Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XdQFFvNZsUnlXQLcM-pGI3JCmgQ.roa
File: XdQFFvNZsUnlXQLcM-pGI3JCmgQ.roa (raw, json)
Hash identifier: hPpqkA5zbtoQjauvo6DcfAnKQUrJxfECCdRO7Ngfzp4=
Subject key identifier: 5D:D4:05:16:F3:59:B1:49:E5:5D:02:DC:33:EA:46:23:72:42:9A:04
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 72C85B0F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XdQFFvNZsUnlXQLcM-pGI3JCmgQ.roa
Signing time: Tue 15 Mar 2022 16:11:31 +0000
ROA not before: Tue 15 Mar 2022 16:11:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1925733135 (0x72c85b0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 15 16:11:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dd40516f359b149e55d02dc33ea462372429a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:e5:9d:3e:aa:8e:78:58:7a:a5:74:33:dd:
21:75:98:a7:b0:6a:57:d9:ab:10:d5:83:9b:93:b6:
1e:50:7a:f0:0c:33:74:a6:c2:b7:83:79:81:76:39:
ab:e2:d8:7b:42:38:b0:a2:9e:23:13:88:df:47:c9:
a6:92:6e:ed:67:5e:bb:68:95:1d:6d:44:7c:8a:69:
7e:8e:a7:ec:21:4c:c6:fb:4a:47:42:21:2b:9e:e1:
08:84:d9:ef:bb:cc:fc:aa:74:e7:38:ba:1a:81:2c:
0e:2b:d4:fe:a8:7d:cb:8b:6c:78:11:c2:1e:cb:f7:
f5:d7:d7:c6:a4:7c:c7:ef:3a:88:eb:e0:83:77:a7:
2a:f5:b0:b7:e4:5a:c5:b0:46:2d:bc:3b:f1:d0:d1:
5c:7f:0f:54:4a:a4:a5:7b:83:ec:66:c9:fc:48:22:
44:0f:1b:78:8e:2c:f7:bf:b1:08:b0:fd:af:ef:33:
03:e5:b0:aa:56:8a:a0:fe:98:75:c7:01:e3:3e:d2:
d7:46:61:d5:57:c5:54:c0:af:ab:94:1b:d8:b6:e8:
5b:e7:fb:24:9a:e3:a3:36:84:2c:bc:2c:9d:19:de:
99:e2:15:df:3b:bb:bc:cf:b7:82:9f:6d:a2:e5:90:
f3:51:0b:02:b9:51:a6:6e:c7:99:ad:d2:b4:ae:d6:
2e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D4:05:16:F3:59:B1:49:E5:5D:02:DC:33:EA:46:23:72:42:9A:04
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XdQFFvNZsUnlXQLcM-pGI3JCmgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:b3:e3:03:c2:95:a6:5a:5a:22:4c:80:59:59:70:38:9e:29:
2b:75:a5:2a:9d:34:59:d9:d6:e2:76:fa:b4:08:51:6f:4b:ac:
30:5a:93:6c:05:ea:ac:dc:c1:1b:a4:9a:00:86:fc:60:fc:c2:
6a:df:c8:99:c9:69:39:cd:58:b7:50:9a:cf:53:35:fa:e1:12:
f8:86:a4:7d:6b:36:12:aa:78:89:ec:a6:36:51:64:70:47:7b:
de:b0:c8:47:4c:a7:c1:ae:07:f7:42:0f:3f:aa:51:39:44:ef:
ff:b7:cc:64:14:66:41:01:d7:30:b1:ce:61:90:9c:a4:c0:48:
d9:04:b7:39:eb:53:be:61:12:15:7d:d8:51:bc:cf:b3:0a:e5:
38:20:d5:20:66:0a:2d:2f:7f:42:df:a7:16:79:70:f9:41:87:
ae:14:4f:db:fe:b0:40:4b:7d:22:fb:82:7c:83:34:aa:45:c5:
e5:cb:5f:6a:de:b8:da:ee:9d:30:d6:e4:72:1f:aa:3a:30:c8:
8b:99:0d:2f:ef:9b:39:7d:35:f0:3d:fd:ec:ae:3b:e6:4d:07:
da:7b:c8:9c:b5:0a:64:fb:9d:fc:61:a7:ea:9a:22:60:52:00:
41:e1:f2:c4:72:7b:2d:d5:c5:fb:1c:2e:28:e4:5a:c4:34:cb:
7d:1f:8b:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEcshbDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMx
NTE2MTEzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRkNDA1MTZmMzU5
YjE0OWU1NWQwMmRjMzNlYTQ2MjM3MjQyOWEwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALM65Z0+qo54WHqldDPdIXWYp7BqV9mrENWDm5O2HlB68Awz
dKbCt4N5gXY5q+LYe0I4sKKeIxOI30fJppJu7Wdeu2iVHW1EfIppfo6n7CFMxvtK
R0IhK57hCITZ77vM/Kp05zi6GoEsDivU/qh9y4tseBHCHsv39dfXxqR8x+86iOvg
g3enKvWwt+RaxbBGLbw78dDRXH8PVEqkpXuD7GbJ/EgiRA8beI4s97+xCLD9r+8z
A+WwqlaKoP6YdccB4z7S10Zh1VfFVMCvq5Qb2LboW+f7JJrjozaELLwsnRnemeIV
3zu7vM+3gp9touWQ81ELArlRpm7Hma3StK7WLgMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRd1AUW81mxSeVdAtwz6kYjckKaBDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1hkUUZGdk5ac1VubFhRTGNNLXBHSTNKQ21nUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBfs+MDwpWmWloiTIBZWXA4nikrdaUqnTRZ2dbi
dvq0CFFvS6wwWpNsBeqs3MEbpJoAhvxg/MJq38iZyWk5zVi3UJrPUzX64RL4hqR9
azYSqniJ7KY2UWRwR3vesMhHTKfBrgf3Qg8/qlE5RO//t8xkFGZBAdcwsc5hkJyk
wEjZBLc561O+YRIVfdhRvM+zCuU4INUgZgotL39C36cWeXD5QYeuFE/b/rBAS30i
+4J8gzSqRcXly19q3rja7p0w1uRyH6o6MMiLmQ0v75s5fTXwPf3srjvmTQfae8ic
tQpk+538YafqmiJgUgBB4fLEcnst1cX7HC4o5FrENMt9H4te
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:38:40 2025 by rpki-client