Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XPuKkndBkUDTvmlKR4zIiuu9XMQ.roa
File: XPuKkndBkUDTvmlKR4zIiuu9XMQ.roa (raw, json)
Hash identifier: Wz+Wtev6/DMabHzBrYSh1wp+6A+l73CannJBbJwUrdo=
Subject key identifier: 5C:FB:8A:92:77:41:91:40:D3:BE:69:4A:47:8C:C8:8A:EB:BD:5C:C4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B1A87C73E81A051C5B51DC96355F8F4F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XPuKkndBkUDTvmlKR4zIiuu9XMQ.roa
Signing time: Tue 01 Aug 2023 15:12:36 +0000
ROA not before: Tue 01 Aug 2023 15:12:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:a8:7c:73:e8:1a:05:1c:5b:51:dc:96:35:5f:8f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 1 15:12:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cfb8a9277419140d3be694a478cc88aebbd5cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e6:18:35:70:3a:75:cd:e5:f6:0b:4d:15:15:
5a:24:15:0d:4c:df:87:20:d9:f2:3a:c8:10:9e:b7:
2a:c4:8e:6b:4c:82:30:cc:41:db:d8:cd:a3:bd:05:
ca:20:d1:93:47:2e:97:55:3f:4b:79:df:54:70:79:
d3:5b:e5:1d:9b:7a:58:3c:83:8c:5e:86:e4:16:a6:
1c:f9:e8:d3:eb:b1:04:f9:90:f7:43:18:43:eb:70:
ae:37:59:8e:bb:8b:4e:e4:10:3e:6a:c8:82:3b:49:
be:21:81:86:6b:83:d4:a8:48:10:2d:97:a6:1f:05:
42:73:54:fd:7e:74:1d:40:0c:d7:80:36:35:9d:4d:
97:9b:8b:d0:e0:50:fd:b7:73:6d:50:f7:5a:33:58:
92:9c:4f:76:ae:5f:84:98:53:47:7d:48:7b:e3:b0:
9f:b8:05:72:8e:d8:9c:72:be:6d:7d:ca:36:d8:61:
64:5c:7f:44:76:63:19:6e:9e:4e:ca:37:18:8e:14:
2d:f2:4f:ba:02:78:a1:a1:bb:96:4c:03:cf:77:e3:
f4:d1:d0:44:bf:60:ec:92:76:5d:ba:5b:bf:07:2e:
ed:7f:11:ea:40:d3:de:6f:93:b7:3f:63:49:3e:82:
d7:f7:4f:96:17:42:cd:44:d9:01:13:3f:d0:c7:70:
a1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FB:8A:92:77:41:91:40:D3:BE:69:4A:47:8C:C8:8A:EB:BD:5C:C4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XPuKkndBkUDTvmlKR4zIiuu9XMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:47:d6:b6:dc:bc:36:5d:96:ef:c5:1f:28:85:bb:ed:ee:d9:
39:c4:de:f6:3f:90:3d:17:88:26:9c:77:38:6b:80:48:57:95:
54:df:3e:37:af:88:7a:de:00:ba:0a:4b:3b:c8:a1:01:27:8a:
7e:b8:87:8c:80:3d:e8:cf:7c:f3:32:25:04:cc:a1:9d:b4:35:
74:54:8c:b2:02:74:2a:75:97:de:a0:b9:f0:05:84:07:31:d1:
cd:05:ec:a2:ff:de:01:34:10:ce:d8:8c:ca:52:35:89:a9:cd:
46:e4:7f:74:55:20:8a:23:cb:f5:7e:4b:37:81:00:3f:d5:45:
46:e8:12:3e:71:7a:59:97:25:e4:2b:51:42:c6:58:e6:26:65:
d6:c6:83:be:c7:9a:aa:84:94:03:16:66:86:92:ae:4f:40:bb:
b8:b8:e2:2f:66:0b:8a:f3:8b:9c:4b:df:f8:85:78:eb:4a:da:
52:32:1f:8a:c8:e4:dc:76:b2:62:8a:1d:ac:a2:da:2a:44:1a:
36:cd:80:c5:16:ec:7d:18:a4:f4:4f:7d:0c:1b:e9:68:bd:8f:
4b:65:cd:59:b4:eb:f5:bc:46:e4:bc:71:c5:d9:86:88:b0:fe:
f5:b3:48:46:ad:56:4d:82:12:c8:91:b0:bf:04:b1:ef:9c:9a:
d7:02:51:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmxqHxz6BoFHFtR3JY1X49PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAxMTUxMjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZiOGE5Mjc3NDE5MTQwZDNiZTY5NGE0NzhjYzg4YWViYmQ1Y2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheYYNXA6dc3l9gtNFRVaJBUNTN+H
INnyOsgQnrcqxI5rTIIwzEHb2M2jvQXKINGTRy6XVT9Led9UcHnTW+Udm3pYPIOM
XobkFqYc+ejT67EE+ZD3QxhD63CuN1mOu4tO5BA+asiCO0m+IYGGa4PUqEgQLZem
HwVCc1T9fnQdQAzXgDY1nU2Xm4vQ4FD9t3NtUPdaM1iSnE92rl+EmFNHfUh747Cf
uAVyjticcr5tfco22GFkXH9EdmMZbp5OyjcYjhQt8k+6AnihobuWTAPPd+P00dBE
v2DsknZdulu/By7tfxHqQNPeb5O3P2NJPoLX90+WF0LNRNkBEz/Qx3ChBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFz7ipJ3QZFA075pSkeMyIrrvVzEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWFB1S2tuZEJrVURUdm1sS1I0eklpdXU5WE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAABH1rbcvDZdlu/FHyiF
u+3u2TnE3vY/kD0XiCacdzhrgEhXlVTfPjeviHreALoKSzvIoQEnin64h4yAPejP
fPMyJQTMoZ20NXRUjLICdCp1l96gufAFhAcx0c0F7KL/3gE0EM7YjMpSNYmpzUbk
f3RVIIojy/V+SzeBAD/VRUboEj5xelmXJeQrUULGWOYmZdbGg77HmqqElAMWZoaS
rk9Au7i44i9mC4rzi5xL3/iFeOtK2lIyH4rI5Nx2smKKHayi2ipEGjbNgMUW7H0Y
pPRPfQwb6Wi9j0tlzVm06/W8RuS8ccXZhoiw/vWzSEatVk2CEsiRsL8Ese+cmtcC
UX4=
-----END CERTIFICATE-----
Generated at Thu May 1 00:29:03 2025 by rpki-client