Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xLOJCXRk51ircEtzYIwl0cicnn8.roa
File: xLOJCXRk51ircEtzYIwl0cicnn8.roa (raw, json)
Hash identifier: 2AM4AQGe0BBoibP9YIGM6CN0jhCJrsENPN6DWbL14yo=
Subject key identifier: C4:B3:89:09:74:64:E7:58:AB:70:4B:73:60:8C:25:D1:C8:9C:9E:7F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018688E46544AC79A95C1E8ED4A98B7EDFA8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xLOJCXRk51ircEtzYIwl0cicnn8.roa
Signing time: Sat 25 Feb 2023 14:05:14 +0000
ROA not before: Sat 25 Feb 2023 14:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:88e3:a200/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:88:e4:65:44:ac:79:a9:5c:1e:8e:d4:a9:8b:7e:df:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 14:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4b389097464e758ab704b73608c25d1c89c9e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:32:d5:c6:44:34:f0:73:34:7f:40:e3:7a:e3:
36:fc:01:59:a5:94:22:d7:dc:b3:ea:64:f3:47:e4:
91:2b:15:e5:a9:d5:6e:bb:86:1b:c0:e6:ab:03:5c:
e1:9a:85:6c:26:67:8d:d5:cf:73:de:3d:28:d9:ac:
08:1a:c6:5d:4e:9b:9f:60:b0:bc:22:97:65:7b:44:
17:59:5c:21:54:5d:22:b6:c0:18:87:a7:35:2a:96:
25:63:7d:6b:3a:73:6e:71:c5:28:02:5d:85:c7:05:
a6:29:e1:35:f4:3d:96:51:83:c0:6c:f3:14:b6:98:
32:7b:7f:6f:54:9a:f6:36:06:67:99:3d:6e:7c:83:
5c:a3:3e:0f:a8:f8:4e:aa:48:9c:af:84:09:60:38:
25:86:fc:e0:30:fe:c5:9d:9b:86:ee:21:fe:b5:49:
40:50:db:69:3e:82:d8:b4:cf:a0:fc:bc:49:bc:5a:
53:0c:91:35:f0:ec:ed:9f:7e:96:89:8a:0a:5f:1e:
09:18:2f:83:6c:12:8d:20:ed:1e:3a:5e:3d:ad:e4:
84:a5:cb:9e:9c:a1:68:c4:93:90:97:cb:91:55:cc:
d1:88:d1:b4:4b:1c:d8:20:82:5a:52:56:c3:35:b7:
07:5e:24:f0:67:f1:84:17:cd:1e:bd:47:76:30:59:
70:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B3:89:09:74:64:E7:58:AB:70:4B:73:60:8C:25:D1:C8:9C:9E:7F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xLOJCXRk51ircEtzYIwl0cicnn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:c7:93:07:bb:a0:5a:b0:f9:e9:36:1f:26:4c:9f:e9:28:f2:
88:a6:29:8f:78:30:26:83:4c:23:82:14:48:f9:a4:b6:5a:ad:
59:2a:e5:ea:80:dc:1d:21:35:80:12:c4:96:3f:30:6b:df:6e:
61:5f:6c:cf:f6:fa:d3:10:2f:ce:4f:20:ab:9a:e4:d1:21:9c:
eb:ff:82:da:1e:86:1b:8d:27:2c:03:22:c7:47:83:e7:62:e2:
5b:2b:0c:e4:9c:28:88:31:68:00:00:4e:6d:67:e8:ab:00:c2:
49:97:97:7c:c6:f6:b5:56:4c:d5:b7:d1:8b:cc:60:48:cb:52:
a2:77:af:75:40:ee:60:f6:f7:ee:6b:1c:07:65:33:2d:1b:06:
83:4e:6f:43:5d:71:e2:02:a1:e7:0b:09:c1:46:d6:b3:58:34:
d9:84:34:61:d0:35:92:73:bf:fa:4f:fe:08:fb:1e:6c:09:6f:
ec:be:9f:95:13:09:73:e7:fc:08:d8:36:06:df:5a:fa:64:13:
d9:74:c0:7d:72:13:48:79:a8:c7:a3:77:53:93:14:c9:4a:9b:
96:6f:71:cb:0a:b1:61:a7:78:23:5d:fc:32:14:ea:ea:15:1b:
a2:02:d9:50:8b:4d:e7:f6:fe:3e:c4:86:dd:49:10:32:c1:43:
16:f5:0f:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaI5GVErHmpXB6O1KmLft+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTQwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGIzODkwOTc0NjRlNzU4YWI3MDRiNzM2MDhjMjVkMWM4OWM5ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDLVxkQ08HM0f0DjeuM2/AFZpZQi
19yz6mTzR+SRKxXlqdVuu4YbwOarA1zhmoVsJmeN1c9z3j0o2awIGsZdTpufYLC8
Ipdle0QXWVwhVF0itsAYh6c1KpYlY31rOnNuccUoAl2FxwWmKeE19D2WUYPAbPMU
tpgye39vVJr2NgZnmT1ufINcoz4PqPhOqkicr4QJYDglhvzgMP7FnZuG7iH+tUlA
UNtpPoLYtM+g/LxJvFpTDJE18Oztn36WiYoKXx4JGC+DbBKNIO0eOl49reSEpcue
nKFoxJOQl8uRVczRiNG0SxzYIIJaUlbDNbcHXiTwZ/GEF80evUd2MFlw6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMSziQl0ZOdYq3BLc2CMJdHInJ5/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveExPSkNYUms1MWlyY0V0ellJd2wwY2ljbm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGfHkwe7oFqw+ek2HyZM
n+ko8oimKY94MCaDTCOCFEj5pLZarVkq5eqA3B0hNYASxJY/MGvfbmFfbM/2+tMQ
L85PIKua5NEhnOv/gtoehhuNJywDIsdHg+di4lsrDOScKIgxaAAATm1n6KsAwkmX
l3zG9rVWTNW30YvMYEjLUqJ3r3VA7mD29+5rHAdlMy0bBoNOb0NdceICoecLCcFG
1rNYNNmENGHQNZJzv/pP/gj7HmwJb+y+n5UTCXPn/AjYNgbfWvpkE9l0wH1yE0h5
qMejd1OTFMlKm5ZvccsKsWGneCNd/DIU6uoVG6IC2VCLTef2/j7Eht1JEDLBQxb1
D7E=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:45:34 2025 by rpki-client