
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xAldWglqvoKp09Xl22bUOgOzW84.roa
File: xAldWglqvoKp09Xl22bUOgOzW84.roa (raw, json)
Hash identifier: qOZlm8YDcxUaRM9jEsZOX+G/8mc47Pjz9dnS7G0dslg=
Subject key identifier: C4:09:5D:5A:09:6A:BE:82:A9:D3:D5:E5:DB:66:D4:3A:03:B3:5B:CE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01889B8EE0DFE87708C8946CDA5634821F58
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xAldWglqvoKp09Xl22bUOgOzW84.roa
Signing time: Thu 08 Jun 2023 15:10:12 +0000
ROA not before: Thu 08 Jun 2023 15:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9b:8e:e0:df:e8:77:08:c8:94:6c:da:56:34:82:1f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 8 15:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4095d5a096abe82a9d3d5e5db66d43a03b35bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:08:f8:9a:ec:02:db:09:c1:f2:df:40:39:08:
ec:de:d7:7f:d3:52:39:6b:f8:76:75:26:9d:8e:85:
c6:86:3a:77:90:e8:d4:58:b9:f1:46:86:67:4e:69:
4b:6c:5f:52:af:a6:dd:86:bc:16:77:66:60:d2:16:
c4:8a:60:90:b4:c4:74:d5:96:e1:3c:de:0e:7c:cb:
0e:fb:da:75:7f:46:e9:9b:62:45:5e:3e:f5:2e:1c:
e3:e1:8f:2a:40:6e:80:55:60:d5:99:a0:ec:ca:67:
55:e8:ad:ef:7d:4e:7a:02:d7:bb:35:24:59:31:58:
e9:ab:82:3b:fa:3c:29:8c:07:01:5f:ac:cd:b1:0f:
58:66:82:69:aa:d1:a9:e4:60:63:3d:9f:75:c8:86:
bc:43:2c:ad:11:21:13:f6:f2:d5:76:33:6d:31:81:
8e:2f:01:d0:b4:e2:36:4b:cc:45:88:c0:90:e1:9a:
be:d4:80:e8:2e:2f:81:61:68:c3:0a:cb:e3:cc:f5:
f9:17:f3:79:dc:7b:49:34:7f:67:e5:55:20:26:ac:
04:8b:b0:9e:9e:56:c3:0d:24:8a:13:bd:7b:97:03:
a8:47:b9:23:31:0e:f3:12:07:37:c1:af:44:fb:dd:
4f:ee:d1:79:9f:c5:36:99:ba:ff:d7:e0:48:6f:37:
df:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:09:5D:5A:09:6A:BE:82:A9:D3:D5:E5:DB:66:D4:3A:03:B3:5B:CE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xAldWglqvoKp09Xl22bUOgOzW84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:86:cf:bd:a9:f6:8f:39:cb:20:2c:dc:ea:a0:b3:59:39:5d:
c6:70:99:e9:24:62:20:83:05:6d:a3:4f:bc:4d:81:5a:d7:af:
54:bf:00:01:6d:96:16:2f:68:00:ae:40:df:b7:56:44:9d:ea:
ce:ae:a5:1a:55:e5:af:e2:b6:a3:7c:1a:20:73:65:f5:a4:15:
90:d7:f1:c2:ac:a2:a2:12:6c:e9:92:bd:f3:f4:87:59:29:e9:
70:2e:04:69:e3:2c:91:0d:69:49:6d:dc:26:5d:da:b6:0c:2c:
f6:61:73:e4:6e:6d:75:ae:82:7c:f7:76:4e:d0:dd:60:4a:f3:
cf:b7:51:5f:99:0b:6e:f8:d3:9d:1c:f7:3a:13:8e:88:5e:78:
ef:a8:51:da:18:d1:17:ca:50:25:7b:40:05:1c:d2:0d:ce:91:
9b:36:bc:b2:41:47:58:d4:73:1b:55:ee:0c:a8:c9:6b:34:63:
ad:c1:1f:8a:6f:2f:7a:31:73:50:ed:e0:49:35:f4:d9:90:2e:
65:c5:c0:76:e5:f0:88:40:37:9d:3f:cd:f0:0f:2c:df:8d:5f:
c2:f0:89:9b:d6:dc:d1:f4:a4:a7:65:88:73:ef:b0:c6:be:c8:
db:99:59:cd:06:fa:62:cd:4d:3d:e7:8a:a3:fc:e8:a1:df:56:
ee:c0:62:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYibjuDf6HcIyJRs2lY0gh9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA4MTUxMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA5NWQ1YTA5NmFiZTgyYTlkM2Q1ZTVkYjY2ZDQzYTAzYjM1YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgj4muwC2wnB8t9AOQjs3td/01I5
a/h2dSadjoXGhjp3kOjUWLnxRoZnTmlLbF9Sr6bdhrwWd2Zg0hbEimCQtMR01Zbh
PN4OfMsO+9p1f0bpm2JFXj71Lhzj4Y8qQG6AVWDVmaDsymdV6K3vfU56Ate7NSRZ
MVjpq4I7+jwpjAcBX6zNsQ9YZoJpqtGp5GBjPZ91yIa8QyytESET9vLVdjNtMYGO
LwHQtOI2S8xFiMCQ4Zq+1IDoLi+BYWjDCsvjzPX5F/N53HtJNH9n5VUgJqwEi7Ce
nlbDDSSKE717lwOoR7kjMQ7zEgc3wa9E+91P7tF5n8U2mbr/1+BIbzffJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMQJXVoJar6CqdPV5dtm1DoDs1vOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveEFsZFdnbHF2b0twMDlYbDIyYlVPZ096Vzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH6Gz72p9o85yyAs3Oqg
s1k5XcZwmekkYiCDBW2jT7xNgVrXr1S/AAFtlhYvaACuQN+3VkSd6s6upRpV5a/i
tqN8GiBzZfWkFZDX8cKsoqISbOmSvfP0h1kp6XAuBGnjLJENaUlt3CZd2rYMLPZh
c+RubXWugnz3dk7Q3WBK88+3UV+ZC274050c9zoTjoheeO+oUdoY0RfKUCV7QAUc
0g3OkZs2vLJBR1jUcxtV7gyoyWs0Y63BH4pvL3oxc1Dt4Ek19NmQLmXFwHbl8IhA
N50/zfAPLN+NX8LwiZvW3NH0pKdliHPvsMa+yNuZWc0G+mLNTT3niqP86KHfVu7A
YhM=
-----END CERTIFICATE-----
Generated at Fri May 2 10:45:19 2025 by rpki-client