Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XTrmOGl_75dnpNYGNbXXSnJnb2k.roa
File: XTrmOGl_75dnpNYGNbXXSnJnb2k.roa (raw, json)
Hash identifier: ULF1QsdZr4zNqIUk2JdB1G1Pk5LMxE1TqnxJicO8E/k=
Subject key identifier: 5D:3A:E6:38:69:7F:EF:97:67:A4:D6:06:35:B5:D7:4A:72:67:6F:69
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8075BA7F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XTrmOGl_75dnpNYGNbXXSnJnb2k.roa
Signing time: Mon 02 May 2022 14:13:27 +0000
ROA not before: Mon 02 May 2022 14:13:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2155199103 (0x8075ba7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 2 14:13:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d3ae638697fef9767a4d60635b5d74a72676f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f7:07:80:9a:98:82:23:d6:05:bc:6d:83:ed:
b6:d0:36:d9:a6:9c:87:a0:f1:c9:2e:41:b5:ef:0c:
c6:75:07:a6:0b:02:30:75:f1:88:04:13:dd:26:c3:
dd:ff:b5:a5:1b:49:cf:3c:c2:0e:29:62:3d:05:7a:
62:f8:3e:08:6e:03:0d:48:cb:35:14:55:72:56:a3:
c7:1a:8a:cf:e6:75:84:08:ad:21:ce:f1:b6:47:a5:
70:66:ca:28:8b:95:43:6c:6e:51:c1:1e:31:6a:28:
15:bd:30:6b:db:83:bb:61:6e:8e:d3:22:37:39:b5:
78:62:94:cc:92:f9:9b:64:79:6a:78:f7:03:21:77:
06:db:56:a8:dc:da:11:7a:33:81:19:5e:db:27:69:
79:5c:5e:fa:76:7b:cf:93:73:cd:86:21:28:f2:8d:
a2:94:f6:7b:fc:9b:4a:f5:c9:99:84:e8:1d:72:fa:
2c:39:f2:a0:27:61:e5:b1:8d:bb:5f:11:7c:9d:af:
e3:5a:9d:7f:e1:a7:d0:0b:ee:0a:1a:ca:bd:97:a7:
e2:30:d3:ab:21:1c:33:cb:21:9c:63:86:1f:11:dc:
9f:1b:c1:50:32:b0:6d:15:68:25:ec:f1:b5:28:7f:
49:ad:f8:9f:91:0e:16:b8:e4:54:3d:ea:56:b5:2b:
7e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3A:E6:38:69:7F:EF:97:67:A4:D6:06:35:B5:D7:4A:72:67:6F:69
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XTrmOGl_75dnpNYGNbXXSnJnb2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:06:28:9d:b3:66:e2:e1:66:97:e3:7a:c7:ec:9d:87:db:2f:
3f:e9:da:6f:a8:bf:8c:2b:25:c2:18:4b:7a:4b:f7:5c:ba:48:
b6:64:42:db:35:49:50:65:d2:ae:59:5f:99:66:ea:14:ff:9c:
02:98:d4:52:2a:a8:0d:7b:37:1e:9c:98:d3:87:46:7e:d4:8c:
cc:4a:76:26:7e:9f:af:13:a2:e9:53:62:9f:1f:b8:74:34:b8:
95:ae:9d:92:bf:1d:be:39:8f:d0:1a:b1:23:72:d4:ae:00:e0:
e4:cb:80:6f:d9:17:ef:0b:e8:7d:e0:4d:18:d1:7d:95:90:2a:
64:05:4e:4d:39:9a:74:9e:b8:ed:82:20:a8:22:4a:55:5f:4c:
bc:78:c0:41:5a:05:8a:32:27:e4:06:7e:9c:fa:1e:83:00:95:
6f:14:8c:55:0a:16:6e:46:a7:a5:2e:0c:88:df:f0:d1:d4:93:
a9:6c:35:17:65:c0:63:59:20:1d:56:e8:1c:e9:ba:b5:f8:44:
61:ef:97:df:e7:9a:3b:5a:51:27:52:e2:f5:b3:c0:6f:48:3b:
a5:a4:4e:63:b2:10:44:96:b9:ea:e4:2d:9d:d0:24:9f:c8:a1:
54:22:47:02:20:9d:84:79:43:7a:ab:9b:b7:a5:bf:af:19:37:
c8:63:1b:5e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIB1un8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MDIxNDEzMjdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVkM2FlNjM4Njk3
ZmVmOTc2N2E0ZDYwNjM1YjVkNzRhNzI2NzZmNjkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq9weAmpiCI9YFvG2D7bbQNtmmnIeg8ckuQbXvDMZ1B6YL
AjB18YgEE90mw93/taUbSc88wg4pYj0FemL4PghuAw1IyzUUVXJWo8cais/mdYQI
rSHO8bZHpXBmyiiLlUNsblHBHjFqKBW9MGvbg7thbo7TIjc5tXhilMyS+ZtkeWp4
9wMhdwbbVqjc2hF6M4EZXtsnaXlcXvp2e8+Tc82GISjyjaKU9nv8m0r1yZmE6B1y
+iw58qAnYeWxjbtfEXydr+NanX/hp9AL7goayr2Xp+Iw06shHDPLIZxjhh8R3J8b
wVAysG0VaCXs8bUof0mt+J+RDha45FQ96la1K36FAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUXTrmOGl/75dnpNYGNbXXSnJnb2kwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9YVHJtT0dsXzc1ZG5wTllHTmJYWFNuSm5iMmsucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAAAYonbNm4uFml+N6x+ydh9svP+nab6i/jCsl
whhLekv3XLpItmRC2zVJUGXSrllfmWbqFP+cApjUUiqoDXs3HpyY04dGftSMzEp2
Jn6frxOi6VNinx+4dDS4la6dkr8dvjmP0BqxI3LUrgDg5MuAb9kX7wvofeBNGNF9
lZAqZAVOTTmadJ647YIgqCJKVV9MvHjAQVoFijIn5AZ+nPoegwCVbxSMVQoWbkan
pS4MiN/w0dSTqWw1F2XAY1kgHVboHOm6tfhEYe+X3+eaO1pRJ1Li9bPAb0g7paRO
Y7IQRJa56uQtndAkn8ihVCJHAiCdhHlDequbt6W/rxk3yGMbXg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:48 2025 by rpki-client