Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xgL0xJilprwK_YujDZfP5RKmZzw.roa
File: xgL0xJilprwK_YujDZfP5RKmZzw.roa (raw, json)
Hash identifier: aNOBqBCY0TR49o3TGtruxL7/gK56ZtHMq7lDzG3I2HY=
Subject key identifier: C6:02:F4:C4:98:A5:A6:BC:0A:FD:8B:A3:0D:97:CF:E5:12:A6:67:3C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018659AF687785339A72B69E4393DB39E4D3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xgL0xJilprwK_YujDZfP5RKmZzw.roa
Signing time: Thu 16 Feb 2023 10:05:12 +0000
ROA not before: Thu 16 Feb 2023 10:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:59ae:e775/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:59:af:68:77:85:33:9a:72:b6:9e:43:93:db:39:e4:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 16 10:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c602f4c498a5a6bc0afd8ba30d97cfe512a6673c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3d:99:56:7d:f3:d7:f2:44:c1:93:60:ff:68:
36:c5:e9:21:d0:b4:2e:52:b7:f8:77:74:e7:f9:73:
6e:d1:7b:72:e1:5f:06:45:8c:ef:4e:7a:5c:34:de:
c2:c4:b8:78:76:ed:63:ff:08:07:8e:5e:ab:31:df:
48:2d:72:20:57:90:72:a2:8e:c7:82:a3:6d:d7:35:
20:2b:f9:c2:2c:a5:1b:a1:2a:31:71:69:d2:6b:03:
56:49:4b:62:c5:28:9f:95:09:ed:5e:e1:8a:77:91:
49:6f:5b:b3:ca:6b:a3:1a:d4:1a:d4:95:d8:c7:2d:
29:e1:4a:f3:37:05:26:88:19:77:82:87:91:84:e2:
d8:59:35:f6:cd:65:d5:f1:e3:55:3f:da:f4:03:a8:
8a:e0:3c:87:86:02:46:70:c3:57:7e:ff:2d:18:02:
23:83:48:9f:ab:8d:45:43:b1:f3:81:ad:c3:a8:f7:
47:18:12:61:00:59:d6:0a:9e:bb:0e:ef:29:5f:55:
54:01:0c:61:d6:ea:19:76:37:0d:c8:bc:2f:cc:fd:
d7:44:9e:8f:a4:d0:99:9c:42:ba:89:2c:09:ef:99:
51:22:36:e8:c2:cb:f1:0c:ce:00:57:1f:97:e1:5f:
b1:03:23:5a:04:99:e9:39:df:35:d6:81:ae:67:d5:
b8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:02:F4:C4:98:A5:A6:BC:0A:FD:8B:A3:0D:97:CF:E5:12:A6:67:3C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xgL0xJilprwK_YujDZfP5RKmZzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:2a:4e:8c:42:ac:a5:52:9c:c6:6a:47:34:ad:7f:1f:5f:35:
7c:f6:a5:ba:64:cd:a8:de:02:ab:45:ba:94:a6:80:53:b8:44:
a0:44:cf:42:20:30:25:39:80:d8:5b:ef:d0:da:28:7c:2a:15:
56:53:da:40:54:f0:ff:fb:ba:bc:94:f1:5d:84:b7:23:51:f4:
93:bf:d3:5d:06:88:55:48:e4:d8:2b:9e:1e:25:c7:0d:36:f3:
13:9e:ac:27:78:03:61:9a:40:23:2a:f4:3d:78:71:3a:13:d5:
1e:8e:3d:cd:f8:1f:44:42:ba:16:01:3f:76:59:81:6b:77:6e:
0e:68:d5:df:14:32:cd:1b:4a:3e:ea:be:d8:fe:62:5f:77:a2:
4a:e8:f7:16:c9:3f:39:4f:f5:ba:92:a4:5f:85:f4:e1:e7:08:
59:21:0b:0f:8b:10:4b:53:6d:03:3b:a1:68:79:b2:d2:a8:38:
7a:8f:96:78:2f:2f:65:f9:72:4d:e5:ad:a9:c7:ca:bd:f1:71:
99:73:fd:0e:57:a7:3c:91:d1:48:b4:75:55:c8:3f:4d:56:36:
15:69:3b:bf:2b:05:24:40:e4:7d:6d:fe:82:6f:01:06:41:5e:
f9:e0:27:24:fb:83:8b:fa:23:74:16:d4:70:f5:1a:ef:25:3e:
c6:e6:7d:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZZr2h3hTOacraeQ5PbOeTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE2MTAwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjAyZjRjNDk4YTVhNmJjMGFmZDhiYTMwZDk3Y2ZlNTEyYTY2NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT2ZVn3z1/JEwZNg/2g2xekh0LQu
Urf4d3Tn+XNu0Xty4V8GRYzvTnpcNN7CxLh4du1j/wgHjl6rMd9ILXIgV5Byoo7H
gqNt1zUgK/nCLKUboSoxcWnSawNWSUtixSiflQntXuGKd5FJb1uzymujGtQa1JXY
xy0p4UrzNwUmiBl3goeRhOLYWTX2zWXV8eNVP9r0A6iK4DyHhgJGcMNXfv8tGAIj
g0ifq41FQ7Hzga3DqPdHGBJhAFnWCp67Du8pX1VUAQxh1uoZdjcNyLwvzP3XRJ6P
pNCZnEK6iSwJ75lRIjbowsvxDM4AVx+X4V+xAyNaBJnpOd811oGuZ9W4OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMYC9MSYpaa8Cv2Low2Xz+USpmc8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveGdMMHhKaWxwcndLX1l1akRaZlA1UkttWnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA4qToxCrKVSnMZqRzSt
fx9fNXz2pbpkzajeAqtFupSmgFO4RKBEz0IgMCU5gNhb79DaKHwqFVZT2kBU8P/7
uryU8V2EtyNR9JO/010GiFVI5Ngrnh4lxw028xOerCd4A2GaQCMq9D14cToT1R6O
Pc34H0RCuhYBP3ZZgWt3bg5o1d8UMs0bSj7qvtj+Yl93okro9xbJPzlP9bqSpF+F
9OHnCFkhCw+LEEtTbQM7oWh5stKoOHqPlngvL2X5ck3lranHyr3xcZlz/Q5XpzyR
0Ui0dVXIP01WNhVpO78rBSRA5H1t/oJvAQZBXvngJyT7g4v6I3QW1HD1Gu8lPsbm
fUE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:20:38 2025 by rpki-client