Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XGWfwq2JGeNyNdl8dB_3d3D164Q.roa
File: XGWfwq2JGeNyNdl8dB_3d3D164Q.roa (raw, json)
Hash identifier: ePBYtqItGeA4HZ5hZNYuXCqUxFF9YAu2BRUFDvnrmQA=
Subject key identifier: 5C:65:9F:C2:AD:89:19:E3:72:35:D9:7C:74:1F:F7:77:70:F5:EB:84
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185B8FB811FFF0A30D20BD2341EB3C4ACDC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XGWfwq2JGeNyNdl8dB_3d3D164Q.roa
Signing time: Mon 16 Jan 2023 05:09:28 +0000
ROA not before: Mon 16 Jan 2023 05:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b8:fb:81:1f:ff:0a:30:d2:0b:d2:34:1e:b3:c4:ac:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 16 05:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c659fc2ad8919e37235d97c741ff77770f5eb84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b8:24:43:32:36:6c:03:5d:c0:6b:cc:6e:e8:
fd:03:f8:8b:17:c7:ae:ec:e4:62:22:47:46:c4:09:
06:bb:83:00:fc:8b:cd:21:3e:b3:76:c6:86:e5:e7:
af:14:0c:5b:49:82:fb:2f:81:fb:76:c9:d4:9f:c9:
c8:c9:96:56:75:a3:a4:f0:33:56:ca:87:7d:6b:23:
bc:81:2e:ee:47:64:a4:e0:be:c7:0d:6c:af:cd:f0:
b7:c3:b1:e0:91:dc:3c:3b:7e:bb:9d:5c:19:1c:56:
c9:aa:40:a2:84:1b:eb:ad:86:60:e0:f4:20:22:76:
b2:c3:f6:a5:ec:b4:df:02:2c:57:6e:f9:c8:87:10:
b9:3f:d7:49:ac:86:75:f7:93:45:d9:57:52:dc:f1:
35:92:52:f5:9c:cf:28:0a:cb:37:2e:87:ce:fc:bc:
8b:b6:df:ca:57:86:13:38:91:12:52:14:eb:72:59:
d1:0d:e6:4f:c8:f1:52:4b:f1:a7:23:0f:90:e1:7f:
df:d5:fa:8a:c4:a4:fe:21:c7:3d:4d:64:73:95:61:
38:6e:78:2f:37:48:b9:1a:c9:b2:69:5f:ef:22:05:
42:a5:33:66:34:53:93:63:54:db:b9:d6:62:d4:c2:
46:cf:2f:66:b3:04:81:17:51:8a:98:f5:43:e9:02:
fc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:65:9F:C2:AD:89:19:E3:72:35:D9:7C:74:1F:F7:77:70:F5:EB:84
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XGWfwq2JGeNyNdl8dB_3d3D164Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:83:97:09:79:1e:5a:07:a4:51:a5:35:d7:90:38:f0:16:f9:
9d:61:f4:8e:2c:a9:a7:4c:e0:8b:04:fe:84:b5:91:3f:d7:23:
6f:9c:f8:2f:67:69:a0:95:aa:20:83:46:06:b0:7a:2d:5a:83:
be:eb:18:22:3e:0e:f2:66:d6:4d:8d:0f:cb:27:b8:cf:bb:ce:
b8:4a:e9:bb:23:8f:d1:d0:2e:ea:2b:03:2b:3c:37:91:09:57:
71:1e:16:55:23:6a:a5:c9:73:32:c0:bd:02:1a:83:9d:3c:68:
40:e6:ff:25:e3:f1:fd:8d:37:8a:c9:ea:41:7c:7a:a0:3f:d3:
19:ef:8a:7e:df:4b:3b:b7:2b:66:9a:45:d2:5e:31:7a:91:62:
41:10:b9:81:0d:c2:a9:29:26:d0:74:f2:48:96:19:81:99:df:
87:de:dd:e9:db:fe:d3:5e:06:46:bb:f1:6f:cb:b4:f8:d9:72:
7a:8d:d5:26:d6:9c:68:14:65:75:0f:31:f2:e5:22:81:b6:79:
9a:07:2a:47:ad:72:ef:61:2a:8b:36:02:ae:14:c5:75:d7:b3:
a5:15:91:05:ee:fe:8a:b1:d5:df:32:6d:85:23:05:2f:e2:8c:
f3:8e:02:ef:90:22:58:93:db:20:df:d7:4f:cc:2f:b7:1c:a1:
56:9a:c4:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYW4+4Ef/wow0gvSNB6zxKzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE2MDUwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY1OWZjMmFkODkxOWUzNzIzNWQ5N2M3NDFmZjc3NzcwZjVlYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrgkQzI2bANdwGvMbuj9A/iLF8eu
7ORiIkdGxAkGu4MA/IvNIT6zdsaG5eevFAxbSYL7L4H7dsnUn8nIyZZWdaOk8DNW
yod9ayO8gS7uR2Sk4L7HDWyvzfC3w7Hgkdw8O367nVwZHFbJqkCihBvrrYZg4PQg
Inayw/al7LTfAixXbvnIhxC5P9dJrIZ195NF2VdS3PE1klL1nM8oCss3LofO/LyL
tt/KV4YTOJESUhTrclnRDeZPyPFSS/GnIw+Q4X/f1fqKxKT+Icc9TWRzlWE4bngv
N0i5GsmyaV/vIgVCpTNmNFOTY1TbudZi1MJGzy9mswSBF1GKmPVD6QL8cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFxln8KtiRnjcjXZfHQf93dw9euEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWEdXZndxMkpHZU55TmRsOGRCXzNkM0QxNjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADeDlwl5HloHpFGlNdeQ
OPAW+Z1h9I4sqadM4IsE/oS1kT/XI2+c+C9naaCVqiCDRgawei1ag77rGCI+DvJm
1k2ND8snuM+7zrhK6bsjj9HQLuorAys8N5EJV3EeFlUjaqXJczLAvQIag508aEDm
/yXj8f2NN4rJ6kF8eqA/0xnvin7fSzu3K2aaRdJeMXqRYkEQuYENwqkpJtB08kiW
GYGZ34fe3enb/tNeBka78W/LtPjZcnqN1SbWnGgUZXUPMfLlIoG2eZoHKketcu9h
Kos2Aq4UxXXXs6UVkQXu/oqx1d8ybYUjBS/ijPOOAu+QIliT2yDf10/ML7ccoVaa
xHc=
-----END CERTIFICATE-----
Generated at Thu May 1 04:28:44 2025 by rpki-client