f:78:cb:6f:97:58:00:fc:
2d:1b:19:46:4f:59:f4:ce:2d:37:91:09:e5:dd:f4:
1d:de:13:10:ac:b9:c9:33:b0:d4:f8:56:b1:5f:3c:
d5:2e:b7:7b:74:4b:8e:03:72:15:7d:d3:72:13:f8:
64:76:21:65:22:38:02:59:94:37:83:54:f9:b1:b6:
3b:20:70:5c:d1:af:4a:ed:86:87:65:f7:4a:fb:a4:
85:d7:50:0c:ad:19:11:61:b2:9d:ad:4a:c9:98:d2:
bb:b4:72:35:70:07:54:99:09:8f:db:01:07:6a:69:
28:2a:2b:34:f8:09:9e:f2:13:54:22:04:2b:6c:5e:
3c:54:71:60:67:fd:f6:33:fb:fe:7b:e2:a2:4f:1b:
21:02:8f:6d:8d:1d:82:d9:cd:98:e9:b4:70:22:88:
9f:53:36:66:d7:11:b0:dd:00:c4:ea:3f:21:2c:d8:
7e:fa:17:2d:21:36:15:6a:f3:e0:84:a6:4b:a9:4b:
ad:50:f2:ec:4e:0a:90:2b:a0:6e:e4:34:ad:12:f5:
8b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9C:B2:C0:A3:20:04:6D:00:02:E2:5C:4E:B5:00:CF:36:8C:67:CD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/X5yywKMgBG0AAuJcTrUAzzaMZ80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:0f:79:71:3e:90:81:69:d4:91:f4:6e:1b:05:af:fb:ee:6f:
9c:c9:40:5e:25:05:9e:e6:99:16:89:0c:76:ed:f9:5b:c0:21:
e2:e8:b6:32:c1:ba:bc:0c:ff:62:8e:ed:01:b3:6c:12:b6:a0:
8c:e8:89:1a:a5:d5:a2:14:9a:c5:f9:7b:12:bf:82:a3:df:1f:
fc:30:d9:a8:f8:98:9f:9e:c6:b3:b2:83:00:bb:a6:b6:28:b8:
db:fb:09:92:79:ee:01:0d:5d:63:e3:02:0d:e2:72:c4:b2:56:
26:43:5e:22:b9:82:25:b3:11:3f:fa:20:b6:e5:4c:ed:fc:7e:
d7:69:54:ba:46:f7:fd:45:76:18:2b:5c:78:55:6f:1e:78:5d:
f6:e1:4a:96:e3:dd:5b:f2:88:7d:2b:d2:38:80:e1:5f:1d:ea:
44:a9:16:68:7e:44:9b:a7:29:07:cf:68:43:28:c8:3d:ba:88:
5e:4d:59:7a:a1:7a:f2:f7:3f:6d:13:16:e0:07:ea:c5:1a:30:
4e:d8:52:c9:87:09:37:5b:6a:02:78:17:de:4a:4f:58:f5:b5:
ce:90:27:6a:9c:b4:ee:1c:06:0a:3d:24:6b:ce:ff:6b:93:f5:
55:e1:bb:2b:f4:9f:78:2d:27:43:1d:d5:19:66:de:5d:08:7d:
87:63:1f:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYosM7APGqHgRumF9kPY0ItoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI1MTAxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjljYjJjMGEzMjAwNDZkMDAwMmUyNWM0ZWI1MDBjZjM2OGM2N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioyO7eAeNK0nV3qWWcrhhZvfdu7i
xvKbKgW796hKqFwqCLA/mOSliMoyXuXedpR1OiR0f3jLb5dYAPwtGxlGT1n0zi03
kQnl3fQd3hMQrLnJM7DU+FaxXzzVLrd7dEuOA3IVfdNyE/hkdiFlIjgCWZQ3g1T5
sbY7IHBc0a9K7YaHZfdK+6SF11AMrRkRYbKdrUrJmNK7tHI1cAdUmQmP2wEHamko
Kis0+Ame8hNUIgQrbF48VHFgZ/32M/v+e+KiTxshAo9tjR2C2c2Y6bRwIoifUzZm
1xGw3QDE6j8hLNh++hctITYVavPghKZLqUutUPLsTgqQK6Bu5DStEvWLMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF+cssCjIARtAALiXE61AM82jGfNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWDV5eXdLTWdCRzBBQXVKY1RyVUF6emFNWjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADAPeXE+kIFp1JH0bhsF
r/vub5zJQF4lBZ7mmRaJDHbt+VvAIeLotjLBurwM/2KO7QGzbBK2oIzoiRql1aIU
msX5exK/gqPfH/ww2aj4mJ+exrOygwC7prYouNv7CZJ57gENXWPjAg3icsSyViZD
XiK5giWzET/6ILblTO38ftdpVLpG9/1FdhgrXHhVbx54XfbhSpbj3VvyiH0r0jiA
4V8d6kSpFmh+RJunKQfPaEMoyD26iF5NWXqhevL3P20TFuAH6sUaME7YUsmHCTdb
agJ4F95KT1j1tc6QJ2qctO4cBgo9JGvO/2uT9VXhuyv0n3gtJ0Md1Rlm3l0IfYdj
H9Y=
-----END CERTIFICATE-----
Generated at Thu May 1 09:02:33 2025 by rpki-client