Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XVLZxr5PNkkLG47Wx5ftoxYuJy4.roa
File: XVLZxr5PNkkLG47Wx5ftoxYuJy4.roa (raw, json)
Hash identifier: /gatoWGJclz250tUokoGk4cbE8dbyjx3UQIBlBFPXAk=
Subject key identifier: 5D:52:D9:C6:BE:4F:36:49:0B:1B:8E:D6:C7:97:ED:A3:16:2E:27:2E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189FEAA5B54E04EBFE91C6580A7BE721CA2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XVLZxr5PNkkLG47Wx5ftoxYuJy4.roa
Signing time: Wed 16 Aug 2023 14:05:24 +0000
ROA not before: Wed 16 Aug 2023 14:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:fea9:972d/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:aa:5b:54:e0:4e:bf:e9:1c:65:80:a7:be:72:1c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 16 14:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d52d9c6be4f36490b1b8ed6c797eda3162e272e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c0:7d:d0:1d:20:4b:37:4d:55:33:ad:70:b6:
57:bf:e3:de:d9:55:f9:25:fd:6d:be:9f:29:c5:5e:
be:5b:d4:12:04:ba:da:fe:2d:bb:93:a3:4c:a8:0d:
cf:16:e6:30:30:c2:f2:e6:ad:65:af:05:25:8c:04:
af:14:73:f8:f3:fd:79:79:bc:95:bf:cb:01:e4:74:
9d:1c:8a:9f:7c:69:c1:f7:61:d4:c2:cc:dc:47:69:
8d:54:5b:d1:97:71:87:0b:78:1f:4d:5a:93:c6:cc:
fe:f8:b5:2d:ba:b4:43:14:d2:d8:a7:17:60:c2:d3:
23:a8:1f:f0:5b:f4:40:de:ca:12:1e:8d:ce:5d:38:
3c:1a:37:6a:68:4d:fc:12:0e:94:c3:8e:21:02:48:
31:bc:0b:40:8e:7b:fa:c0:97:58:64:7e:b8:c6:47:
05:26:f6:81:4d:c1:a9:c7:25:16:39:f7:e0:86:27:
65:5b:d7:d5:e7:4e:d3:0e:60:cc:e3:7c:a3:5c:fd:
f2:a2:c9:ee:68:b8:c2:ae:30:bf:b8:d4:50:3d:00:
6c:90:dc:9b:e8:8d:b4:f1:70:c7:fa:7a:70:68:6a:
b1:12:c4:2d:5d:b7:32:26:61:15:d4:ab:d7:b8:3c:
2f:2e:f9:3d:77:8d:2c:cb:8b:f9:db:b2:45:d6:26:
a7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:52:D9:C6:BE:4F:36:49:0B:1B:8E:D6:C7:97:ED:A3:16:2E:27:2E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XVLZxr5PNkkLG47Wx5ftoxYuJy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:38:b6:c6:c4:f3:0b:9c:04:e9:ad:44:8c:01:a0:34:26:0a:
44:e1:84:39:cb:a7:51:51:b6:ef:7a:ba:e1:ae:c2:cb:0e:96:
0b:ff:e0:21:11:47:7a:cc:b9:05:64:27:2e:dc:7f:4e:0d:0f:
f8:04:0b:8e:79:34:12:84:ff:1b:42:0c:43:cb:40:6d:d5:a2:
23:ec:2a:ce:54:ff:98:86:7d:0f:b5:e3:bd:3f:0f:fd:76:37:
b4:24:7b:f6:17:15:e5:ed:f5:e1:b5:ee:6e:76:03:d4:bf:0a:
c2:46:d8:8a:86:4b:81:17:97:f0:d1:dc:21:12:ca:a0:9f:ee:
58:f2:fb:4b:74:60:4a:72:67:17:c0:58:a2:37:10:8e:60:d8:
08:eb:8b:2e:dd:9e:91:e2:0b:78:58:c7:18:b0:e3:20:a5:ca:
8b:32:6b:ae:01:6b:39:a7:6e:a9:9b:b2:c9:00:f3:d6:8e:3b:
89:b3:04:14:cf:9d:19:e3:f1:fe:22:3d:6b:0a:fd:e1:3b:16:
24:c1:a0:f9:c9:6c:63:74:ee:1f:6e:2b:c9:ff:34:93:1a:7a:
1b:bb:e6:28:4b:ff:07:e2:92:83:f2:3b:5e:08:4a:19:d4:a8:
1e:64:b5:f9:8d:f1:a2:a0:3c:b5:58:70:77:e2:8a:07:a3:63:
9a:77:75:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn+qltU4E6/6RxlgKe+chyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE2MTQwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDUyZDljNmJlNGYzNjQ5MGIxYjhlZDZjNzk3ZWRhMzE2MmUyNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsB90B0gSzdNVTOtcLZXv+Pe2VX5
Jf1tvp8pxV6+W9QSBLra/i27k6NMqA3PFuYwMMLy5q1lrwUljASvFHP48/15ebyV
v8sB5HSdHIqffGnB92HUwszcR2mNVFvRl3GHC3gfTVqTxsz++LUturRDFNLYpxdg
wtMjqB/wW/RA3soSHo3OXTg8GjdqaE38Eg6Uw44hAkgxvAtAjnv6wJdYZH64xkcF
JvaBTcGpxyUWOffghidlW9fV507TDmDM43yjXP3yosnuaLjCrjC/uNRQPQBskNyb
6I208XDH+npwaGqxEsQtXbcyJmEV1KvXuDwvLvk9d40sy4v527JF1ianXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF1S2ca+TzZJCxuO1seX7aMWLicuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWFZMWnhyNVBOa2tMRzQ3V3g1ZnRveFl1Snk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH44tsbE8wucBOmtRIwB
oDQmCkThhDnLp1FRtu96uuGuwssOlgv/4CERR3rMuQVkJy7cf04ND/gEC455NBKE
/xtCDEPLQG3VoiPsKs5U/5iGfQ+1470/D/12N7Qke/YXFeXt9eG17m52A9S/CsJG
2IqGS4EXl/DR3CESyqCf7ljy+0t0YEpyZxfAWKI3EI5g2Ajriy7dnpHiC3hYxxiw
4yClyosya64BazmnbqmbsskA89aOO4mzBBTPnRnj8f4iPWsK/eE7FiTBoPnJbGN0
7h9uK8n/NJMaehu75ihL/wfikoPyO14IShnUqB5ktfmN8aKgPLVYcHfiigejY5p3
dRk=
-----END CERTIFICATE-----
Generated at Thu May 1 17:50:38 2025 by rpki-client