Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xG5jyxY3xT3P2anbuLXCb-c_Kzk.roa
File: xG5jyxY3xT3P2anbuLXCb-c_Kzk.roa (raw, json)
Hash identifier: UOpLJlY+2UDCIlADVCeLGqPHmVgvy5Q8dI9Rn4FY/d0=
Subject key identifier: C4:6E:63:CB:16:37:C5:3D:CF:D9:A9:DB:B8:B5:C2:6F:E7:3F:2B:39
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186FEBC21B126CEFE4EC9DAA0F75AB9FFC2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xG5jyxY3xT3P2anbuLXCb-c_Kzk.roa
Signing time: Mon 20 Mar 2023 11:16:27 +0000
ROA not before: Mon 20 Mar 2023 11:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:bc:21:b1:26:ce:fe:4e:c9:da:a0:f7:5a:b9:ff:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 20 11:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c46e63cb1637c53dcfd9a9dbb8b5c26fe73f2b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:93:38:68:95:4b:ed:8d:04:51:1f:00:3b:
05:c5:90:8c:a6:33:9d:25:3e:ad:d8:9c:93:06:2a:
81:bb:9b:bf:9d:b0:6b:52:93:d2:77:99:2b:fb:7d:
b1:ab:2e:b6:4a:a4:c3:5d:f0:c8:a6:6e:2e:0e:20:
93:bd:bf:7a:88:ac:0f:37:ea:e5:28:c4:dd:b4:bb:
6c:a5:f8:f1:79:70:f7:d2:dd:8f:59:44:d1:03:61:
62:aa:31:27:9a:f2:1f:ed:22:00:25:8d:be:7e:56:
fa:99:2b:e6:83:08:cf:18:ea:25:30:58:28:9b:eb:
89:89:ac:36:f8:83:1d:d2:29:fa:8e:30:27:95:41:
3d:af:19:ee:22:ec:7c:d0:8d:49:2f:d1:45:e3:51:
29:2c:1c:48:90:92:11:f9:3e:52:ac:76:1f:67:3f:
76:61:2a:c2:59:47:02:71:27:47:15:9a:6a:48:60:
c0:a4:47:b4:4c:e0:69:11:d3:4c:29:94:e5:3e:58:
2d:38:04:ea:d6:91:8b:0c:ed:34:85:3f:be:2e:31:
62:56:70:bf:60:58:17:2f:bc:6c:b4:3e:af:69:54:
60:80:f9:76:35:45:7f:78:a3:29:3c:46:38:50:20:
a5:c5:86:64:68:c7:d5:c1:4b:bb:f2:16:da:1d:98:
0f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6E:63:CB:16:37:C5:3D:CF:D9:A9:DB:B8:B5:C2:6F:E7:3F:2B:39
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xG5jyxY3xT3P2anbuLXCb-c_Kzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:d3:e6:7a:95:e5:6e:90:1c:b9:bb:e3:5f:b4:04:9f:79:f6:
aa:b1:8a:05:02:5a:21:23:ad:38:9e:ed:c3:25:de:76:93:7f:
87:7a:74:d0:88:49:de:56:52:7e:84:f9:43:93:cc:5e:06:ed:
ff:2b:ed:79:69:bb:7f:ce:11:47:33:59:8a:35:25:71:1d:2e:
1d:89:91:66:90:80:dd:81:d0:71:0d:53:33:af:3f:a0:28:55:
7e:e7:79:f5:e7:85:8a:1b:e6:81:8f:d8:43:04:a7:50:dc:a8:
02:de:9f:99:22:8d:99:a4:43:b0:80:14:10:9b:25:47:43:70:
fa:96:a3:d9:6e:e7:38:6a:42:41:93:1b:ea:8b:f7:d4:f9:a1:
d8:3d:aa:ca:93:8b:04:0d:39:c0:c3:9d:3b:84:78:56:de:b8:
ad:f1:be:68:23:46:90:df:95:8e:2a:9c:7a:dd:42:dc:29:61:
79:99:84:52:b0:08:3e:b4:b0:89:21:95:91:33:73:a3:dd:54:
4f:fc:8b:26:3f:a2:10:14:d3:bf:56:e1:1b:67:31:9f:75:94:
47:ed:63:4d:e1:2c:06:da:af:29:c9:34:2c:eb:78:4e:bc:76:
83:6f:32:45:d6:93:4c:da:f9:c3:eb:c8:e9:01:f7:e8:11:21:
ac:59:93:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb+vCGxJs7+TsnaoPdauf/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIwMTExNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZlNjNjYjE2MzdjNTNkY2ZkOWE5ZGJiOGI1YzI2ZmU3M2YyYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7mTOGiVS+2NBFEfADsFxZCMpjOd
JT6t2JyTBiqBu5u/nbBrUpPSd5kr+32xqy62SqTDXfDIpm4uDiCTvb96iKwPN+rl
KMTdtLtspfjxeXD30t2PWUTRA2FiqjEnmvIf7SIAJY2+flb6mSvmgwjPGOolMFgo
m+uJiaw2+IMd0in6jjAnlUE9rxnuIux80I1JL9FF41EpLBxIkJIR+T5SrHYfZz92
YSrCWUcCcSdHFZpqSGDApEe0TOBpEdNMKZTlPlgtOATq1pGLDO00hT++LjFiVnC/
YFgXL7xstD6vaVRggPl2NUV/eKMpPEY4UCClxYZkaMfVwUu78hbaHZgPJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMRuY8sWN8U9z9mp27i1wm/nPys5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveEc1anl4WTN4VDNQMmFuYnVMWENiLWNfS3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIzT5nqV5W6QHLm741+0
BJ959qqxigUCWiEjrTie7cMl3naTf4d6dNCISd5WUn6E+UOTzF4G7f8r7Xlpu3/O
EUczWYo1JXEdLh2JkWaQgN2B0HENUzOvP6AoVX7nefXnhYob5oGP2EMEp1DcqALe
n5kijZmkQ7CAFBCbJUdDcPqWo9lu5zhqQkGTG+qL99T5odg9qsqTiwQNOcDDnTuE
eFbeuK3xvmgjRpDflY4qnHrdQtwpYXmZhFKwCD60sIkhlZEzc6PdVE/8iyY/ohAU
079W4RtnMZ91lEftY03hLAbarynJNCzreE68doNvMkXWk0za+cPryOkB9+gRIaxZ
k60=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:37:17 2025 by rpki-client