Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xXlDHvTmd4jAWNureidVVwm-AvY.roa
File: xXlDHvTmd4jAWNureidVVwm-AvY.roa (raw, json)
Hash identifier: 2f/gM2pn1bkAFpxVyyE/EzmG4589qT6kdmz5I3hmF1M=
Subject key identifier: C5:79:43:1E:F4:E6:77:88:C0:58:DB:AB:7A:27:55:57:09:BE:02:F6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E2953C063E6184A56675C690FAA4A6CB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xXlDHvTmd4jAWNureidVVwm-AvY.roa
Signing time: Fri 11 Aug 2023 03:12:58 +0000
ROA not before: Fri 11 Aug 2023 03:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e2:95:3c:06:3e:61:84:a5:66:75:c6:90:fa:a4:a6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 03:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c579431ef4e67788c058dbab7a27555709be02f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4e:b8:c2:be:a5:ec:1d:96:f1:e9:6a:36:21:
60:c6:87:e1:73:1b:bf:8e:dd:87:4e:7b:53:f7:1f:
74:4e:61:eb:6c:11:8f:7a:9f:af:33:f0:db:28:a6:
f8:91:c4:e2:3b:4c:4b:4a:aa:ba:09:5f:26:72:5a:
15:d3:07:36:05:05:db:3c:84:14:38:ef:4d:21:86:
3e:95:0d:17:b9:b6:9d:a8:ee:5d:44:dc:49:c5:ac:
3a:16:72:79:17:a1:c5:1b:60:7b:6f:a5:cd:8e:0c:
f8:36:3f:db:5d:fa:9d:a1:73:91:2f:c6:ad:49:89:
63:14:42:52:a7:c4:fa:1c:0b:15:ed:4b:8c:8a:b4:
46:e2:ba:f0:5c:6c:d4:46:fa:ce:c5:19:ef:ab:2a:
6c:9d:92:62:00:0f:c8:94:b8:e3:bf:ff:b9:29:61:
24:03:ac:48:f7:50:e5:33:57:a5:05:76:48:b9:c3:
71:fb:4e:2b:36:05:fa:c1:5e:eb:93:79:c3:63:14:
5e:7c:8f:32:5d:5c:a2:c5:da:c3:2f:c6:13:0c:ab:
9c:f4:6f:66:14:2f:8e:ee:5a:84:bd:e6:44:b1:15:
50:06:d8:f2:a1:6c:8a:14:10:e6:74:4e:b2:2d:9d:
53:1d:69:fe:e7:73:23:ed:10:b7:4a:09:a8:9f:0f:
d9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:79:43:1E:F4:E6:77:88:C0:58:DB:AB:7A:27:55:57:09:BE:02:F6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xXlDHvTmd4jAWNureidVVwm-AvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:a3:45:f2:96:20:7b:cb:cc:c9:bb:97:7d:a2:df:40:65:f4:
51:af:88:88:19:39:58:53:9c:48:ef:6d:c2:c3:71:65:33:c3:
5e:90:77:a2:ef:d9:79:16:90:34:87:23:d9:97:f2:ec:41:ef:
14:a7:28:49:1f:76:73:e3:cd:7e:7f:12:fa:8e:cf:5e:e7:13:
de:34:a9:84:f9:07:6d:f2:16:3d:52:81:e2:7d:4e:5e:f8:c4:
84:a2:94:f7:ab:b8:f9:dc:59:25:fc:a7:8a:b5:87:9f:1d:a8:
e3:55:7a:33:82:f8:0b:b2:e7:ab:e4:0e:3e:f2:f1:78:ed:c0:
bd:de:7f:9c:e3:ee:f4:fe:35:8c:bd:19:bf:0e:36:d4:53:07:
c4:50:ff:83:7a:07:d4:18:af:d7:d4:41:69:23:b7:d8:1c:5f:
a0:17:ee:8f:93:c3:ba:d0:d9:45:d9:64:af:cc:9c:83:52:2c:
b1:0a:66:f0:a2:80:e9:1c:c3:0c:f4:8e:49:11:3f:d3:a0:09:
9c:61:5f:e0:b1:ce:87:29:14:f4:a2:c4:15:e9:f1:a7:20:bf:
84:f2:70:99:c4:ba:ca:1e:dd:41:36:f0:31:96:57:85:77:7d:
c4:fa:bc:0a:ca:fe:7f:44:2e:82:90:de:cf:b6:23:fc:61:78:
59:34:26:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnilTwGPmGEpWZ1xpD6pKbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMDMxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc5NDMxZWY0ZTY3Nzg4YzA1OGRiYWI3YTI3NTU1NzA5YmUwMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm064wr6l7B2W8elqNiFgxofhcxu/
jt2HTntT9x90TmHrbBGPep+vM/DbKKb4kcTiO0xLSqq6CV8mcloV0wc2BQXbPIQU
OO9NIYY+lQ0XubadqO5dRNxJxaw6FnJ5F6HFG2B7b6XNjgz4Nj/bXfqdoXORL8at
SYljFEJSp8T6HAsV7UuMirRG4rrwXGzURvrOxRnvqypsnZJiAA/IlLjjv/+5KWEk
A6xI91DlM1elBXZIucNx+04rNgX6wV7rk3nDYxRefI8yXVyixdrDL8YTDKuc9G9m
FC+O7lqEveZEsRVQBtjyoWyKFBDmdE6yLZ1THWn+53Mj7RC3Sgmonw/ZZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMV5Qx705neIwFjbq3onVVcJvgL2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveFhsREh2VG1kNGpBV051cmVpZFZWd20tQXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE6jRfKWIHvLzMm7l32i
30Bl9FGviIgZOVhTnEjvbcLDcWUzw16Qd6Lv2XkWkDSHI9mX8uxB7xSnKEkfdnPj
zX5/EvqOz17nE940qYT5B23yFj1SgeJ9Tl74xISilPeruPncWSX8p4q1h58dqONV
ejOC+Auy56vkDj7y8XjtwL3ef5zj7vT+NYy9Gb8ONtRTB8RQ/4N6B9QYr9fUQWkj
t9gcX6AX7o+Tw7rQ2UXZZK/MnINSLLEKZvCigOkcwwz0jkkRP9OgCZxhX+Cxzocp
FPSixBXp8acgv4TycJnEusoe3UE28DGWV4V3fcT6vArK/n9ELoKQ3s+2I/xheFk0
Jik=
-----END CERTIFICATE-----
Generated at Thu May 1 08:02:11 2025 by rpki-client