Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xYRIdbqa0aOFMQypjPpmMRLLJAk.roa
File: xYRIdbqa0aOFMQypjPpmMRLLJAk.roa (raw, json)
Hash identifier: fX38z0tAqIdiVryQ8Z5SPOLkLg5fv0nRGPtX8MwB13s=
Subject key identifier: C5:84:48:75:BA:9A:D1:A3:85:31:0C:A9:8C:FA:66:31:12:CB:24:09
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7AA589FF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xYRIdbqa0aOFMQypjPpmMRLLJAk.roa
Signing time: Tue 12 Apr 2022 09:10:56 +0000
ROA not before: Tue 12 Apr 2022 09:10:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2057669119 (0x7aa589ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 12 09:10:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5844875ba9ad1a385310ca98cfa663112cb2409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:72:f6:f4:02:c3:11:14:3c:2f:73:89:b6:
77:b9:c5:31:62:61:0d:17:b3:68:91:a3:22:6c:df:
92:16:c2:34:ee:e7:23:c8:aa:52:48:8e:39:38:2f:
b1:e5:16:8a:53:6f:19:9b:74:b3:e4:fd:8e:58:dd:
b2:05:7c:cc:a7:77:49:ed:98:43:b3:bd:be:86:ec:
e2:a4:f0:a5:1a:44:ec:ea:5e:79:d4:69:17:31:c4:
1b:60:74:2b:d3:41:20:0f:df:2f:c1:18:bd:1e:c2:
fd:a1:3c:f9:f7:0e:11:f7:a6:00:3a:35:f9:e7:db:
28:45:97:f6:5c:84:00:41:b5:b0:ca:41:8d:19:f9:
13:41:48:64:2e:7c:a6:1d:1b:3b:3f:c9:ae:1f:b8:
2e:53:dd:2c:36:e2:21:81:de:5a:4a:f2:63:fd:91:
70:0d:e7:31:98:00:b8:d9:3e:1b:84:0f:0a:0f:9a:
8b:67:c2:85:9f:0b:fd:d5:41:70:91:76:b8:00:c5:
34:91:11:b7:6a:76:37:e9:92:a2:81:70:44:69:66:
09:67:4c:bf:3b:73:b4:d2:59:99:65:6d:0f:c9:0a:
f9:ea:fd:69:50:75:f8:ef:ae:12:d1:db:ad:dd:a1:
63:25:79:8c:47:6e:f1:d5:1f:21:d8:e4:49:a6:9b:
78:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:84:48:75:BA:9A:D1:A3:85:31:0C:A9:8C:FA:66:31:12:CB:24:09
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xYRIdbqa0aOFMQypjPpmMRLLJAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:18:18:d1:3e:59:a0:4d:a9:77:ef:5b:07:9f:57:f7:60:eb:
72:35:c2:fa:5e:00:37:ca:19:13:44:19:4f:13:04:63:c5:4f:
f5:48:b9:80:ca:4c:c8:59:61:15:1e:03:52:b8:15:b0:cb:aa:
ff:29:90:42:98:0a:92:3e:83:7a:93:8f:c3:b4:2a:cb:0d:a1:
1f:85:1c:18:54:6c:13:6c:ed:5a:f3:99:8a:da:f6:03:60:94:
31:0e:6b:71:a4:0b:74:ee:bd:37:b8:1b:0e:25:a4:a8:52:7e:
10:6a:1b:55:a5:1b:af:6d:c4:ad:ae:32:49:1e:4d:8d:cb:91:
cf:2f:32:ed:32:f8:47:07:2e:d2:cb:d7:1a:56:09:52:03:06:
14:64:43:6b:12:bf:8f:c8:7d:63:8e:11:0b:01:10:f1:7a:82:
46:2f:9b:e8:27:bc:04:f2:be:f4:eb:f7:5f:ca:6e:45:4c:71:
f0:87:cc:12:ab:a9:ef:7f:c0:64:dd:eb:8b:60:9f:29:54:57:
df:39:c4:49:da:bf:db:89:e4:f6:d7:3a:69:f9:3a:1c:cc:30:
16:ac:ca:1f:e8:fc:7b:88:7c:66:a4:84:c9:8a:41:91:a2:10:
6d:9b:f3:a5:e5:40:bd:34:0f:58:38:b4:9a:69:00:e6:83:eb:
5e:85:66:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEeqWJ/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQx
MjA5MTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzU4NDQ4NzViYTlh
ZDFhMzg1MzEwY2E5OGNmYTY2MzExMmNiMjQwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPkcvb0AsMRFDwvc4m2d7nFMWJhDRezaJGjImzfkhbCNO7n
I8iqUkiOOTgvseUWilNvGZt0s+T9jljdsgV8zKd3Se2YQ7O9vobs4qTwpRpE7Ope
edRpFzHEG2B0K9NBIA/fL8EYvR7C/aE8+fcOEfemADo1+efbKEWX9lyEAEG1sMpB
jRn5E0FIZC58ph0bOz/Jrh+4LlPdLDbiIYHeWkryY/2RcA3nMZgAuNk+G4QPCg+a
i2fChZ8L/dVBcJF2uADFNJERt2p2N+mSooFwRGlmCWdMvztztNJZmWVtD8kK+er9
aVB1+O+uEtHbrd2hYyV5jEdu8dUfIdjkSaabeI8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTFhEh1uprRo4UxDKmM+mYxEsskCTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3hZUklkYnFhMGFPRk1ReXBqUHBtTVJMTEpBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQA5GBjRPlmgTal371sHn1f3YOtyNcL6XgA3yhkT
RBlPEwRjxU/1SLmAykzIWWEVHgNSuBWwy6r/KZBCmAqSPoN6k4/DtCrLDaEfhRwY
VGwTbO1a85mK2vYDYJQxDmtxpAt07r03uBsOJaSoUn4QahtVpRuvbcStrjJJHk2N
y5HPLzLtMvhHBy7Sy9caVglSAwYUZENrEr+PyH1jjhELARDxeoJGL5voJ7wE8r70
6/dfym5FTHHwh8wSq6nvf8Bk3euLYJ8pVFffOcRJ2r/bieT21zpp+ToczDAWrMof
6Px7iHxmpITJikGRohBtm/Ol5UC9NA9YOLSaaQDmg+tehWZ6
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:26:49 2025 by rpki-client