Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/X_kLFrrMNqvzRGK4_HggJRt6dEw.roa
File: X_kLFrrMNqvzRGK4_HggJRt6dEw.roa (raw, json)
Hash identifier: BjTEiRR8StgZqgpqq0hlWzWEwIhcUfLjdRVak0kLoAs=
Subject key identifier: 5F:F9:0B:16:BA:CC:36:AB:F3:44:62:B8:FC:78:20:25:1B:7A:74:4C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018583C3C3D43E2517D096255FFFBEF331B6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/X_kLFrrMNqvzRGK4_HggJRt6dEw.roa
Signing time: Thu 05 Jan 2023 21:08:43 +0000
ROA not before: Thu 05 Jan 2023 21:08:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:83:c3:c3:d4:3e:25:17:d0:96:25:5f:ff:be:f3:31:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 5 21:08:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ff90b16bacc36abf34462b8fc7820251b7a744c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:79:bf:51:fd:47:1b:39:a8:0d:97:f7:c1:5c:
7a:cf:26:cc:ec:ce:4e:95:19:93:00:3d:92:d1:8c:
7b:2a:c3:4e:2f:75:ce:b7:35:78:da:e7:c5:a4:91:
64:67:9a:0f:07:3f:6c:66:2f:18:40:bf:02:6c:a7:
f0:3c:33:89:ab:6e:6f:66:13:bd:f2:a4:64:8d:ef:
b5:61:b3:99:24:0f:9c:52:70:56:8c:84:43:a8:b6:
29:40:12:50:65:97:55:09:97:85:6a:eb:c3:85:dc:
cb:93:c3:68:c5:e5:c6:cb:61:5c:43:ca:2d:b2:04:
c6:b8:d5:ea:78:22:74:df:12:7a:b6:77:bc:0e:d1:
a7:88:ab:1b:cf:23:db:52:15:c7:5d:bc:7c:81:f5:
db:05:6b:12:9a:02:a1:76:3d:45:f8:6b:12:ec:5a:
08:71:fe:79:56:36:ef:52:50:ad:77:1c:a8:9e:93:
f9:6d:e2:ce:e8:9d:24:73:70:95:3c:7b:e7:21:22:
1b:1e:19:ef:63:24:89:49:7e:36:55:7c:65:b6:20:
10:3f:4b:d2:c4:ac:48:b7:6d:fc:cb:10:3d:6e:e0:
dd:86:2c:08:fb:66:c9:7b:e3:c8:51:4d:cb:18:bf:
99:5c:51:86:b6:9b:52:66:2e:3a:6a:7b:de:98:f7:
bc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F9:0B:16:BA:CC:36:AB:F3:44:62:B8:FC:78:20:25:1B:7A:74:4C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/X_kLFrrMNqvzRGK4_HggJRt6dEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:99:96:a8:19:a8:c6:88:7a:c6:b8:24:59:84:96:e2:49:54:
6e:46:f8:78:50:4d:4e:dc:8d:54:d1:44:6a:3e:b5:55:d9:6b:
d2:ef:ee:c4:1d:6d:6a:ea:de:91:3b:b3:a1:e1:4f:8c:56:e2:
99:11:ad:a5:ed:d2:45:d0:40:9a:16:49:e2:1c:dc:29:dd:15:
a1:18:60:18:d8:50:24:6c:e9:85:9d:68:41:1b:93:a0:f6:43:
7e:1b:7b:cd:ca:16:3a:1c:56:68:82:50:22:d1:0d:40:ac:3b:
46:f2:d8:79:e3:7c:c7:94:61:83:23:52:3f:46:e9:04:fb:89:
76:68:e1:cd:aa:d7:32:fc:c1:d7:9a:e0:a3:59:e1:57:36:42:
52:a1:06:19:d8:4c:0a:73:c1:83:b1:ae:0c:b7:73:8b:4e:04:
51:fe:ea:82:0c:24:b9:22:72:2c:e3:11:07:58:ae:5b:00:d9:
fb:73:f0:04:fc:df:a5:6a:97:30:0d:fe:41:58:c7:99:42:17:
c7:9f:d2:22:3e:73:87:8d:a6:8c:2c:dd:2e:f6:7e:67:34:56:
86:e5:f0:fc:ed:c5:88:2f:ee:4b:84:e9:b8:d4:ee:18:3b:fd:
c9:cb:90:7e:14:75:b3:ad:24:d8:70:d9:64:76:bf:2f:5c:86:
88:17:fe:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWDw8PUPiUX0JYlX/++8zG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA1MjEwODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY5MGIxNmJhY2MzNmFiZjM0NDYyYjhmYzc4MjAyNTFiN2E3NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXm/Uf1HGzmoDZf3wVx6zybM7M5O
lRmTAD2S0Yx7KsNOL3XOtzV42ufFpJFkZ5oPBz9sZi8YQL8CbKfwPDOJq25vZhO9
8qRkje+1YbOZJA+cUnBWjIRDqLYpQBJQZZdVCZeFauvDhdzLk8NoxeXGy2FcQ8ot
sgTGuNXqeCJ03xJ6tne8DtGniKsbzyPbUhXHXbx8gfXbBWsSmgKhdj1F+GsS7FoI
cf55VjbvUlCtdxyonpP5beLO6J0kc3CVPHvnISIbHhnvYySJSX42VXxltiAQP0vS
xKxIt238yxA9buDdhiwI+2bJe+PIUU3LGL+ZXFGGtptSZi46anvemPe8TQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF/5Cxa6zDar80RiuPx4ICUbenRMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWF9rTEZyck1OcXZ6UkdLNF9IZ2dKUnQ2ZEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKWZlqgZqMaIesa4JFmE
luJJVG5G+HhQTU7cjVTRRGo+tVXZa9Lv7sQdbWrq3pE7s6HhT4xW4pkRraXt0kXQ
QJoWSeIc3CndFaEYYBjYUCRs6YWdaEEbk6D2Q34be83KFjocVmiCUCLRDUCsO0by
2HnjfMeUYYMjUj9G6QT7iXZo4c2q1zL8wdea4KNZ4Vc2QlKhBhnYTApzwYOxrgy3
c4tOBFH+6oIMJLkicizjEQdYrlsA2ftz8AT836VqlzAN/kFYx5lCF8ef0iI+c4eN
pows3S72fmc0Vobl8PztxYgv7kuE6bjU7hg7/cnLkH4UdbOtJNhw2WR2vy9chogX
/h4=
-----END CERTIFICATE-----
Generated at Thu May 1 14:16:42 2025 by rpki-client