Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xCwCegzjVYapEAuOUOqaKHMaKfc.roa
File: xCwCegzjVYapEAuOUOqaKHMaKfc.roa (raw, json)
Hash identifier: 89jthju1d0G9KVnr0omCwriH0QUbS+PeBmF3FN468RM=
Subject key identifier: C4:2C:02:7A:0C:E3:55:86:A9:10:0B:8E:50:EA:9A:28:73:1A:29:F7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018964CFE0F82766E81177492701F51DDAC5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xCwCegzjVYapEAuOUOqaKHMaKfc.roa
Signing time: Mon 17 Jul 2023 17:04:52 +0000
ROA not before: Mon 17 Jul 2023 17:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:189:64cf:561e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:cf:e0:f8:27:66:e8:11:77:49:27:01:f5:1d:da:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 17 17:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c42c027a0ce35586a9100b8e50ea9a28731a29f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:60:80:96:27:86:cb:d7:70:41:b2:1a:2f:4a:
4e:06:96:98:4d:cc:e7:9f:99:0a:09:d8:63:25:5a:
76:4a:9a:65:19:14:eb:fc:9d:b2:f5:15:9a:a2:27:
a2:ae:a9:43:c2:1d:3d:10:1a:88:01:39:86:2a:bc:
b7:bd:82:cb:67:80:1a:2c:30:9b:d7:87:cf:bf:9b:
44:e2:2d:a2:7d:5e:fe:93:55:cf:73:2b:6c:19:e0:
3c:f1:a7:2d:4d:29:8f:19:99:b1:05:fa:43:e3:87:
91:ed:23:77:48:ef:18:85:4e:a8:fc:70:56:df:c6:
fc:c0:55:cb:5a:73:1b:5b:a3:3b:c8:51:7c:7f:5c:
f8:da:51:ff:92:d9:fb:12:4e:a3:04:24:bb:fe:e4:
d4:17:39:95:7b:bb:96:2a:b9:12:c7:2e:a7:57:71:
a9:48:a5:d3:ed:29:76:4f:02:ef:49:7f:45:91:a3:
7b:11:dd:74:10:3f:df:ab:a3:a8:c8:e0:1a:ca:e2:
3a:88:21:7a:fe:cf:b5:ef:0f:33:aa:83:5c:84:ae:
e1:a3:c0:53:9d:45:5f:63:52:75:1a:3a:f9:cd:90:
1e:ee:54:d2:60:dc:23:85:52:78:7e:da:56:7f:31:
5c:f6:ff:f0:be:a0:1d:1d:2a:d5:dc:a6:2d:ee:c4:
98:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2C:02:7A:0C:E3:55:86:A9:10:0B:8E:50:EA:9A:28:73:1A:29:F7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xCwCegzjVYapEAuOUOqaKHMaKfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:a3:7d:8e:38:56:3f:79:45:65:61:59:25:03:15:f9:10:0d:
21:4f:bd:2d:10:ac:9a:94:c1:85:6a:e0:07:7f:fb:0a:06:bc:
f9:c5:05:6a:0a:fd:df:6d:aa:0b:17:65:5e:6f:4f:f2:2e:44:
3a:16:66:a5:0b:77:a6:e4:c5:c0:d7:e8:a6:96:ba:a1:9c:9f:
16:46:75:73:d1:c8:21:55:21:6f:3e:1b:a9:6d:26:1f:fd:59:
fe:59:74:c2:ef:85:47:80:7d:01:09:bb:ed:a7:50:0d:1e:21:
cf:fe:41:a7:67:d3:b7:ce:a2:03:c6:89:eb:8b:b3:45:af:73:
d7:b1:c0:18:85:84:c0:5f:2b:cf:2a:e3:7d:fc:b7:f0:f8:a7:
fa:c4:b4:40:c0:a3:80:2d:e7:63:56:18:ac:6b:34:f3:47:8e:
43:56:83:1a:47:e4:ad:c6:c9:37:72:c4:1a:c1:e9:d0:bc:e9:
52:3c:09:da:51:50:4e:8c:af:80:d2:b8:96:0c:03:6c:a2:0d:
c0:55:ac:29:fb:7d:b1:39:9a:7c:4c:bd:1a:41:14:19:d8:4b:
cd:11:2d:04:16:b5:4a:a4:81:1c:0d:f0:9f:69:6f:1e:a7:a0:
49:c2:40:21:02:6c:27:2a:cb:b9:40:2a:bd:9c:ef:f7:37:8b:
bc:3c:c8:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlkz+D4J2boEXdJJwH1HdrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE3MTcwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJjMDI3YTBjZTM1NTg2YTkxMDBiOGU1MGVhOWEyODczMWEyOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWCAlieGy9dwQbIaL0pOBpaYTczn
n5kKCdhjJVp2SpplGRTr/J2y9RWaoieirqlDwh09EBqIATmGKry3vYLLZ4AaLDCb
14fPv5tE4i2ifV7+k1XPcytsGeA88actTSmPGZmxBfpD44eR7SN3SO8YhU6o/HBW
38b8wFXLWnMbW6M7yFF8f1z42lH/ktn7Ek6jBCS7/uTUFzmVe7uWKrkSxy6nV3Gp
SKXT7Sl2TwLvSX9FkaN7Ed10ED/fq6OoyOAayuI6iCF6/s+17w8zqoNchK7ho8BT
nUVfY1J1Gjr5zZAe7lTSYNwjhVJ4ftpWfzFc9v/wvqAdHSrV3KYt7sSYaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMQsAnoM41WGqRALjlDqmihzGin3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveEN3Q2VnempWWWFwRUF1T1VPcWFLSE1hS2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF6jfY44Vj95RWVhWSUD
FfkQDSFPvS0QrJqUwYVq4Ad/+woGvPnFBWoK/d9tqgsXZV5vT/IuRDoWZqULd6bk
xcDX6KaWuqGcnxZGdXPRyCFVIW8+G6ltJh/9Wf5ZdMLvhUeAfQEJu+2nUA0eIc/+
Qadn07fOogPGieuLs0Wvc9exwBiFhMBfK88q4338t/D4p/rEtEDAo4At52NWGKxr
NPNHjkNWgxpH5K3GyTdyxBrB6dC86VI8CdpRUE6Mr4DSuJYMA2yiDcBVrCn7fbE5
mnxMvRpBFBnYS80RLQQWtUqkgRwN8J9pbx6noEnCQCECbCcqy7lAKr2c7/c3i7w8
yO8=
-----END CERTIFICATE-----
Generated at Thu May 1 22:06:58 2025 by rpki-client