Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x2Rc-XcdjnMrgw81A_GwIcvMCac.roa
File: x2Rc-XcdjnMrgw81A_GwIcvMCac.roa (raw, json)
Hash identifier: HO0AtM51CMILCEZQvOG6+JmDbNfKSwxDxKhcQrdnpiw=
Subject key identifier: C7:64:5C:F9:77:1D:8E:73:2B:83:0F:35:03:F1:B0:21:CB:CC:09:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018697E8DCA06385911B0D09D8D4648AABDA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x2Rc-XcdjnMrgw81A_GwIcvMCac.roa
Signing time: Tue 28 Feb 2023 12:04:25 +0000
ROA not before: Tue 28 Feb 2023 12:04:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:97e8:c632/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:e8:dc:a0:63:85:91:1b:0d:09:d8:d4:64:8a:ab:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 12:04:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7645cf9771d8e732b830f3503f1b021cbcc09a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:cf:c0:ba:dd:f2:5c:dd:c4:48:f8:0b:b8:
c7:3e:49:d9:6f:4d:e5:f1:e3:8d:0e:71:61:20:fb:
87:af:20:9a:1d:68:8b:76:c3:46:37:81:98:35:86:
87:05:1c:09:24:2e:2e:0a:8f:5a:32:42:42:e7:3b:
47:d2:dc:04:1c:92:52:a4:16:c8:68:ce:8c:e0:c9:
d6:f7:1f:90:98:10:6d:aa:dd:b2:99:eb:ef:20:93:
f2:ff:e4:fa:31:6a:5b:1e:90:4b:14:63:e1:68:da:
16:db:e9:f0:b5:2e:d2:85:ae:83:b3:7a:b6:9e:e4:
27:cd:02:9d:28:aa:db:f0:49:27:92:62:17:75:b5:
86:ae:55:d0:f2:b7:7f:da:83:fa:01:ec:1d:f9:6a:
47:e2:7e:65:fe:31:00:91:a4:81:d0:93:83:ff:9b:
a5:e1:24:76:ac:eb:ab:4c:d6:21:c4:7c:7c:fe:b7:
16:6c:d2:fb:8a:6f:4c:5e:74:68:9f:0f:19:0e:5e:
b4:32:9d:a5:22:78:9d:b6:47:08:01:08:3a:87:80:
1a:3a:2b:8d:fe:99:ca:90:44:7b:38:e6:5f:9a:50:
52:9a:24:ca:58:48:3e:25:16:86:12:0f:10:de:19:
9f:2b:bf:fb:98:ca:c9:cd:c9:9e:f1:31:62:69:33:
7e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:64:5C:F9:77:1D:8E:73:2B:83:0F:35:03:F1:B0:21:CB:CC:09:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x2Rc-XcdjnMrgw81A_GwIcvMCac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:1f:6a:bc:24:01:2f:37:c6:ff:04:b8:cb:45:66:fa:a5:c3:
bb:75:05:46:a2:b4:5a:ee:27:f0:6f:28:f2:ba:f6:c3:11:43:
f3:56:c5:0a:80:eb:02:4e:52:72:2e:85:43:57:0c:81:74:c9:
77:61:f2:a4:df:cc:d6:5d:15:bb:ef:e2:4a:93:6c:2e:cc:b1:
e2:ca:c3:c3:1a:cb:01:96:5a:87:d6:00:91:b0:67:34:0a:41:
6f:60:a9:b3:64:5f:01:41:fc:1a:c8:ca:86:ac:56:0f:7f:99:
b3:8f:42:31:58:65:56:df:34:19:11:f4:aa:da:16:70:92:95:
b6:2f:38:b7:88:f0:50:c3:c1:75:b5:9f:b9:fa:56:ec:6d:5f:
ac:f9:51:f5:ed:db:fc:37:99:6a:9a:02:f0:57:ba:8a:7e:fd:
33:a2:99:e9:22:be:a5:b7:39:2c:bb:70:d1:e3:71:ba:0c:77:
4a:ca:e2:44:18:6c:4c:26:5d:81:95:b8:aa:c6:dc:31:81:20:
4d:24:7e:7b:fc:3f:0a:06:67:96:d9:ed:87:9d:14:fb:d1:76:
f4:ee:99:94:a5:e4:60:32:01:b1:59:36:15:9a:62:d9:12:63:
3e:b7:2b:a2:36:c7:ad:9f:4e:39:fd:cf:67:8d:45:c1:82:04:
27:38:e8:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaX6NygY4WRGw0J2NRkiqvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MTIwNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzY0NWNmOTc3MWQ4ZTczMmI4MzBmMzUwM2YxYjAyMWNiY2MwOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslvPwLrd8lzdxEj4C7jHPknZb03l
8eONDnFhIPuHryCaHWiLdsNGN4GYNYaHBRwJJC4uCo9aMkJC5ztH0twEHJJSpBbI
aM6M4MnW9x+QmBBtqt2ymevvIJPy/+T6MWpbHpBLFGPhaNoW2+nwtS7Sha6Ds3q2
nuQnzQKdKKrb8EknkmIXdbWGrlXQ8rd/2oP6Aewd+WpH4n5l/jEAkaSB0JOD/5ul
4SR2rOurTNYhxHx8/rcWbNL7im9MXnRonw8ZDl60Mp2lInidtkcIAQg6h4AaOiuN
/pnKkER7OOZfmlBSmiTKWEg+JRaGEg8Q3hmfK7/7mMrJzcme8TFiaTN+qwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMdkXPl3HY5zK4MPNQPxsCHLzAmnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveDJSYy1YY2Rqbk1yZ3c4MUFfR3dJY3ZNQ2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ4farwkAS83xv8EuMtF
Zvqlw7t1BUaitFruJ/BvKPK69sMRQ/NWxQqA6wJOUnIuhUNXDIF0yXdh8qTfzNZd
Fbvv4kqTbC7MseLKw8MaywGWWofWAJGwZzQKQW9gqbNkXwFB/BrIyoasVg9/mbOP
QjFYZVbfNBkR9KraFnCSlbYvOLeI8FDDwXW1n7n6VuxtX6z5UfXt2/w3mWqaAvBX
uop+/TOimekivqW3OSy7cNHjcboMd0rK4kQYbEwmXYGVuKrG3DGBIE0kfnv8PwoG
Z5bZ7YedFPvRdvTumZSl5GAyAbFZNhWaYtkSYz63K6I2x62fTjn9z2eNRcGCBCc4
6B8=
-----END CERTIFICATE-----
Generated at Fri May 2 21:10:40 2025 by rpki-client