Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_Xqwslzag2kKWobw7pw1h_ALafg.roa
File: _Xqwslzag2kKWobw7pw1h_ALafg.roa (raw, json)
Hash identifier: qT510MvL3n+d6HXSwE7D7saCTPr+GPjac4YE8+TQMg0=
Subject key identifier: FD:7A:B0:B2:5C:DA:83:69:0A:5A:86:F0:EE:9C:35:87:F0:0B:69:F8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187FA3143829BA91E2CED7DA72F60C51006
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_Xqwslzag2kKWobw7pw1h_ALafg.roa
Signing time: Mon 08 May 2023 07:09:05 +0000
ROA not before: Mon 08 May 2023 07:09:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:31:43:82:9b:a9:1e:2c:ed:7d:a7:2f:60:c5:10:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 8 07:09:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd7ab0b25cda83690a5a86f0ee9c3587f00b69f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b6:b1:92:cf:ae:a2:66:bc:47:d8:1d:52:80:
72:17:10:7b:5c:aa:e6:29:2a:0f:79:50:64:ee:92:
41:39:2a:58:c9:10:58:3e:82:4f:02:ad:54:2f:b9:
93:8d:1b:17:37:69:78:1a:29:c2:62:fd:8c:6a:a9:
ca:84:24:32:1f:76:bd:0f:f8:b4:05:3b:f4:8a:dd:
7c:f4:aa:e0:3a:e4:8c:4d:da:2c:0e:55:03:9b:2c:
54:b9:8e:67:60:7b:c8:57:df:1f:8c:93:7a:ce:78:
55:e3:92:7a:c9:e7:84:91:1d:81:0a:59:c5:a5:71:
f7:16:42:0d:28:1b:9d:58:ba:88:75:cd:81:08:c1:
0f:43:af:d8:19:2d:d1:0f:61:6c:b9:d3:e2:05:a9:
ac:89:35:db:d1:b7:65:8a:ce:81:e7:8a:e1:06:1e:
ed:e2:34:6e:23:33:a6:b6:8b:a9:ce:fc:14:d2:6f:
9c:9a:bd:79:20:33:78:15:a0:cd:1c:3c:47:ed:71:
f0:bc:a7:4e:4a:f6:0c:b5:c0:4c:49:de:86:3d:95:
e1:3f:69:d4:3c:95:91:41:61:8e:63:bf:b4:26:90:
05:ce:3e:96:02:eb:8e:d9:9c:32:6d:5a:28:ec:b4:
7b:b2:cf:3f:f8:91:c0:23:d2:f2:61:52:1f:ff:ef:
39:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7A:B0:B2:5C:DA:83:69:0A:5A:86:F0:EE:9C:35:87:F0:0B:69:F8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_Xqwslzag2kKWobw7pw1h_ALafg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:1d:fe:e5:49:89:ad:bd:78:21:e7:0d:c5:c9:20:5d:07:2b:
18:5e:29:b4:6f:78:38:43:9c:59:99:45:3a:ab:f4:b5:15:5f:
8b:b7:04:a2:25:fe:99:70:cd:30:05:7b:99:63:92:e5:5b:0b:
58:27:07:10:26:84:7b:55:a0:ca:62:8c:46:46:eb:81:79:33:
3a:36:e2:50:ef:71:52:7e:09:83:d5:a4:ba:95:d6:84:65:17:
60:8e:4b:c3:6f:06:ff:b1:dd:ee:2f:bf:4e:f1:4a:9b:16:f2:
0b:f6:e8:7c:93:0c:ec:2d:76:27:d3:87:50:10:33:9e:2b:19:
26:40:a5:da:1b:85:a1:5e:41:cc:40:50:bb:e8:6c:19:69:dd:
09:a3:d4:94:1d:33:13:18:79:b8:ac:4d:f6:c0:b3:d3:89:a4:
ef:be:0f:32:c6:e4:ac:92:7c:6d:8b:88:d3:56:b4:12:05:5a:
d6:29:ef:c4:5d:a3:68:28:07:88:6a:3c:c2:44:b2:68:45:34:
b5:ba:8a:e9:00:dc:cd:1c:d7:6c:93:c4:73:50:74:8c:70:13:
c8:1e:ce:75:ad:fc:35:1a:c9:16:54:57:20:e0:da:8d:36:79:
b3:f0:c5:63:f3:90:bd:19:24:37:f3:71:4c:f5:f6:49:52:50:
89:91:53:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYf6MUOCm6keLO19py9gxRAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA4MDcwOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdhYjBiMjVjZGE4MzY5MGE1YTg2ZjBlZTljMzU4N2YwMGI2OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgraxks+uoma8R9gdUoByFxB7XKrm
KSoPeVBk7pJBOSpYyRBYPoJPAq1UL7mTjRsXN2l4GinCYv2MaqnKhCQyH3a9D/i0
BTv0it189KrgOuSMTdosDlUDmyxUuY5nYHvIV98fjJN6znhV45J6yeeEkR2BClnF
pXH3FkINKBudWLqIdc2BCMEPQ6/YGS3RD2FsudPiBamsiTXb0bdlis6B54rhBh7t
4jRuIzOmtoupzvwU0m+cmr15IDN4FaDNHDxH7XHwvKdOSvYMtcBMSd6GPZXhP2nU
PJWRQWGOY7+0JpAFzj6WAuuO2ZwybVoo7LR7ss8/+JHAI9LyYVIf/+85BwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP16sLJc2oNpClqG8O6cNYfwC2n4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX1hxd3NsemFnMmtLV29idzdwdzFoX0FMYWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACwd/uVJia29eCHnDcXJ
IF0HKxheKbRveDhDnFmZRTqr9LUVX4u3BKIl/plwzTAFe5ljkuVbC1gnBxAmhHtV
oMpijEZG64F5Mzo24lDvcVJ+CYPVpLqV1oRlF2COS8NvBv+x3e4vv07xSpsW8gv2
6HyTDOwtdifTh1AQM54rGSZApdobhaFeQcxAULvobBlp3Qmj1JQdMxMYebisTfbA
s9OJpO++DzLG5KySfG2LiNNWtBIFWtYp78Rdo2goB4hqPMJEsmhFNLW6iukA3M0c
12yTxHNQdIxwE8geznWt/DUayRZUVyDg2o02ebPwxWPzkL0ZJDfzcUz19klSUImR
UxU=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:10 2025 by rpki-client