Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XnLYmPFfext1-fhH-WfYwRjQaQo.roa
File: XnLYmPFfext1-fhH-WfYwRjQaQo.roa (raw, json)
Hash identifier: TbXL4IzY5c59Dv7Yec286OPTBmYOl2gQ6Vuq1uCld68=
Subject key identifier: 5E:72:D8:98:F1:5F:7B:1B:75:F9:F8:47:F9:67:D8:C1:18:D0:69:0A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 765AAC30
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XnLYmPFfext1-fhH-WfYwRjQaQo.roa
Signing time: Mon 28 Mar 2022 05:10:37 +0000
ROA not before: Mon 28 Mar 2022 05:10:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1985653808 (0x765aac30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 28 05:10:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e72d898f15f7b1b75f9f847f967d8c118d0690a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:22:46:a7:ec:27:e0:56:e1:d6:09:47:b9:f7:
c8:ce:18:8c:32:f8:38:5d:79:51:71:60:e9:02:5f:
f2:b5:c7:e2:f7:8c:b6:ca:3f:74:aa:79:1c:f2:6c:
43:b9:7d:db:0c:de:bd:8a:e6:14:ab:7d:58:5c:0f:
15:3e:9f:ad:5e:a3:2b:19:c3:f6:56:e7:ee:50:b6:
3a:cb:88:bb:e2:3c:96:00:f2:c5:12:a3:54:77:51:
e4:7e:5f:a2:cc:02:71:a6:fb:6e:5b:af:00:c1:2b:
11:18:8a:8e:72:1c:f5:a3:68:cd:f2:5e:da:16:d1:
ba:30:e7:52:95:48:bc:28:1b:14:4c:65:7e:17:0a:
b7:fb:2a:35:8a:7b:dc:50:7c:b7:4b:c1:ac:4a:82:
84:ef:3a:3f:e2:e7:fc:9d:19:1f:1c:8a:24:b1:62:
2a:f8:59:56:da:e3:38:a5:5f:c8:37:1a:48:ef:f8:
9c:50:7d:57:09:c0:f4:e2:b4:e2:c6:c9:60:16:d7:
01:a4:0c:e4:34:40:79:db:80:3c:a3:d2:ed:ba:3a:
54:4f:58:6d:64:9e:ca:27:9f:57:3d:17:85:b4:1b:
05:75:2f:fa:17:62:22:e3:58:2a:a3:2d:5c:fe:71:
17:9b:72:95:47:35:1c:31:76:42:cb:51:c7:2e:ca:
93:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:72:D8:98:F1:5F:7B:1B:75:F9:F8:47:F9:67:D8:C1:18:D0:69:0A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XnLYmPFfext1-fhH-WfYwRjQaQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:f2:b2:cd:3f:1d:94:90:45:ff:3d:b7:fa:28:a2:4f:75:64:
37:95:e2:6e:3a:33:a2:f2:d8:0d:9b:fa:6d:d0:d7:6e:31:50:
e4:ad:49:02:b7:f9:02:48:75:1a:13:f9:76:c5:0c:28:e1:0d:
99:47:22:f3:ca:bb:65:76:54:51:ab:22:a2:fc:ce:74:a6:f3:
95:2b:61:9a:23:81:12:7f:74:54:ec:8a:27:fc:24:a1:38:6f:
be:38:bd:28:75:25:30:77:32:66:6e:17:65:95:47:c3:57:7f:
9f:6c:81:b7:c0:19:2f:1c:42:fb:4b:c5:33:a9:22:05:2c:e1:
32:2b:1f:a3:a4:81:31:1c:4d:6e:7e:df:98:a3:96:33:ad:0b:
e6:39:cb:b0:6d:e8:bf:bf:a5:7d:f7:47:2a:bf:9b:4d:36:21:
7b:5c:9c:d6:d0:43:64:64:7e:dc:7c:ff:be:e9:44:ed:69:f9:
6c:1f:01:b6:9c:05:04:f2:a3:00:1a:1f:b9:74:45:8c:eb:eb:
51:19:35:84:17:72:20:02:70:d3:4e:c7:cf:0f:57:c4:62:57:
94:d4:c3:23:4a:a9:54:89:46:aa:b3:ec:b0:4a:fa:d1:43:0e:
40:e9:3f:e8:2b:79:ab:20:32:12:b5:71:5a:2a:2c:00:17:3b:
46:65:32:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdlqsMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMy
ODA1MTAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU3MmQ4OThmMTVm
N2IxYjc1ZjlmODQ3Zjk2N2Q4YzExOGQwNjkwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0iRqfsJ+BW4dYJR7n3yM4YjDL4OF15UXFg6QJf8rXH4veM
tso/dKp5HPJsQ7l92wzevYrmFKt9WFwPFT6frV6jKxnD9lbn7lC2OsuIu+I8lgDy
xRKjVHdR5H5foswCcab7bluvAMErERiKjnIc9aNozfJe2hbRujDnUpVIvCgbFExl
fhcKt/sqNYp73FB8t0vBrEqChO86P+Ln/J0ZHxyKJLFiKvhZVtrjOKVfyDcaSO/4
nFB9VwnA9OK04sbJYBbXAaQM5DRAeduAPKPS7bo6VE9YbWSeyiefVz0XhbQbBXUv
+hdiIuNYKqMtXP5xF5tylUc1HDF2QstRxy7Kk/UCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRectiY8V97G3X5+Ef5Z9jBGNBpCjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1huTFltUEZmZXh0MS1maEgtV2ZZd1JqUWFRby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBo8rLNPx2UkEX/Pbf6KKJPdWQ3leJuOjOi8tgN
m/pt0NduMVDkrUkCt/kCSHUaE/l2xQwo4Q2ZRyLzyrtldlRRqyKi/M50pvOVK2Ga
I4ESf3RU7Ion/CShOG++OL0odSUwdzJmbhdllUfDV3+fbIG3wBkvHEL7S8UzqSIF
LOEyKx+jpIExHE1uft+Yo5YzrQvmOcuwbei/v6V990cqv5tNNiF7XJzW0ENkZH7c
fP++6UTtaflsHwG2nAUE8qMAGh+5dEWM6+tRGTWEF3IgAnDTTsfPD1fEYleU1MMj
SqlUiUaqs+ywSvrRQw5A6T/oK3mrIDIStXFaKiwAFztGZTJj
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:35:47 2025 by rpki-client