Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xnpUA8TL0xPwx6hQf06pxJnVupo.roa
File: xnpUA8TL0xPwx6hQf06pxJnVupo.roa (raw, json)
Hash identifier: F0EsfMcvrmzAi7ZB0zNlt0fdcv0WOJl/yYyuju66gBI=
Subject key identifier: C6:7A:54:03:C4:CB:D3:13:F0:C7:A8:50:7F:4E:A9:C4:99:D5:BA:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186A5E675A367536A0F48F6F1B42026BC73
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xnpUA8TL0xPwx6hQf06pxJnVupo.roa
Signing time: Fri 03 Mar 2023 05:16:29 +0000
ROA not before: Fri 03 Mar 2023 05:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a5:e6:75:a3:67:53:6a:0f:48:f6:f1:b4:20:26:bc:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 3 05:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c67a5403c4cbd313f0c7a8507f4ea9c499d5ba9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4f:20:49:de:23:cf:e2:e1:6a:44:df:64:f3:
54:a7:0a:7c:f4:57:67:88:12:ef:14:9b:da:c9:8c:
cc:36:18:33:d7:d1:8c:5e:a5:d5:70:8c:e3:e6:cb:
d1:6c:8f:53:87:89:07:67:48:f7:6b:f5:8a:0d:d2:
2c:ae:34:12:8d:7d:9c:6f:fc:7d:b5:ee:29:a5:2a:
3e:f9:aa:2d:2d:e2:2c:d9:3d:11:ba:68:ab:b7:4f:
cf:33:f6:69:75:30:30:ac:1e:cc:84:40:ce:63:ee:
dd:24:ff:34:53:57:54:8a:60:7d:3a:67:9a:eb:cd:
08:a0:aa:a9:ed:83:63:ed:ca:8e:62:ae:ae:d1:62:
01:9e:7b:89:c5:1d:07:48:a9:95:a9:12:fc:b3:89:
9c:25:22:d9:22:f2:8a:6f:bc:55:6d:27:89:7b:e8:
f2:73:5d:fd:17:2f:92:03:a1:c9:d7:54:0a:18:67:
3d:20:d9:1e:66:2c:fb:fc:e4:f2:d6:28:fc:fd:7a:
c8:38:83:30:b1:b0:f9:78:03:43:b9:99:9a:24:be:
1e:67:0f:85:b1:a8:d5:41:f2:c2:d5:81:a0:c1:87:
e4:c8:86:da:e8:ad:63:66:9f:15:17:ae:bc:ba:7f:
b8:a7:60:7b:de:97:8f:f6:7e:a5:eb:59:4d:45:09:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7A:54:03:C4:CB:D3:13:F0:C7:A8:50:7F:4E:A9:C4:99:D5:BA:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xnpUA8TL0xPwx6hQf06pxJnVupo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:77:9f:a4:53:3c:da:63:9d:13:93:28:ce:8a:42:34:1e:69:
1d:b8:e6:fd:3e:6f:63:02:eb:1b:8c:15:18:f8:c1:a6:c2:4f:
6f:c4:10:5f:79:22:37:4c:6f:ef:c6:52:ac:de:f2:5d:f1:67:
18:dd:ce:27:c8:a2:65:44:4b:bd:59:49:27:be:01:1f:a7:05:
59:a1:b5:37:11:c7:d5:8d:76:f2:86:ca:9f:45:af:2a:d4:bf:
98:36:2c:06:43:61:fd:a1:50:dc:4e:cf:36:ff:8f:e0:1f:c4:
01:75:3a:66:73:ab:eb:4c:f2:17:9b:8c:e2:8c:9e:a0:65:f9:
cd:bc:2e:b0:fb:b4:66:e4:c0:46:ba:22:ca:79:a9:fc:cc:32:
c1:62:a8:ac:69:32:1b:34:9b:11:e0:a1:96:f3:49:40:5f:be:
0b:b1:c9:6a:76:fb:11:ec:45:9f:80:e5:10:30:16:3c:49:6d:
64:a1:98:2f:83:1a:34:a8:68:ec:ae:20:f6:e7:44:8b:bb:67:
71:c7:62:81:93:d7:1f:bf:72:c4:21:6b:db:e4:f0:e1:26:1f:
70:ab:35:c5:a7:83:36:cc:44:6e:02:c4:5c:ad:35:9c:15:b4:
62:4f:8e:11:02:c6:99:66:ec:e5:95:e1:88:77:d2:a9:3a:b5:
cd:bf:35:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYal5nWjZ1NqD0j28bQgJrxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAzMDUxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjdhNTQwM2M0Y2JkMzEzZjBjN2E4NTA3ZjRlYTljNDk5ZDViYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk8gSd4jz+LhakTfZPNUpwp89Fdn
iBLvFJvayYzMNhgz19GMXqXVcIzj5svRbI9Th4kHZ0j3a/WKDdIsrjQSjX2cb/x9
te4ppSo++aotLeIs2T0Rumirt0/PM/ZpdTAwrB7MhEDOY+7dJP80U1dUimB9Omea
680IoKqp7YNj7cqOYq6u0WIBnnuJxR0HSKmVqRL8s4mcJSLZIvKKb7xVbSeJe+jy
c139Fy+SA6HJ11QKGGc9INkeZiz7/OTy1ij8/XrIOIMwsbD5eANDuZmaJL4eZw+F
sajVQfLC1YGgwYfkyIba6K1jZp8VF668un+4p2B73peP9n6l61lNRQkTmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMZ6VAPEy9MT8MeoUH9OqcSZ1bqaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveG5wVUE4VEwweFB3eDZoUWYwNnB4Sm5WdXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA53n6RTPNpjnROTKM6K
QjQeaR245v0+b2MC6xuMFRj4wabCT2/EEF95IjdMb+/GUqze8l3xZxjdzifIomVE
S71ZSSe+AR+nBVmhtTcRx9WNdvKGyp9FryrUv5g2LAZDYf2hUNxOzzb/j+AfxAF1
OmZzq+tM8hebjOKMnqBl+c28LrD7tGbkwEa6Isp5qfzMMsFiqKxpMhs0mxHgoZbz
SUBfvguxyWp2+xHsRZ+A5RAwFjxJbWShmC+DGjSoaOyuIPbnRIu7Z3HHYoGT1x+/
csQha9vk8OEmH3CrNcWngzbMRG4CxFytNZwVtGJPjhECxplm7OWV4Yh30qk6tc2/
NdE=
-----END CERTIFICATE-----
Generated at Thu May 1 04:02:41 2025 by rpki-client