Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cxQmUcwinG1S_856RPU3UH7jCVU.roa
File: cxQmUcwinG1S_856RPU3UH7jCVU.roa (raw, json)
Hash identifier: fpE7MUhHnfSjVNDHA7XAPmeRNYraIFxfmRRNzO2gOns=
Subject key identifier: 73:14:26:51:CC:22:9C:6D:52:FF:CE:7A:44:F5:37:50:7E:E3:09:55
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018660FECFA4ECD2DC15708B85647FDCAC51
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cxQmUcwinG1S_856RPU3UH7jCVU.roa
Signing time: Fri 17 Feb 2023 20:09:17 +0000
ROA not before: Fri 17 Feb 2023 20:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:60:fe:cf:a4:ec:d2:dc:15:70:8b:85:64:7f:dc:ac:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 20:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73142651cc229c6d52ffce7a44f537507ee30955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:56:76:62:1b:2b:38:69:4b:fe:a8:81:ad:6f:
4b:38:9c:3f:41:e0:9b:d3:e5:e9:5f:3c:cb:c4:84:
8e:97:78:4a:a7:d3:97:d4:b3:c5:f7:1f:d2:54:80:
dd:f2:c6:d6:cd:9e:d8:88:30:8c:13:54:93:72:54:
02:5b:52:0f:5b:cc:96:28:8c:69:d0:0a:3a:be:f6:
33:a9:5a:87:ce:7e:e1:72:42:1a:01:96:59:a0:c6:
44:50:71:f5:d5:53:2f:73:2f:a2:95:ad:4c:7f:b8:
e2:ad:59:bc:13:9e:23:07:2e:ba:b3:c5:f6:f7:4a:
6f:b9:ee:99:67:86:b7:f3:d0:e8:9e:9d:b2:42:b1:
f6:04:c5:e4:76:a6:33:de:5c:03:32:61:42:a4:ca:
57:07:b5:f4:17:b4:dd:d7:50:de:d7:37:e7:6f:e9:
4d:7d:be:46:60:7d:7a:b2:1c:0a:45:97:15:5b:a0:
fa:b8:b1:53:eb:2f:53:67:ce:1d:73:aa:5c:fb:c1:
95:f2:6e:73:c6:9c:f1:4e:1e:2b:4f:3d:40:69:80:
09:a1:99:bc:33:cd:a7:33:a9:0e:ac:f0:da:54:cf:
a1:42:75:38:96:3f:19:0c:01:e6:60:9f:85:66:dd:
26:cd:bc:d3:98:7a:68:77:ce:c5:09:e8:67:74:3f:
b9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:14:26:51:CC:22:9C:6D:52:FF:CE:7A:44:F5:37:50:7E:E3:09:55
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cxQmUcwinG1S_856RPU3UH7jCVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:87:07:57:7d:69:fa:d5:1f:a3:d5:4c:b2:95:37:0c:86:68:
29:59:68:73:98:9c:c2:2e:1c:39:ba:83:52:cd:02:34:df:04:
fe:74:be:92:dd:f5:06:3f:ec:82:69:4a:da:db:a2:0c:d3:e5:
4e:ce:48:db:12:16:38:5b:9a:3f:1d:11:db:0f:05:58:ca:37:
b3:f6:6e:f3:a0:7c:8d:ea:24:0f:da:ac:0b:bd:d4:bc:14:04:
c0:d8:aa:a4:d0:11:db:f2:0f:fe:e6:ee:47:ce:5a:60:8f:7b:
b6:c2:31:0d:e9:c0:cf:98:3d:f3:c9:da:7b:c6:11:d8:30:b7:
98:3a:3e:f9:3d:6f:de:00:eb:28:28:45:f8:a0:5d:86:f7:01:
b0:61:77:f5:c1:bb:91:e5:5d:67:95:d7:f7:b3:43:73:47:4e:
d4:ee:4f:7b:4c:29:0d:d6:d1:98:83:b9:00:a7:65:c3:cf:6b:
8e:75:e4:86:fd:9b:51:bc:75:1e:ee:65:8a:20:d8:0b:ba:90:
f9:0d:f6:e1:f6:cb:80:20:77:e1:1c:18:1f:8d:f9:46:ac:d9:
fa:6c:c4:ff:de:9d:1b:c9:f6:0b:9a:37:93:03:fb:34:c1:6a:
08:80:4a:34:08:37:c6:a7:db:4a:96:24:91:3b:62:9f:e5:89:
92:64:1b:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZg/s+k7NLcFXCLhWR/3KxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE3MjAwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzE0MjY1MWNjMjI5YzZkNTJmZmNlN2E0NGY1Mzc1MDdlZTMwOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklZ2YhsrOGlL/qiBrW9LOJw/QeCb
0+XpXzzLxISOl3hKp9OX1LPF9x/SVIDd8sbWzZ7YiDCME1STclQCW1IPW8yWKIxp
0Ao6vvYzqVqHzn7hckIaAZZZoMZEUHH11VMvcy+ila1Mf7jirVm8E54jBy66s8X2
90pvue6ZZ4a389Donp2yQrH2BMXkdqYz3lwDMmFCpMpXB7X0F7Td11De1zfnb+lN
fb5GYH16shwKRZcVW6D6uLFT6y9TZ84dc6pc+8GV8m5zxpzxTh4rTz1AaYAJoZm8
M82nM6kOrPDaVM+hQnU4lj8ZDAHmYJ+FZt0mzbzTmHpod87FCehndD+5EQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHMUJlHMIpxtUv/OekT1N1B+4wlVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY3hRbVVjd2luRzFTXzg1NlJQVTNVSDdqQ1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFGHB1d9afrVH6PVTLKV
NwyGaClZaHOYnMIuHDm6g1LNAjTfBP50vpLd9QY/7IJpStrbogzT5U7OSNsSFjhb
mj8dEdsPBVjKN7P2bvOgfI3qJA/arAu91LwUBMDYqqTQEdvyD/7m7kfOWmCPe7bC
MQ3pwM+YPfPJ2nvGEdgwt5g6Pvk9b94A6ygoRfigXYb3AbBhd/XBu5HlXWeV1/ez
Q3NHTtTuT3tMKQ3W0ZiDuQCnZcPPa4515Ib9m1G8dR7uZYog2Au6kPkN9uH2y4Ag
d+EcGB+N+Uas2fpsxP/enRvJ9guaN5MD+zTBagiASjQIN8an20qWJJE7Yp/liZJk
Gz4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:37:19 2025 by rpki-client