Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XAlUGYJvS_JLgjUN-dJJq_fxJPU.roa
File: XAlUGYJvS_JLgjUN-dJJq_fxJPU.roa (raw, json)
Hash identifier: Y29Hb6nG3NcJaWe7LPyDGzmuxKktLonUKQYKRiXGBaY=
Subject key identifier: 5C:09:54:19:82:6F:4B:F2:4B:82:35:0D:F9:D2:49:AB:F7:F1:24:F5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018673B21A742D5107D38C7B059C3D1EDC2D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XAlUGYJvS_JLgjUN-dJJq_fxJPU.roa
Signing time: Tue 21 Feb 2023 11:18:17 +0000
ROA not before: Tue 21 Feb 2023 11:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:b2:1a:74:2d:51:07:d3:8c:7b:05:9c:3d:1e:dc:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 11:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c095419826f4bf24b82350df9d249abf7f124f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:92:28:33:5a:40:3a:df:a5:48:7e:7a:2e:c7:
18:e4:47:6c:07:5b:95:2e:ef:de:af:90:42:0c:4e:
c6:ea:5d:93:79:51:15:0e:2d:ee:74:10:a7:7e:ee:
be:f7:da:02:52:14:3d:f9:27:76:d1:a4:9f:1a:e4:
b9:50:40:a3:e6:34:c8:a4:ca:6a:23:76:38:38:35:
ce:7c:4b:3c:03:68:a0:5f:23:bd:a8:c4:51:d4:fd:
68:2d:b9:f1:11:dc:ea:9e:cc:d2:55:a0:6e:05:16:
20:01:5e:c0:24:93:c0:7d:9c:76:1d:5c:49:13:e5:
03:00:e5:ca:7e:06:69:cd:1a:de:54:94:c5:83:d0:
27:8a:6f:83:18:30:df:a2:6d:b7:67:e8:b4:6e:15:
da:c6:5c:82:20:89:49:0b:45:eb:a5:28:70:48:24:
d8:7c:24:e8:67:04:c6:ba:05:1c:f3:6f:26:07:e1:
c2:03:45:de:c5:36:e8:4b:4a:fc:0c:a7:9a:6c:48:
e4:ae:19:52:40:d0:5b:60:73:95:5e:f2:05:2a:a4:
77:2d:42:ab:7c:8c:a0:a6:a4:0b:d4:a3:70:f6:9a:
7e:22:3b:0f:cd:74:95:2f:e6:d3:3e:81:3c:8b:59:
c0:f8:13:1e:f3:26:12:96:92:b8:dd:8c:3e:1e:51:
6c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:09:54:19:82:6F:4B:F2:4B:82:35:0D:F9:D2:49:AB:F7:F1:24:F5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XAlUGYJvS_JLgjUN-dJJq_fxJPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:4b:6a:5e:4d:5b:10:ed:c1:0b:78:66:dd:1b:82:3f:a7:1a:
1d:18:7c:6d:e1:42:4e:8e:d1:be:55:8f:0c:0d:cf:29:a9:ed:
b9:b1:db:91:b3:10:74:58:e4:5b:7d:21:e4:14:7c:d3:48:12:
36:21:af:62:1e:23:46:73:5b:b5:69:67:76:2d:a1:4e:70:e4:
64:10:29:04:39:70:49:d6:85:d7:c2:3c:27:ac:97:d9:66:47:
24:a2:c4:62:3d:cd:59:c1:5d:e5:d2:44:6f:92:e8:58:e3:4b:
b3:8e:5d:ab:38:1e:1c:cc:32:cb:98:4b:16:df:d7:2a:5c:23:
a5:e0:93:f1:71:38:f4:0e:ae:87:84:be:f2:65:1e:3d:c2:50:
5e:ee:df:1c:22:04:54:03:54:94:a1:42:d8:e7:ee:63:eb:ea:
6d:0c:0c:54:d3:7b:8a:1b:23:98:9c:52:35:a1:0d:cb:02:4e:
a3:82:c7:a2:67:05:4a:59:a1:d6:9b:a7:3b:5b:b7:77:d2:f2:
f2:6f:19:de:a8:27:46:c1:21:35:32:f3:c5:8a:e5:4e:1c:9a:
d6:be:f6:ed:0c:89:96:da:ed:20:03:22:05:fd:25:b1:07:55:
45:83:b5:a2:06:08:24:36:c3:9b:60:b5:80:96:bf:6e:b4:dc:
f9:f3:2f:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZzshp0LVEH04x7BZw9HtwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIxMTExODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA5NTQxOTgyNmY0YmYyNGI4MjM1MGRmOWQyNDlhYmY3ZjEyNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JIoM1pAOt+lSH56LscY5EdsB1uV
Lu/er5BCDE7G6l2TeVEVDi3udBCnfu6+99oCUhQ9+Sd20aSfGuS5UECj5jTIpMpq
I3Y4ODXOfEs8A2igXyO9qMRR1P1oLbnxEdzqnszSVaBuBRYgAV7AJJPAfZx2HVxJ
E+UDAOXKfgZpzRreVJTFg9Anim+DGDDfom23Z+i0bhXaxlyCIIlJC0XrpShwSCTY
fCToZwTGugUc828mB+HCA0XexTboS0r8DKeabEjkrhlSQNBbYHOVXvIFKqR3LUKr
fIygpqQL1KNw9pp+IjsPzXSVL+bTPoE8i1nA+BMe8yYSlpK43Yw+HlFsJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwJVBmCb0vyS4I1DfnSSav38ST1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWEFsVUdZSnZTX0pMZ2pVTi1kSkpxX2Z4SlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHxLal5NWxDtwQt4Zt0b
gj+nGh0YfG3hQk6O0b5VjwwNzymp7bmx25GzEHRY5Ft9IeQUfNNIEjYhr2IeI0Zz
W7VpZ3YtoU5w5GQQKQQ5cEnWhdfCPCesl9lmRySixGI9zVnBXeXSRG+S6FjjS7OO
Xas4HhzMMsuYSxbf1ypcI6Xgk/FxOPQOroeEvvJlHj3CUF7u3xwiBFQDVJShQtjn
7mPr6m0MDFTTe4obI5icUjWhDcsCTqOCx6JnBUpZodabpztbt3fS8vJvGd6oJ0bB
ITUy88WK5U4cmta+9u0MiZba7SADIgX9JbEHVUWDtaIGCCQ2w5tgtYCWv2603Pnz
LxQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:48:31 2025 by rpki-client