Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XCgUR_pthgUc4ObRjT0OclxZo_w.roa
File: XCgUR_pthgUc4ObRjT0OclxZo_w.roa (raw, json)
Hash identifier: lxqE0dBEV+TUH064IagccmFA95+7H1Ragn9xoxTeFY4=
Subject key identifier: 5C:28:14:47:FA:6D:86:05:1C:E0:E6:D1:8D:3D:0E:72:5C:59:A3:FC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 85AC5503
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XCgUR_pthgUc4ObRjT0OclxZo_w.roa
Signing time: Fri 20 May 2022 07:12:28 +0000
ROA not before: Fri 20 May 2022 07:12:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2242663683 (0x85ac5503)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 20 07:12:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c281447fa6d86051ce0e6d18d3d0e725c59a3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2d:a2:d4:37:39:8a:21:12:ff:35:0b:fd:21:
70:9e:88:05:2f:70:b3:22:73:27:47:22:b2:1c:7f:
cc:ea:9c:7f:4f:5a:5e:29:b2:59:37:9b:2f:1f:c8:
07:bb:6c:59:b0:fd:c0:3b:e7:b5:9e:db:5d:d7:83:
ea:f9:74:f3:a2:e5:67:77:fe:3a:30:db:1e:bc:a9:
e7:6f:29:d2:e8:97:a7:f9:2a:09:7a:5b:dc:81:55:
d8:ad:07:ea:71:ee:1f:ef:2c:d1:e5:03:4a:a9:c8:
90:6c:07:7d:4a:2a:45:f3:19:bb:fe:c3:f0:f2:35:
d0:71:5d:98:bb:1d:51:8c:bd:9d:99:7d:77:79:e4:
f7:43:b4:ef:15:e6:69:05:2b:b3:07:c9:df:42:6a:
77:ca:1a:05:d5:47:17:fd:5c:6a:dd:ab:ce:21:a7:
60:ff:fc:5a:27:c0:c6:2e:d3:6d:80:82:7f:fb:5f:
00:95:81:48:26:c4:f1:65:1f:f1:70:5d:54:9b:ec:
17:1e:47:06:e9:78:8a:07:35:15:2f:38:87:04:7b:
2a:4e:5e:57:8f:c9:2b:cc:67:d4:1a:5c:fb:a1:28:
80:51:74:c8:fc:33:09:4e:ea:a6:12:e1:a7:d0:77:
ff:38:f9:07:1e:22:3d:5a:61:a9:14:a9:03:ab:e3:
a0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:28:14:47:FA:6D:86:05:1C:E0:E6:D1:8D:3D:0E:72:5C:59:A3:FC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XCgUR_pthgUc4ObRjT0OclxZo_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:a0:b1:75:52:96:ec:a6:4c:16:4e:2c:09:d0:a1:f3:f2:30:
d5:4c:c2:37:19:48:c2:fa:38:4d:1b:1d:92:5e:ea:56:80:21:
9d:0c:1f:88:37:c1:b9:14:0a:f4:e5:f9:03:93:db:08:ef:6e:
50:3a:52:e6:28:c3:ab:3e:08:39:97:71:6f:3d:d9:ec:b3:be:
04:dc:ae:f5:d4:9f:41:bb:04:ba:47:40:ab:df:c3:85:73:76:
44:16:8e:fd:01:81:76:ca:4b:e9:b4:a2:be:48:5c:48:84:06:
38:c1:91:43:8e:e1:e9:f9:3e:04:ae:5a:5a:e6:74:a9:e2:0d:
fb:f5:c1:70:d9:4b:2f:25:1a:68:d8:d2:4f:cd:52:fb:cf:93:
97:5a:77:6a:33:57:66:d5:af:54:06:8c:74:e8:59:d2:7d:c5:
e8:ce:ed:39:4e:f1:47:35:30:1c:b8:3b:12:a9:b7:bb:b8:2d:
7d:d3:de:7e:d5:9a:0d:bd:43:14:dd:95:d2:5d:98:10:0e:e5:
47:85:aa:a0:71:e0:9f:96:75:d1:5d:e0:e0:ae:76:18:91:09:
42:75:73:12:e1:ac:68:0c:94:43:1d:bf:64:4c:75:dd:aa:da:
57:7e:dc:ba:e0:03:48:05:10:74:23:5d:b2:35:cd:03:ef:48:
c2:ab:bd:35
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIWsVQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjAwNzEyMjhaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVjMjgxNDQ3ZmE2
ZDg2MDUxY2UwZTZkMThkM2QwZTcyNWM1OWEzZmMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGLaLUNzmKIRL/NQv9IXCeiAUvcLMicydHIrIcf8zqnH9P
Wl4pslk3my8fyAe7bFmw/cA757We213Xg+r5dPOi5Wd3/jow2x68qedvKdLol6f5
Kgl6W9yBVditB+px7h/vLNHlA0qpyJBsB31KKkXzGbv+w/DyNdBxXZi7HVGMvZ2Z
fXd55PdDtO8V5mkFK7MHyd9CanfKGgXVRxf9XGrdq84hp2D//FonwMYu022Agn/7
XwCVgUgmxPFlH/FwXVSb7BceRwbpeIoHNRUvOIcEeypOXlePySvMZ9QaXPuhKIBR
dMj8MwlO6qYS4afQd/84+QceIj1aYakUqQOr46BfAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUXCgUR/pthgUc4ObRjT0OclxZo/wwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9YQ2dVUl9wdGhnVWM0T2JSalQwT2NseFpvX3cucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAZKCxdVKW7KZMFk4sCdCh8/Iw1UzCNxlIwvo4
TRsdkl7qVoAhnQwfiDfBuRQK9OX5A5PbCO9uUDpS5ijDqz4IOZdxbz3Z7LO+BNyu
9dSfQbsEukdAq9/DhXN2RBaO/QGBdspL6bSivkhcSIQGOMGRQ47h6fk+BK5aWuZ0
qeIN+/XBcNlLLyUaaNjST81S+8+Tl1p3ajNXZtWvVAaMdOhZ0n3F6M7tOU7xRzUw
HLg7Eqm3u7gtfdPeftWaDb1DFN2V0l2YEA7lR4WqoHHgn5Z10V3g4K52GJEJQnVz
EuGsaAyUQx2/ZEx13araV37cuuADSAUQdCNdsjXNA+9Iwqu9NQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:23:45 2025 by rpki-client