Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XyUaKfkH_tm3SZw4tCzJP2G2Rvo.roa
File: XyUaKfkH_tm3SZw4tCzJP2G2Rvo.roa (raw, json)
Hash identifier: Hu1VlCzKNqMdNGWXqdCGM8iAl7h8jo9GFGdGDc2UuXY=
Subject key identifier: 5F:25:1A:29:F9:07:FE:D9:B7:49:9C:38:B4:2C:C9:3F:61:B6:46:FA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189AD5BE34EF1151AE08B412636347C2149
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XyUaKfkH_tm3SZw4tCzJP2G2Rvo.roa
Signing time: Mon 31 Jul 2023 19:10:27 +0000
ROA not before: Mon 31 Jul 2023 19:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:5b:e3:4e:f1:15:1a:e0:8b:41:26:36:34:7c:21:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 19:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f251a29f907fed9b7499c38b42cc93f61b646fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e4:a2:a3:7c:60:f2:4a:a2:be:6d:0e:55:79:
b5:60:33:6d:16:94:e4:11:b1:31:ce:57:3e:5d:d9:
6d:f7:52:59:72:db:ab:5a:d6:c0:c6:e3:b7:f2:2b:
97:20:60:82:ab:ae:cb:fb:52:0e:c6:73:56:10:13:
72:a9:67:8a:6a:a1:a6:1d:df:84:6a:f1:10:05:53:
30:24:3b:b4:d6:8b:65:b1:35:8a:d4:3b:39:e8:5b:
93:d7:6e:73:97:94:e1:9d:3f:cf:5e:39:bd:b3:1c:
33:93:0f:1a:8d:a8:38:51:8d:ee:77:f1:87:85:a1:
cc:84:f4:9a:c4:91:51:2b:1b:d4:b7:ea:07:95:13:
61:1f:62:f8:18:e8:ec:5f:e6:24:55:35:24:8b:45:
4d:0c:90:57:ce:8c:d3:e9:64:40:a1:25:ee:e8:61:
6d:8a:f4:2c:10:e1:ad:a0:11:a7:6a:a8:34:39:12:
f3:dd:59:e4:f6:6a:e4:0a:16:c9:a5:a7:5e:a5:bb:
3f:80:b4:50:75:ef:e4:47:5b:8a:4a:93:1b:0c:da:
d3:5f:2f:a0:c2:4e:28:59:cd:7d:1f:00:1f:1a:24:
3f:dd:47:e8:a9:03:ea:7f:84:ce:04:02:f4:88:5f:
a5:2c:48:e0:54:78:f7:9c:52:76:58:bd:c5:da:f2:
ef:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:25:1A:29:F9:07:FE:D9:B7:49:9C:38:B4:2C:C9:3F:61:B6:46:FA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XyUaKfkH_tm3SZw4tCzJP2G2Rvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:4c:2d:d4:6d:ea:50:c6:db:19:5b:ee:c0:48:02:44:49:98:
75:9b:5c:4e:7e:a1:b1:f4:54:58:7c:70:49:07:ea:a1:59:9e:
69:d5:75:d1:58:7b:e0:51:7d:34:7d:c2:3f:c2:05:d4:45:e8:
9c:68:42:13:3b:1a:e5:53:8e:4b:b8:ad:bb:2a:84:ba:5d:94:
a7:58:f6:1d:f0:4a:4e:a3:d9:26:e1:86:2b:c2:c1:74:46:74:
f7:91:2d:f3:83:12:54:cc:9a:4c:55:2a:65:f8:df:a7:36:98:
fb:43:4d:db:e2:67:48:16:9f:57:c6:96:e7:8c:cf:76:e8:fd:
ee:a2:4d:ca:2f:d3:b3:a1:d6:ce:c5:31:75:18:d7:be:10:ac:
d4:c8:2b:02:1f:8f:c0:84:d8:76:7a:73:85:49:20:15:90:81:
c1:5e:77:2d:ce:a9:cc:b2:e6:6f:d6:dc:60:e4:8a:79:69:77:
57:01:93:b7:89:d0:96:75:b3:79:86:27:8b:10:f9:a5:e1:01:
c2:4c:c4:f5:d5:06:f2:90:d2:63:a8:76:d4:c4:59:ce:f3:83:
3b:4b:83:42:3a:49:80:1b:65:5b:b3:9c:ea:78:ec:50:fb:6e:
54:a3:96:0d:4a:89:c3:14:c1:c8:fb:04:e1:04:ee:23:9b:8a:
66:b4:68:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmtW+NO8RUa4ItBJjY0fCFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMTkxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI1MWEyOWY5MDdmZWQ5Yjc0OTljMzhiNDJjYzkzZjYxYjY0NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+Sio3xg8kqivm0OVXm1YDNtFpTk
EbExzlc+Xdlt91JZcturWtbAxuO38iuXIGCCq67L+1IOxnNWEBNyqWeKaqGmHd+E
avEQBVMwJDu01otlsTWK1Ds56FuT125zl5ThnT/PXjm9sxwzkw8ajag4UY3ud/GH
haHMhPSaxJFRKxvUt+oHlRNhH2L4GOjsX+YkVTUki0VNDJBXzozT6WRAoSXu6GFt
ivQsEOGtoBGnaqg0ORLz3Vnk9mrkChbJpadepbs/gLRQde/kR1uKSpMbDNrTXy+g
wk4oWc19HwAfGiQ/3UfoqQPqf4TOBAL0iF+lLEjgVHj3nFJ2WL3F2vLvvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF8lGin5B/7Zt0mcOLQsyT9htkb6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWHlVYUtma0hfdG0zU1p3NHRDekpQMkcyUnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpMLdRt6lDG2xlb7sBI
AkRJmHWbXE5+obH0VFh8cEkH6qFZnmnVddFYe+BRfTR9wj/CBdRF6JxoQhM7GuVT
jku4rbsqhLpdlKdY9h3wSk6j2SbhhivCwXRGdPeRLfODElTMmkxVKmX436c2mPtD
TdviZ0gWn1fGlueMz3bo/e6iTcov07Oh1s7FMXUY174QrNTIKwIfj8CE2HZ6c4VJ
IBWQgcFedy3Oqcyy5m/W3GDkinlpd1cBk7eJ0JZ1s3mGJ4sQ+aXhAcJMxPXVBvKQ
0mOodtTEWc7zgztLg0I6SYAbZVuznOp47FD7blSjlg1KicMUwcj7BOEE7iObima0
aPk=
-----END CERTIFICATE-----
Generated at Thu May 1 16:04:49 2025 by rpki-client