Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Xf3N9ExUoHwx0oz5NbcxVycINNw.roa
File: Xf3N9ExUoHwx0oz5NbcxVycINNw.roa (raw, json)
Hash identifier: TNLSfysrUUYNWhTbCXlPuXNeZxY+gM7hgVC0la3F5N4=
Subject key identifier: 5D:FD:CD:F4:4C:54:A0:7C:31:D2:8C:F9:35:B7:31:57:27:08:34:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7DA39A3A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Xf3N9ExUoHwx0oz5NbcxVycINNw.roa
Signing time: Fri 22 Apr 2022 21:10:29 +0000
ROA not before: Fri 22 Apr 2022 21:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2107873850 (0x7da39a3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 22 21:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dfdcdf44c54a07c31d28cf935b73157270834dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:32:eb:de:b7:6f:4f:7b:25:eb:9d:b0:99:ac:
02:25:ae:53:4e:5c:14:c3:b8:5a:dc:d2:d8:e3:96:
10:9b:dd:d9:9d:a7:25:dc:13:3c:2d:94:f5:77:d3:
a7:ca:ab:7a:4c:64:7f:ce:a3:fd:34:7b:84:c4:53:
16:eb:82:2e:d1:c0:b5:de:f3:f9:38:d3:90:dd:91:
92:cc:b7:55:00:25:12:54:d2:60:ed:4a:43:67:40:
6e:cd:c0:98:67:64:2d:36:04:d9:37:c6:ee:f1:a2:
58:31:4a:f4:ea:2c:52:46:96:76:19:b1:59:2b:d5:
44:89:15:93:03:69:9a:cd:34:62:5a:fc:2b:86:ce:
db:ef:4d:b5:87:a4:cb:86:ac:46:cb:22:c7:cd:1f:
44:5f:ba:3a:1b:e7:14:d6:bc:42:57:05:db:b1:0c:
7a:17:b5:9e:6b:04:66:5a:6b:44:9b:f3:a3:fe:70:
0c:b3:29:ab:a5:f9:05:90:4c:48:22:51:e8:c9:6e:
91:c5:a0:6e:b1:2a:dd:1e:61:33:ef:55:3f:31:3f:
5b:ed:d6:ff:45:87:b7:2f:06:6b:f7:4d:e9:21:33:
6a:2d:f8:a6:89:82:c8:7f:52:06:80:b7:73:ad:fd:
9a:f6:97:06:c7:d4:f1:e8:43:95:05:3d:b0:35:73:
19:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FD:CD:F4:4C:54:A0:7C:31:D2:8C:F9:35:B7:31:57:27:08:34:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Xf3N9ExUoHwx0oz5NbcxVycINNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:fa:52:4f:76:97:e0:99:0b:8c:7e:ff:af:96:4d:d7:be:65:
ad:ba:ba:85:9a:19:9c:fd:f1:62:10:21:eb:10:8d:8b:85:4b:
4a:31:2a:db:2c:a0:da:a0:c8:7d:98:b1:81:2a:59:15:18:9c:
83:af:a8:49:65:a4:be:cc:c9:a9:f2:8c:79:88:32:73:7f:ed:
d4:bc:0e:c5:e7:b0:21:3b:bf:4e:85:c1:5d:9b:f3:80:3d:96:
e6:4a:aa:41:b8:68:58:9f:40:03:b9:00:a5:8d:36:f7:39:e1:
ac:d1:23:0d:fa:1a:6a:ba:c3:63:cb:a8:c1:42:2e:5d:67:b8:
b2:64:94:75:c8:62:03:d5:6a:86:ab:3a:63:50:8b:80:e1:8d:
ac:ef:1b:13:5e:26:de:71:47:19:af:81:c2:82:85:85:c9:35:
22:fe:b0:e5:ba:9d:e5:2c:ed:7c:7b:9a:03:67:fd:56:cc:3f:
2e:c9:5e:cb:0f:9b:58:9a:3c:e5:98:cb:2b:b4:06:ac:87:5d:
e2:a2:a6:f8:e4:1b:5f:01:f9:91:d2:8b:c4:92:8f:b0:75:9b:
f4:5b:f0:72:bd:d5:b3:d4:46:bf:19:0c:25:f6:60:2e:2e:43:
66:da:2e:6c:a9:ba:5a:8e:31:7a:d7:f7:73:7b:e5:9c:cf:2a:
ab:01:d8:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEfaOaOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQy
MjIxMTAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRmZGNkZjQ0YzU0
YTA3YzMxZDI4Y2Y5MzViNzMxNTcyNzA4MzRkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMy6963b097JeudsJmsAiWuU05cFMO4WtzS2OOWEJvd2Z2n
JdwTPC2U9XfTp8qrekxkf86j/TR7hMRTFuuCLtHAtd7z+TjTkN2Rksy3VQAlElTS
YO1KQ2dAbs3AmGdkLTYE2TfG7vGiWDFK9OosUkaWdhmxWSvVRIkVkwNpms00Ylr8
K4bO2+9NtYeky4asRssix80fRF+6OhvnFNa8QlcF27EMehe1nmsEZlprRJvzo/5w
DLMpq6X5BZBMSCJR6MlukcWgbrEq3R5hM+9VPzE/W+3W/0WHty8Ga/dN6SEzai34
pomCyH9SBoC3c639mvaXBsfU8ehDlQU9sDVzGY8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRd/c30TFSgfDHSjPk1tzFXJwg03DAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1hmM045RXhVb0h3eDBvejVOYmN4VnljSU5Ody5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCF+lJPdpfgmQuMfv+vlk3XvmWturqFmhmc/fFi
ECHrEI2LhUtKMSrbLKDaoMh9mLGBKlkVGJyDr6hJZaS+zMmp8ox5iDJzf+3UvA7F
57AhO79OhcFdm/OAPZbmSqpBuGhYn0ADuQCljTb3OeGs0SMN+hpqusNjy6jBQi5d
Z7iyZJR1yGID1WqGqzpjUIuA4Y2s7xsTXibecUcZr4HCgoWFyTUi/rDlup3lLO18
e5oDZ/1WzD8uyV7LD5tYmjzlmMsrtAash13ioqb45BtfAfmR0ovEko+wdZv0W/By
vdWz1Ea/GQwl9mAuLkNm2i5sqbpajjF61/dze+WczyqrAdjA
-----END CERTIFICATE-----
Generated at Sat May 3 16:47:00 2025 by rpki-client