Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xKP9yUKTjeMHbjVhyHN8--07NmA.roa
File: xKP9yUKTjeMHbjVhyHN8--07NmA.roa (raw, json)
Hash identifier: jgGG4dTe7TRo3ujfdxyQX9W7+7ne7bGOVLsFaGFfcJU=
Subject key identifier: C4:A3:FD:C9:42:93:8D:E3:07:6E:35:61:C8:73:7C:FB:ED:3B:36:60
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E422116659B636D8C7EA69DDDFB99CAF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xKP9yUKTjeMHbjVhyHN8--07NmA.roa
Signing time: Mon 05 Dec 2022 21:12:28 +0000
ROA not before: Mon 05 Dec 2022 21:12:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e4:22:11:66:59:b6:36:d8:c7:ea:69:dd:df:b9:9c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 5 21:12:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4a3fdc942938de3076e3561c8737cfbed3b3660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:28:fb:57:50:39:4c:6e:c3:48:cd:cb:0e:
9a:90:f8:fc:15:a1:eb:3d:ef:0b:48:e6:7e:3d:e0:
7c:80:a9:38:2a:33:be:5f:a1:38:84:cb:0b:ca:5a:
95:34:03:ba:96:dd:5e:43:8b:6a:5d:d2:22:c4:ad:
01:52:5a:cb:b9:12:0e:62:0e:39:45:71:01:75:ce:
b0:8a:13:90:cc:42:81:5b:75:61:4d:6e:e4:e2:ff:
6d:79:57:d8:5d:22:43:d0:e5:3f:0b:60:8f:80:b8:
10:57:db:6a:ff:6e:d0:1f:fe:41:1e:41:10:bc:d8:
8d:50:05:e1:94:6d:db:0f:3b:87:97:f8:e5:cf:2c:
47:ab:43:b5:f8:e4:8a:dc:5b:fa:5e:19:ff:1d:2d:
2a:b1:fb:5d:2f:c4:b0:e4:fb:08:cf:fa:42:b2:4a:
d2:4f:7b:c4:99:31:2f:69:4a:82:ee:10:4a:98:68:
f3:7d:ba:5b:06:3f:a8:e5:a2:35:0e:d5:48:7e:4d:
73:22:ef:55:a8:fa:74:f6:72:15:95:b8:27:5f:58:
fb:9a:0f:42:da:63:14:64:b8:3b:72:14:f3:3e:da:
ea:81:6f:18:95:61:83:bf:fe:17:d2:c2:7b:27:64:
a8:52:ac:d1:aa:c4:43:38:6d:4b:09:34:c2:e7:80:
d1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A3:FD:C9:42:93:8D:E3:07:6E:35:61:C8:73:7C:FB:ED:3B:36:60
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xKP9yUKTjeMHbjVhyHN8--07NmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:e4:1b:19:b7:87:5c:39:31:ed:5b:98:17:b9:3d:11:95:e2:
d7:9a:25:02:d4:49:f9:c8:90:85:33:5f:8e:5d:2e:e7:83:72:
66:b4:93:49:c1:80:3e:8c:4d:33:64:09:1a:e5:28:e3:ab:70:
81:de:75:0b:51:3f:f6:9c:94:8e:30:00:3e:35:1a:f1:69:7c:
e2:00:a6:1f:40:2d:e3:d5:70:84:c6:e5:26:1c:68:2e:39:cc:
5b:8b:16:75:63:44:4b:25:91:ee:b7:48:3d:4b:48:66:9e:d7:
64:7f:5f:bd:72:c2:2a:7a:f4:d9:27:11:38:ae:87:50:9b:b2:
21:d1:d5:d5:f9:3b:56:bf:5e:75:07:49:59:01:36:66:67:b5:
6a:b2:d1:21:89:f2:e0:48:8e:36:0d:9c:77:f1:ca:a8:43:8c:
2b:d4:d2:eb:e0:ff:d9:90:a4:e7:9a:c4:e5:48:b9:1a:bd:ce:
57:90:71:0b:a5:9f:35:8b:2a:c2:3b:69:0c:fe:84:11:b7:ef:
82:c6:04:c1:d9:06:4d:cc:00:4f:32:13:ff:e2:f1:7b:4d:0b:
84:0d:45:a2:b2:8b:16:df:45:fe:26:ef:9a:3e:36:30:7d:7e:
ac:3b:59:e8:80:4b:55:9a:ab:93:03:15:9f:db:b6:31:e8:4c:
40:76:89:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTkIhFmWbY22Mfqad3fuZyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA1MjExMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGEzZmRjOTQyOTM4ZGUzMDc2ZTM1NjFjODczN2NmYmVkM2IzNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU4o+1dQOUxuw0jNyw6akPj8FaHr
Pe8LSOZ+PeB8gKk4KjO+X6E4hMsLylqVNAO6lt1eQ4tqXdIixK0BUlrLuRIOYg45
RXEBdc6wihOQzEKBW3VhTW7k4v9teVfYXSJD0OU/C2CPgLgQV9tq/27QH/5BHkEQ
vNiNUAXhlG3bDzuHl/jlzyxHq0O1+OSK3Fv6Xhn/HS0qsftdL8Sw5PsIz/pCskrS
T3vEmTEvaUqC7hBKmGjzfbpbBj+o5aI1DtVIfk1zIu9VqPp09nIVlbgnX1j7mg9C
2mMUZLg7chTzPtrqgW8YlWGDv/4X0sJ7J2SoUqzRqsRDOG1LCTTC54DRoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMSj/clCk43jB241YchzfPvtOzZgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveEtQOXlVS1RqZU1IYmpWaHlITjgtLTA3Tm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABDkGxm3h1w5Me1bmBe5
PRGV4teaJQLUSfnIkIUzX45dLueDcma0k0nBgD6MTTNkCRrlKOOrcIHedQtRP/ac
lI4wAD41GvFpfOIAph9ALePVcITG5SYcaC45zFuLFnVjREslke63SD1LSGae12R/
X71ywip69NknETiuh1CbsiHR1dX5O1a/XnUHSVkBNmZntWqy0SGJ8uBIjjYNnHfx
yqhDjCvU0uvg/9mQpOeaxOVIuRq9zleQcQulnzWLKsI7aQz+hBG374LGBMHZBk3M
AE8yE//i8XtNC4QNRaKyixbfRf4m75o+NjB9fqw7WeiAS1Waq5MDFZ/btjHoTEB2
iUY=
-----END CERTIFICATE-----
Generated at Thu May 1 15:19:21 2025 by rpki-client