Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xhmWM1Db46JZ0y0kDwCcCRCrN0k.roa
File: xhmWM1Db46JZ0y0kDwCcCRCrN0k.roa (raw, json)
Hash identifier: t+BxzTzet2wphgMYqK8dqAWDAKkqYZq7Hz6PYksA4XI=
Subject key identifier: C6:19:96:33:50:DB:E3:A2:59:D3:2D:24:0F:00:9C:09:10:AB:37:49
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018670DC173054516797624E69B35E712CD6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xhmWM1Db46JZ0y0kDwCcCRCrN0k.roa
Signing time: Mon 20 Feb 2023 22:05:17 +0000
ROA not before: Mon 20 Feb 2023 22:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:70db:4adc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:dc:17:30:54:51:67:97:62:4e:69:b3:5e:71:2c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 20 22:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c619963350dbe3a259d32d240f009c0910ab3749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e0:68:32:68:d7:93:e3:81:0c:6d:e3:eb:97:
45:57:b5:de:78:0e:d5:3a:9e:f8:a2:d9:f5:af:90:
db:f6:ec:61:85:8f:d2:f7:05:1b:90:2f:35:bf:9c:
a6:31:25:bd:ef:29:60:bb:47:41:56:35:70:9b:14:
e3:28:b2:77:ef:2f:54:10:68:83:58:8f:2e:bb:c6:
d8:a4:75:da:ec:15:ce:8c:fb:1c:22:eb:ac:ae:07:
a7:eb:b3:0b:be:d6:4e:63:bc:02:70:97:24:e8:46:
d7:5a:c4:ef:b2:cb:04:70:b7:cd:73:17:b9:3e:32:
77:6d:a4:c2:bc:40:f5:a3:94:47:9a:ef:b6:5b:d8:
8b:b8:df:1f:a2:88:95:1d:98:94:8d:d3:da:d1:d3:
89:ff:0b:dc:36:ed:34:c7:ea:94:ec:82:fe:3f:75:
d2:54:e8:94:cb:f8:9f:b8:b9:50:f1:d8:71:20:77:
d9:13:e6:04:66:f6:ec:3f:26:24:0c:dd:c9:d5:a5:
f2:c1:f5:40:e0:ec:3c:f4:b7:4c:e6:71:58:79:cb:
42:49:8f:1b:d5:a7:95:f4:e1:88:1c:5a:f6:f5:94:
15:8e:91:18:75:85:fb:6c:0c:a2:9c:b9:15:0b:5c:
68:22:e5:2c:66:2f:6d:8d:37:40:14:17:e2:f7:ab:
8f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:19:96:33:50:DB:E3:A2:59:D3:2D:24:0F:00:9C:09:10:AB:37:49
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xhmWM1Db46JZ0y0kDwCcCRCrN0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:02:19:8d:38:76:6c:b5:29:76:53:c6:7b:d2:45:b9:64:9e:
66:e6:a3:6e:9e:6d:0b:90:2e:a2:60:5c:63:ca:74:67:91:5f:
54:6c:78:1d:53:24:a9:43:98:ec:57:1a:16:f5:e0:53:6c:03:
43:3e:16:7d:71:b3:30:d6:b5:80:f4:fd:ef:bb:62:bf:0f:db:
e4:8a:a0:7a:87:18:fc:f0:aa:27:85:a6:f1:64:cd:97:4d:a1:
62:6a:67:a6:a5:6b:9b:08:78:c6:44:94:a7:ff:ca:7b:11:ef:
d4:72:e2:23:7f:9f:6e:0e:e6:5d:9b:04:fb:90:8b:51:47:2d:
bb:42:15:a2:57:96:f7:f6:f9:c5:25:94:2c:97:73:1c:8b:79:
c3:9c:c5:57:58:89:36:81:0b:94:68:8b:52:f8:02:53:b7:95:
39:6f:ba:5c:71:47:90:2b:d5:b7:dd:4b:07:dc:ef:2e:a8:54:
bd:52:77:bb:ff:af:04:c6:01:7c:44:ec:1c:67:e7:dc:e3:78:
49:ea:14:8c:f3:e2:cb:ec:e5:e1:72:9b:df:75:f4:a4:d3:6e:
66:7e:da:78:ed:d0:4e:91:bb:2d:9a:b1:95:df:60:1b:d7:07:
8c:1a:1b:66:38:94:3e:62:b4:ec:5b:95:1a:41:bd:b4:1d:bc:
66:bb:6b:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZw3BcwVFFnl2JOabNecSzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIwMjIwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE5OTYzMzUwZGJlM2EyNTlkMzJkMjQwZjAwOWMwOTEwYWIzNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+BoMmjXk+OBDG3j65dFV7XeeA7V
Op74otn1r5Db9uxhhY/S9wUbkC81v5ymMSW97ylgu0dBVjVwmxTjKLJ37y9UEGiD
WI8uu8bYpHXa7BXOjPscIuusrgen67MLvtZOY7wCcJck6EbXWsTvsssEcLfNcxe5
PjJ3baTCvED1o5RHmu+2W9iLuN8fooiVHZiUjdPa0dOJ/wvcNu00x+qU7IL+P3XS
VOiUy/ifuLlQ8dhxIHfZE+YEZvbsPyYkDN3J1aXywfVA4Ow89LdM5nFYectCSY8b
1aeV9OGIHFr29ZQVjpEYdYX7bAyinLkVC1xoIuUsZi9tjTdAFBfi96uPcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMYZljNQ2+OiWdMtJA8AnAkQqzdJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveGhtV00xRGI0NkpaMHkwa0R3Q2NDUkNyTjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADcCGY04dmy1KXZTxnvS
Rblknmbmo26ebQuQLqJgXGPKdGeRX1RseB1TJKlDmOxXGhb14FNsA0M+Fn1xszDW
tYD0/e+7Yr8P2+SKoHqHGPzwqieFpvFkzZdNoWJqZ6ala5sIeMZElKf/ynsR79Ry
4iN/n24O5l2bBPuQi1FHLbtCFaJXlvf2+cUllCyXcxyLecOcxVdYiTaBC5Roi1L4
AlO3lTlvulxxR5Ar1bfdSwfc7y6oVL1Sd7v/rwTGAXxE7Bxn59zjeEnqFIzz4svs
5eFym9919KTTbmZ+2njt0E6Ruy2asZXfYBvXB4waG2Y4lD5itOxblRpBvbQdvGa7
a+k=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:10 2025 by rpki-client