Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xjFsinh138stc0hXznjpSuPzxXg.roa
File: xjFsinh138stc0hXznjpSuPzxXg.roa (raw, json)
Hash identifier: H+nDT9WgZpkDmn3decsBSNJSR1VKaFUaX/jP3uoToZ8=
Subject key identifier: C6:31:6C:8A:78:75:DF:CB:2D:73:48:57:CE:78:E9:4A:E3:F3:C5:78
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857C42F7F4425BED9A19C8CE275E32866C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xjFsinh138stc0hXznjpSuPzxXg.roa
Signing time: Wed 04 Jan 2023 10:10:41 +0000
ROA not before: Wed 04 Jan 2023 10:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:42:f7:f4:42:5b:ed:9a:19:c8:ce:27:5e:32:86:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 4 10:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6316c8a7875dfcb2d734857ce78e94ae3f3c578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:16:58:8e:46:51:52:82:37:21:4e:05:d7:9f:
b0:1c:49:35:49:b9:4b:13:13:21:83:1f:64:be:dd:
1f:1f:5b:66:67:bc:4a:67:e1:79:ab:27:f9:fa:94:
a9:81:80:fc:a1:ad:eb:6a:79:97:f1:dd:34:10:60:
ed:e1:af:a0:5e:17:e1:c5:44:b3:27:ce:47:5d:5b:
48:d8:43:f0:1c:d7:b8:d8:c4:fe:4f:3d:18:6b:64:
e2:f1:82:1e:d4:63:52:24:2c:c8:59:23:00:06:e3:
87:3e:a1:5a:cb:a0:30:2b:59:9b:4b:77:a6:93:99:
c1:32:0b:2c:d3:d5:d2:cd:31:47:83:49:5d:40:3a:
b3:30:99:dd:1b:6a:cf:e7:e6:03:4e:e7:a2:47:2d:
1c:07:1c:ed:93:31:be:2c:99:57:99:34:3d:57:96:
da:d3:53:94:99:6c:e2:27:3a:e6:9a:b1:27:05:8c:
8c:73:f2:1b:00:43:ca:8f:c3:c5:20:27:54:09:d3:
81:dd:4f:3c:8f:fa:e4:21:3c:b6:34:e3:0b:40:55:
7a:9f:21:5a:f4:31:34:1a:05:94:64:2f:5d:4b:8e:
5b:24:1e:76:bb:1d:ce:8e:e0:31:ec:a9:a0:3d:31:
d8:36:fa:5e:79:28:2b:88:f1:aa:ee:9b:79:8d:1d:
04:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:31:6C:8A:78:75:DF:CB:2D:73:48:57:CE:78:E9:4A:E3:F3:C5:78
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xjFsinh138stc0hXznjpSuPzxXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:00:00:25:74:c1:13:df:b1:60:28:af:7b:f3:ce:73:14:f3:
70:f2:5f:60:ad:2a:7d:90:c6:6a:e8:c9:6c:60:70:f3:e4:7b:
3d:08:3e:ef:dd:72:c8:10:be:bb:14:a1:6c:34:96:0a:89:8b:
3d:79:37:9c:a7:69:df:9a:8f:b5:cd:9b:8c:d5:5f:b7:52:b2:
d7:bb:5c:4a:ef:5c:ff:51:f6:2a:46:33:c2:59:8b:7f:73:b5:
7c:a0:35:21:49:e6:6a:98:34:1e:b2:f7:2a:91:17:d9:ef:45:
48:86:02:27:bd:20:a5:04:0a:1c:43:eb:7b:43:71:d6:00:70:
af:a4:80:27:f9:50:38:47:bc:42:5e:45:02:e4:f1:a0:f7:0e:
96:21:92:60:cd:ba:e5:14:ae:76:1a:e1:8d:b0:ed:84:81:38:
24:7a:75:db:3f:dd:5a:82:8d:db:eb:c4:6f:3f:d4:6b:5e:c7:
5e:26:7c:a7:d7:7a:52:05:62:47:7d:61:cd:c2:3c:82:df:2d:
39:c7:d0:73:f3:6f:1c:51:cd:aa:ba:3d:cb:ba:f7:59:af:80:
b3:75:e5:b3:f3:3f:14:b4:b3:44:e1:e7:89:6a:3d:68:85:24:
79:ab:7c:ad:7e:64:9d:ac:f5:cb:b8:7f:4c:4c:66:52:07:45:
b4:85:ae:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV8Qvf0QlvtmhnIzideMoZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA0MTAxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjMxNmM4YTc4NzVkZmNiMmQ3MzQ4NTdjZTc4ZTk0YWUzZjNjNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRZYjkZRUoI3IU4F15+wHEk1SblL
ExMhgx9kvt0fH1tmZ7xKZ+F5qyf5+pSpgYD8oa3ranmX8d00EGDt4a+gXhfhxUSz
J85HXVtI2EPwHNe42MT+Tz0Ya2Ti8YIe1GNSJCzIWSMABuOHPqFay6AwK1mbS3em
k5nBMgss09XSzTFHg0ldQDqzMJndG2rP5+YDTueiRy0cBxztkzG+LJlXmTQ9V5ba
01OUmWziJzrmmrEnBYyMc/IbAEPKj8PFICdUCdOB3U88j/rkITy2NOMLQFV6nyFa
9DE0GgWUZC9dS45bJB52ux3OjuAx7KmgPTHYNvpeeSgriPGq7pt5jR0EOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMYxbIp4dd/LLXNIV8546Urj88V4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveGpGc2luaDEzOHN0YzBoWHpuanBTdVB6eFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH4AACV0wRPfsWAor3vz
znMU83DyX2CtKn2QxmroyWxgcPPkez0IPu/dcsgQvrsUoWw0lgqJiz15N5ynad+a
j7XNm4zVX7dSste7XErvXP9R9ipGM8JZi39ztXygNSFJ5mqYNB6y9yqRF9nvRUiG
Aie9IKUEChxD63tDcdYAcK+kgCf5UDhHvEJeRQLk8aD3DpYhkmDNuuUUrnYa4Y2w
7YSBOCR6dds/3VqCjdvrxG8/1Gtex14mfKfXelIFYkd9Yc3CPILfLTnH0HPzbxxR
zaq6Pcu691mvgLN15bPzPxS0s0Th54lqPWiFJHmrfK1+ZJ2s9cu4f0xMZlIHRbSF
rng=
-----END CERTIFICATE-----
Generated at Sun May 4 22:12:37 2025 by rpki-client