Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xyE37a9NYoeA43E9OLE3WIVdUjw.roa
File: xyE37a9NYoeA43E9OLE3WIVdUjw.roa (raw, json)
Hash identifier: Xm9Hr6edhFeUM1xIj/HzfgYPysuWb+NpP5nof729Wlc=
Subject key identifier: C7:21:37:ED:AF:4D:62:87:80:E3:71:3D:38:B1:37:58:85:5D:52:3C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188288B9A94EAB64BAF23CB160D683C77E1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xyE37a9NYoeA43E9OLE3WIVdUjw.roa
Signing time: Wed 17 May 2023 07:10:17 +0000
ROA not before: Wed 17 May 2023 07:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:8b:9a:94:ea:b6:4b:af:23:cb:16:0d:68:3c:77:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 17 07:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c72137edaf4d628780e3713d38b13758855d523c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2f:cd:ae:20:e6:e7:39:f9:f6:5c:ca:c1:21:
de:80:0e:2f:42:b1:4a:18:0e:fd:2e:d2:31:d1:e8:
77:cf:dd:a3:14:ac:90:fe:db:28:7d:33:c1:54:13:
ac:0e:4d:c8:45:1b:48:a2:39:45:fa:09:85:9a:ba:
67:1d:a5:1c:89:76:74:b6:e0:55:b3:95:10:4a:7f:
2c:8b:2c:40:60:4e:66:38:10:2d:b9:9d:33:42:3f:
33:94:4f:f5:42:f6:ee:6f:79:17:39:ea:9a:85:3b:
bb:06:f7:0b:18:84:53:fe:d9:04:ad:06:77:42:19:
50:c4:0d:f1:3b:31:95:f8:56:6e:08:04:e4:3e:f3:
08:8c:d6:d4:85:aa:11:e2:09:82:8a:00:82:d5:54:
bf:a8:90:34:a0:8c:6d:9b:97:64:94:40:87:ec:e3:
10:77:2c:b5:ec:2f:7d:9e:65:82:60:26:e4:9a:70:
3b:38:b5:81:7f:cd:64:68:df:da:ce:59:d4:70:63:
d8:89:10:5a:10:ed:84:61:a3:0e:2c:b7:2f:e6:aa:
38:b5:a3:00:b4:6d:a5:62:9b:2b:31:32:a7:2f:fd:
a1:46:19:1c:90:e3:06:16:94:5a:11:a6:e7:c9:ce:
88:f0:6a:a7:e1:fd:d5:98:7c:1d:49:2e:e8:dc:19:
8d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:21:37:ED:AF:4D:62:87:80:E3:71:3D:38:B1:37:58:85:5D:52:3C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xyE37a9NYoeA43E9OLE3WIVdUjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:44:01:0f:21:4a:e4:5f:c9:82:32:62:8e:1d:28:3a:12:30:
ff:33:ba:0f:1c:77:8a:5a:47:01:2b:ba:57:97:52:53:28:1d:
c5:fd:27:e0:5f:4b:5a:e2:95:1b:b7:3d:e0:2a:66:e3:75:b3:
eb:60:12:14:37:01:6a:80:31:8a:ba:8c:25:6b:3f:8f:82:49:
1f:9a:1e:0e:eb:9d:a9:f3:50:d6:18:6d:f6:e1:2e:bf:1a:17:
60:7f:b0:3e:7c:ec:0a:67:9b:9e:bb:8b:a8:62:e3:25:24:0e:
bf:76:81:34:a0:6a:e0:9c:06:72:32:d5:31:03:96:e0:1c:5d:
00:46:8b:25:b2:ad:16:a3:fe:9a:cd:09:c0:4e:b0:6f:de:bd:
f1:9c:1d:11:6b:16:26:d1:38:7b:51:9a:4f:9e:51:b9:53:fe:
8a:76:d7:67:a0:d2:33:58:e8:dd:18:b0:8c:dc:81:c3:61:8f:
ad:31:e9:60:4c:51:d7:58:b7:e2:82:f4:35:8f:7f:49:97:3a:
52:b2:09:0a:9b:77:63:f4:ad:02:71:4d:ef:e1:7f:35:d9:90:
7f:07:83:d4:ad:bf:eb:e1:63:27:98:3c:97:6d:86:a4:7a:cc:
db:b6:df:d9:a7:c4:03:8f:38:94:29:34:d0:fa:26:51:bc:75:
e1:33:22:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgoi5qU6rZLryPLFg1oPHfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE3MDcxMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzIxMzdlZGFmNGQ2Mjg3ODBlMzcxM2QzOGIxMzc1ODg1NWQ1MjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC/NriDm5zn59lzKwSHegA4vQrFK
GA79LtIx0eh3z92jFKyQ/tsofTPBVBOsDk3IRRtIojlF+gmFmrpnHaUciXZ0tuBV
s5UQSn8siyxAYE5mOBAtuZ0zQj8zlE/1Qvbub3kXOeqahTu7BvcLGIRT/tkErQZ3
QhlQxA3xOzGV+FZuCATkPvMIjNbUhaoR4gmCigCC1VS/qJA0oIxtm5dklECH7OMQ
dyy17C99nmWCYCbkmnA7OLWBf81kaN/azlnUcGPYiRBaEO2EYaMOLLcv5qo4taMA
tG2lYpsrMTKnL/2hRhkckOMGFpRaEabnyc6I8Gqn4f3VmHwdSS7o3BmN8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMchN+2vTWKHgONxPTixN1iFXVI8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveHlFMzdhOU5Zb2VBNDNFOU9MRTNXSVZkVWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIFEAQ8hSuRfyYIyYo4d
KDoSMP8zug8cd4paRwEruleXUlMoHcX9J+BfS1rilRu3PeAqZuN1s+tgEhQ3AWqA
MYq6jCVrP4+CSR+aHg7rnanzUNYYbfbhLr8aF2B/sD587Apnm567i6hi4yUkDr92
gTSgauCcBnIy1TEDluAcXQBGiyWyrRaj/prNCcBOsG/evfGcHRFrFibROHtRmk+e
UblT/op212eg0jNY6N0YsIzcgcNhj60x6WBMUddYt+KC9DWPf0mXOlKyCQqbd2P0
rQJxTe/hfzXZkH8Hg9Stv+vhYyeYPJdthqR6zNu239mnxAOPOJQpNND6JlG8deEz
IpA=
-----END CERTIFICATE-----
Generated at Thu May 1 04:51:08 2025 by rpki-client