Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xykaVuPzbt2xpJ4APb77hWil2HE.roa
File: xykaVuPzbt2xpJ4APb77hWil2HE.roa (raw, json)
Hash identifier: eHvpnuRQM83dAP9fmUwva9swYc/qemZrK1Z8bhVfzRc=
Subject key identifier: C7:29:1A:56:E3:F3:6E:DD:B1:A4:9E:00:3D:BE:FB:85:68:A5:D8:71
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183DCA6B5F7CA866371EF231A2F39EB462D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xykaVuPzbt2xpJ4APb77hWil2HE.roa
Signing time: Sat 15 Oct 2022 17:17:36 +0000
ROA not before: Sat 15 Oct 2022 17:17:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:dc:a6:b5:f7:ca:86:63:71:ef:23:1a:2f:39:eb:46:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 15 17:17:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7291a56e3f36eddb1a49e003dbefb8568a5d871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5a:db:62:3c:cd:cf:d7:2b:c1:f6:ec:03:c5:
f9:e2:e4:68:40:0f:7e:18:cd:bd:91:c9:74:f2:15:
53:b1:b1:87:68:15:ae:11:7e:ec:4a:d1:94:3f:30:
c7:fd:2f:55:2a:4e:04:ae:56:99:7f:c1:f9:b0:1c:
ec:83:dd:d2:fc:03:e7:ae:a6:d2:67:9b:33:1b:81:
a7:ad:68:62:91:0d:f2:36:3f:8e:4e:7f:79:fd:29:
7b:19:d5:5a:f2:b1:4e:d2:f1:cc:ab:99:5c:01:3a:
d6:7b:49:3e:8b:70:5a:97:d2:34:0b:4e:64:7d:a7:
5a:6f:c1:6d:20:ac:a9:40:7f:bb:c5:7a:85:89:57:
dd:a4:dc:d6:a2:2b:a1:92:bd:88:c7:8d:3f:6b:95:
9e:4e:8b:1f:f4:f0:cc:b4:1e:f2:be:8e:a6:19:ac:
12:91:fb:57:2a:42:47:04:27:9b:8c:a7:9e:7b:a2:
fc:f7:41:a8:af:ef:57:0f:0c:c2:93:56:f3:3d:64:
8a:59:1d:12:42:87:5e:4e:72:7d:c5:67:c2:bf:b6:
9a:75:49:06:53:c4:fb:fe:72:93:f0:2d:9f:24:6c:
ae:fd:01:b6:7e:d4:b2:d1:51:55:c3:0e:f2:29:1a:
0f:f5:35:34:98:53:02:3b:b1:de:cf:f8:f1:7b:42:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:29:1A:56:E3:F3:6E:DD:B1:A4:9E:00:3D:BE:FB:85:68:A5:D8:71
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xykaVuPzbt2xpJ4APb77hWil2HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:01:49:93:38:71:d1:11:c4:88:8b:b2:0b:51:c4:14:1e:7c:
0a:87:c4:ac:09:38:9c:53:a3:ce:02:6b:1b:51:56:c2:83:8b:
1a:54:69:38:b6:2c:08:31:b8:22:4d:bf:26:db:d7:4f:4d:e6:
41:48:54:c9:92:d6:bb:61:8f:45:f9:d0:b5:39:3f:21:95:53:
a3:fe:5e:bd:b4:07:ed:77:e6:af:88:ad:5e:06:9f:0e:01:44:
93:ee:f7:7b:b6:8e:e2:1d:25:cf:e9:ce:51:78:b4:9b:5d:39:
d9:87:b6:bc:24:6d:64:96:a7:17:8c:21:33:81:6c:e2:d9:4f:
13:9c:82:b6:78:48:91:a3:92:9b:8a:f9:04:b4:72:64:59:f9:
0d:3b:7f:21:ba:64:d4:8c:33:8b:40:a3:25:cd:09:f1:f2:b3:
03:60:38:26:72:74:59:6c:23:d9:ed:f7:25:84:a0:d0:25:30:
df:d7:5c:8e:22:dc:de:ff:55:9a:fe:e8:a4:79:9b:66:66:f8:
46:dc:cc:57:2d:af:2d:ef:89:b9:03:e7:3b:1c:93:7e:23:9f:
c4:07:ad:e6:55:b6:31:55:56:fd:80:f1:e8:94:50:14:e5:ec:
72:7c:be:ee:56:7f:ab:7c:54:fb:89:d2:a7:53:b2:7f:63:79:
9d:6e:7b:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPcprX3yoZjce8jGi8560YtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDE1MTcxNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI5MWE1NmUzZjM2ZWRkYjFhNDllMDAzZGJlZmI4NTY4YTVkODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1rbYjzNz9crwfbsA8X54uRoQA9+
GM29kcl08hVTsbGHaBWuEX7sStGUPzDH/S9VKk4ErlaZf8H5sBzsg93S/APnrqbS
Z5szG4GnrWhikQ3yNj+OTn95/Sl7GdVa8rFO0vHMq5lcATrWe0k+i3Bal9I0C05k
fadab8FtIKypQH+7xXqFiVfdpNzWoiuhkr2Ix40/a5WeTosf9PDMtB7yvo6mGawS
kftXKkJHBCebjKeee6L890Gor+9XDwzCk1bzPWSKWR0SQodeTnJ9xWfCv7aadUkG
U8T7/nKT8C2fJGyu/QG2ftSy0VFVww7yKRoP9TU0mFMCO7Hez/jxe0L03wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMcpGlbj827dsaSeAD2++4VopdhxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveHlrYVZ1UHpidDJ4cEo0QVBiNzdoV2lsMkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF0BSZM4cdERxIiLsgtR
xBQefAqHxKwJOJxTo84CaxtRVsKDixpUaTi2LAgxuCJNvybb109N5kFIVMmS1rth
j0X50LU5PyGVU6P+Xr20B+135q+IrV4Gnw4BRJPu93u2juIdJc/pzlF4tJtdOdmH
trwkbWSWpxeMITOBbOLZTxOcgrZ4SJGjkpuK+QS0cmRZ+Q07fyG6ZNSMM4tAoyXN
CfHyswNgOCZydFlsI9nt9yWEoNAlMN/XXI4i3N7/VZr+6KR5m2Zm+EbczFctry3v
ibkD5zsck34jn8QHreZVtjFVVv2A8eiUUBTl7HJ8vu5Wf6t8VPuJ0qdTsn9jeZ1u
e7o=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:24:56 2025 by rpki-client