Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XJqsEkt98r7Qnyi49gP8eGypYZI.roa
File: XJqsEkt98r7Qnyi49gP8eGypYZI.roa (raw, json)
Hash identifier: xbnBGOxPo2t3eMbNyEhRjstgGfDcJhE1F+islD9mSgY=
Subject key identifier: 5C:9A:AC:12:4B:7D:F2:BE:D0:9F:28:B8:F6:03:FC:78:6C:A9:61:92
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01858F5AFCF5F4535F0C67AD700B05118FA8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XJqsEkt98r7Qnyi49gP8eGypYZI.roa
Signing time: Sun 08 Jan 2023 03:09:42 +0000
ROA not before: Sun 08 Jan 2023 03:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8f:5a:fc:f5:f4:53:5f:0c:67:ad:70:0b:05:11:8f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 8 03:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c9aac124b7df2bed09f28b8f603fc786ca96192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:03:bd:80:8e:89:57:c9:40:7b:f0:86:75:c2:
ad:d5:cb:95:9a:01:2e:82:b8:95:8c:f7:2c:ab:ee:
fb:bb:3c:51:40:01:61:55:2c:0e:62:11:b2:08:1c:
71:a1:f8:dc:be:0d:b1:04:86:34:66:7c:da:7c:87:
50:f5:32:b2:21:cb:0d:dd:c8:42:61:30:54:fd:e0:
51:37:47:2d:10:64:bb:40:a4:5d:5e:8e:44:64:5b:
ae:9f:43:0b:81:d9:4d:71:31:60:9e:e2:a0:3f:90:
ba:dc:52:0f:08:ae:79:14:38:f7:58:ab:1a:f0:33:
10:8c:54:67:4d:48:de:87:51:50:3c:f9:b4:18:ce:
b3:80:0b:b9:da:f2:7f:99:8d:e6:1d:a1:aa:42:74:
8f:01:ff:ee:7c:5f:70:29:d0:7c:4c:1a:88:45:d2:
97:79:de:06:89:0c:b3:0c:5b:24:0f:da:8f:fc:fe:
7a:f0:68:e7:ce:48:5f:c4:a8:3f:0f:8b:75:e4:ab:
ee:d9:ec:d6:df:7f:8f:b1:5f:49:e5:fa:09:48:8a:
ea:02:6a:e8:65:bd:ac:0c:9b:4a:f8:83:79:62:82:
be:ed:3b:1a:0a:1b:5b:e0:b1:57:49:ef:25:86:6e:
5d:42:54:99:af:42:de:b8:20:25:fa:32:e6:a0:73:
bc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9A:AC:12:4B:7D:F2:BE:D0:9F:28:B8:F6:03:FC:78:6C:A9:61:92
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XJqsEkt98r7Qnyi49gP8eGypYZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:00:07:60:46:16:b8:c8:ba:39:11:20:63:a3:a3:eb:10:5a:
63:bf:64:d0:a1:50:47:38:a5:cc:64:97:62:5f:0b:11:d8:1d:
fd:b0:38:13:97:33:0c:df:af:2a:2c:dd:f2:cd:5f:fc:9f:7c:
70:91:c7:a9:9a:93:8d:5d:91:c7:94:da:9d:e6:0d:05:e5:c1:
c3:0b:22:03:00:2e:34:85:86:53:71:bd:0f:40:f4:35:41:dd:
30:62:e9:89:44:a9:9e:ac:54:de:e4:03:6c:75:c6:b5:ee:e5:
c8:d5:ff:39:47:ba:1c:63:df:d3:22:31:23:80:a7:e2:24:b5:
9d:64:18:c0:2b:8e:ce:ae:79:50:49:8e:ee:00:49:25:2a:70:
9f:21:86:08:58:0c:50:00:ca:20:48:8d:b9:d4:80:0d:c5:ad:
b1:4e:f9:12:75:4b:0e:29:d7:55:cf:2a:84:2f:0a:7d:c6:78:
ad:57:36:8c:32:fa:01:ac:01:f2:90:91:f4:47:5c:80:28:7a:
37:a5:d2:43:15:ed:af:5d:c6:95:ca:70:86:1a:5d:46:62:70:
71:b1:44:55:cb:9f:50:5f:98:36:fb:d9:44:29:eb:79:d0:09:
af:67:3e:35:53:fc:ee:9b:c0:43:43:7c:db:9d:d0:0f:be:ac:
2d:3c:bb:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWPWvz19FNfDGetcAsFEY+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA4MDMwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzlhYWMxMjRiN2RmMmJlZDA5ZjI4YjhmNjAzZmM3ODZjYTk2MTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwO9gI6JV8lAe/CGdcKt1cuVmgEu
griVjPcsq+77uzxRQAFhVSwOYhGyCBxxofjcvg2xBIY0ZnzafIdQ9TKyIcsN3chC
YTBU/eBRN0ctEGS7QKRdXo5EZFuun0MLgdlNcTFgnuKgP5C63FIPCK55FDj3WKsa
8DMQjFRnTUjeh1FQPPm0GM6zgAu52vJ/mY3mHaGqQnSPAf/ufF9wKdB8TBqIRdKX
ed4GiQyzDFskD9qP/P568GjnzkhfxKg/D4t15Kvu2ezW33+PsV9J5foJSIrqAmro
Zb2sDJtK+IN5YoK+7TsaChtb4LFXSe8lhm5dQlSZr0LeuCAl+jLmoHO8EwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFyarBJLffK+0J8ouPYD/HhsqWGSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWEpxc0VrdDk4cjdRbnlpNDlnUDhlR3lwWVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKcAB2BGFrjIujkRIGOj
o+sQWmO/ZNChUEc4pcxkl2JfCxHYHf2wOBOXMwzfryos3fLNX/yffHCRx6mak41d
kceU2p3mDQXlwcMLIgMALjSFhlNxvQ9A9DVB3TBi6YlEqZ6sVN7kA2x1xrXu5cjV
/zlHuhxj39MiMSOAp+IktZ1kGMArjs6ueVBJju4ASSUqcJ8hhghYDFAAyiBIjbnU
gA3FrbFO+RJ1Sw4p11XPKoQvCn3GeK1XNowy+gGsAfKQkfRHXIAoejel0kMV7a9d
xpXKcIYaXUZicHGxRFXLn1BfmDb72UQp63nQCa9nPjVT/O6bwENDfNud0A++rC08
u/E=
-----END CERTIFICATE-----
Generated at Thu May 1 10:34:28 2025 by rpki-client