Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XXYH53HiL9IDmPHxmlzn1ET-NOI.roa
File: XXYH53HiL9IDmPHxmlzn1ET-NOI.roa (raw, json)
Hash identifier: KGI5VnDGspqGe5GKFtczAoGnRP0HWnw+Iq8CXoLLAnA=
Subject key identifier: 5D:76:07:E7:71:E2:2F:D2:03:98:F1:F1:9A:5C:E7:D4:44:FE:34:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01835AD45E0F76D38A824040F4742710CC0A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XXYH53HiL9IDmPHxmlzn1ET-NOI.roa
Signing time: Tue 20 Sep 2022 12:16:50 +0000
ROA not before: Tue 20 Sep 2022 12:16:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:d4:5e:0f:76:d3:8a:82:40:40:f4:74:27:10:cc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 20 12:16:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d7607e771e22fd20398f1f19a5ce7d444fe34e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8f:cf:08:2c:b9:b6:31:fe:ca:2d:b3:fc:75:
d5:f6:d9:3d:fa:59:8b:55:25:88:2f:e1:de:10:80:
bd:0c:1b:9c:ad:80:b9:29:27:39:ee:65:c1:f4:fb:
23:35:88:03:cd:03:67:6a:aa:66:2b:8c:f5:74:86:
98:be:89:4e:90:be:13:0c:ec:ab:10:a2:85:63:c8:
58:84:d8:c6:57:5b:18:9e:c2:d1:03:32:6b:38:b0:
63:e6:dd:54:20:1f:85:ee:98:b4:4c:51:36:92:81:
91:9f:fa:7f:02:96:db:e6:7f:f2:56:2d:a6:26:03:
8c:c5:cc:82:bf:51:41:93:5d:b9:82:f6:d2:9b:dc:
01:ab:27:23:c5:92:c9:4a:88:36:24:7b:90:a3:d6:
fd:2a:20:ac:ca:07:36:78:68:62:a1:89:79:ad:3e:
6f:d5:43:64:d6:ee:99:92:8e:00:bc:be:37:fa:67:
58:09:6d:5d:78:9b:1f:94:e5:f6:11:e1:54:6b:e8:
cf:ab:4a:c8:80:6c:17:21:13:69:e2:61:6e:2d:1e:
8d:c9:7c:b8:ce:3f:ac:fb:d8:a3:ae:83:56:d9:aa:
c0:20:19:ec:5d:03:27:2a:45:aa:d6:54:1a:4d:60:
8b:50:e5:88:bd:5d:6a:53:42:4a:d1:db:e4:9e:82:
65:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:76:07:E7:71:E2:2F:D2:03:98:F1:F1:9A:5C:E7:D4:44:FE:34:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XXYH53HiL9IDmPHxmlzn1ET-NOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:1e:1b:c4:91:49:c0:a1:2d:c5:2e:ee:61:c1:f0:d7:6f:75:
db:d8:a2:72:bb:ab:09:12:38:8f:41:ac:cd:cc:0c:7f:81:92:
12:60:f5:f5:97:72:6c:82:1b:64:fc:e6:8b:53:89:2d:11:97:
bc:51:03:91:99:41:f3:22:6a:f5:ad:eb:9b:9f:cb:86:46:8d:
08:3c:9e:06:93:4a:07:3b:0e:e7:c6:f3:0c:87:c8:03:73:32:
47:5d:3a:63:d2:fe:d3:a3:42:0f:e3:de:47:bf:c1:66:22:eb:
15:4c:e6:85:79:2f:f5:2d:01:d6:5a:b3:90:49:c4:1b:ac:8d:
74:83:ec:52:79:a0:16:4a:31:32:af:5d:b2:cf:19:88:5f:88:
f1:bc:58:a1:00:51:79:bf:fd:d4:d8:11:8f:41:5a:6f:a5:18:
02:1b:59:12:d5:34:f2:b4:98:ba:d8:9d:b9:43:20:09:40:33:
ae:96:9c:4e:6d:6c:78:15:bb:87:1d:db:d7:ef:0f:07:47:89:
48:fc:e9:d9:f4:ee:81:1a:14:97:53:4d:75:4a:59:8c:14:89:
cd:d8:c1:83:4f:64:6b:98:11:2e:9d:ba:74:6d:6a:da:21:c8:
49:fe:2d:99:c2:d6:1d:5c:f1:72:b4:fa:1a:a8:0e:31:06:11:
1b:bc:77:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNa1F4PdtOKgkBA9HQnEMwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTIwMTIxNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDc2MDdlNzcxZTIyZmQyMDM5OGYxZjE5YTVjZTdkNDQ0ZmUzNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I/PCCy5tjH+yi2z/HXV9tk9+lmL
VSWIL+HeEIC9DBucrYC5KSc57mXB9PsjNYgDzQNnaqpmK4z1dIaYvolOkL4TDOyr
EKKFY8hYhNjGV1sYnsLRAzJrOLBj5t1UIB+F7pi0TFE2koGRn/p/Apbb5n/yVi2m
JgOMxcyCv1FBk125gvbSm9wBqycjxZLJSog2JHuQo9b9KiCsygc2eGhioYl5rT5v
1UNk1u6Zko4AvL43+mdYCW1deJsflOX2EeFUa+jPq0rIgGwXIRNp4mFuLR6NyXy4
zj+s+9ijroNW2arAIBnsXQMnKkWq1lQaTWCLUOWIvV1qU0JK0dvknoJl9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF12B+dx4i/SA5jx8Zpc59RE/jTiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWFhZSDUzSGlMOUlEbVBIeG1sem4xRVQtTk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE8eG8SRScChLcUu7mHB
8NdvddvYonK7qwkSOI9BrM3MDH+BkhJg9fWXcmyCG2T85otTiS0Rl7xRA5GZQfMi
avWt65ufy4ZGjQg8ngaTSgc7DufG8wyHyANzMkddOmPS/tOjQg/j3ke/wWYi6xVM
5oV5L/UtAdZas5BJxBusjXSD7FJ5oBZKMTKvXbLPGYhfiPG8WKEAUXm//dTYEY9B
Wm+lGAIbWRLVNPK0mLrYnblDIAlAM66WnE5tbHgVu4cd29fvDwdHiUj86dn07oEa
FJdTTXVKWYwUic3YwYNPZGuYES6dunRtatohyEn+LZnC1h1c8XK0+hqoDjEGERu8
dzM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:56 2025 by rpki-client