Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XxL_QH7QQS13oNwYkGEJuEb1m-c.roa
File: XxL_QH7QQS13oNwYkGEJuEb1m-c.roa (raw, json)
Hash identifier: K4ZxDCS2lRQqHzyTG5gy8xAqhUM6CcfRrBbMNc6KaJM=
Subject key identifier: 5F:12:FF:40:7E:D0:41:2D:77:A0:DC:18:90:61:09:B8:46:F5:9B:E7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184195552151605AC8A36AE6370BC10612C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XxL_QH7QQS13oNwYkGEJuEb1m-c.roa
Signing time: Thu 27 Oct 2022 12:05:32 +0000
ROA not before: Thu 27 Oct 2022 12:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:1954:f6f2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:55:52:15:16:05:ac:8a:36:ae:63:70:bc:10:61:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 27 12:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f12ff407ed0412d77a0dc18906109b846f59be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c2:ed:5f:3e:a8:25:6a:62:e0:bd:02:a3:a8:
00:de:97:46:57:ad:76:80:4d:34:e5:d0:a1:ce:6e:
34:b4:8a:35:dc:70:4b:3b:f1:0d:fa:23:6f:1e:e9:
58:7f:0b:50:40:d4:a0:f2:26:28:a8:eb:a7:03:a8:
d2:ba:11:e0:bb:3f:7a:f9:35:39:77:ad:cd:46:32:
dd:55:55:85:c5:f8:71:ca:b5:1a:15:6d:11:0c:11:
8f:1a:84:40:da:48:a0:ad:d4:f2:5b:fb:0f:de:99:
3d:6d:f3:27:bc:35:5e:45:e8:b5:9c:49:29:a0:93:
02:4a:e0:9c:a3:10:94:d9:51:9d:89:07:1a:ae:4a:
18:11:c3:94:91:3e:4d:a4:e4:0e:a1:1d:c6:f2:84:
fc:a4:11:36:88:ad:68:e8:02:29:8d:50:9a:67:a0:
e5:c4:53:c8:7f:d4:fc:fb:eb:f8:b0:0d:5c:8e:34:
65:a2:19:05:9b:c0:21:59:19:93:12:01:c9:f2:f1:
56:e2:f8:c1:f6:e7:85:60:ea:23:f9:8e:2a:14:fa:
1a:00:ee:2a:41:e9:d7:94:99:94:f4:5f:07:48:a6:
3a:66:06:be:39:1a:48:1a:84:2f:08:34:61:18:9d:
94:98:fe:3b:bf:58:19:8b:46:9a:8b:ae:11:2f:b8:
56:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:12:FF:40:7E:D0:41:2D:77:A0:DC:18:90:61:09:B8:46:F5:9B:E7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/XxL_QH7QQS13oNwYkGEJuEb1m-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:c9:99:a4:f8:6f:6d:34:8d:a8:8e:02:04:02:04:f9:37:6e:
ce:05:05:ec:6a:8c:96:b7:46:ab:f1:db:d1:ca:7e:fb:7b:79:
48:1c:63:d8:ad:93:1c:25:47:a8:df:d0:1d:0b:1b:ed:e3:d1:
bc:12:71:c9:da:86:a0:a5:7a:0f:46:4f:2a:ed:07:f9:81:ee:
a6:0e:ea:52:3a:ba:b4:50:54:23:30:c0:05:6d:60:32:ba:cb:
a8:85:08:b3:0b:2c:49:87:13:91:fa:02:0d:c8:9d:13:ce:e8:
04:67:06:0b:bd:ea:d5:9f:c2:7d:90:d6:73:29:71:94:fb:1e:
c2:38:d9:3d:e2:2d:24:a9:65:02:58:48:50:55:75:23:a9:f1:
cf:c8:f3:71:4c:3a:2f:0d:0e:cc:7b:44:d3:8a:d5:6d:c2:ac:
29:08:4c:37:a9:07:75:2f:80:09:81:d1:9e:1f:a6:53:5d:60:
55:f6:e7:cb:a5:48:ec:00:a6:a7:e4:b4:bb:96:8c:c1:6f:ce:
d1:f7:5b:08:70:6c:db:2f:1f:06:a3:3d:b5:28:55:dc:f4:5c:
7f:1d:b9:9f:af:95:f5:f6:a0:ba:b8:4e:fa:0b:e8:8d:7d:4e:
bf:e5:37:fd:32:01:13:cb:1b:22:51:a2:3e:f2:ac:24:db:c9:
75:5a:3c:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQZVVIVFgWsijauY3C8EGEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDI3MTIwNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjEyZmY0MDdlZDA0MTJkNzdhMGRjMTg5MDYxMDliODQ2ZjU5YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsLtXz6oJWpi4L0Co6gA3pdGV612
gE005dChzm40tIo13HBLO/EN+iNvHulYfwtQQNSg8iYoqOunA6jSuhHguz96+TU5
d63NRjLdVVWFxfhxyrUaFW0RDBGPGoRA2kigrdTyW/sP3pk9bfMnvDVeRei1nEkp
oJMCSuCcoxCU2VGdiQcarkoYEcOUkT5NpOQOoR3G8oT8pBE2iK1o6AIpjVCaZ6Dl
xFPIf9T8++v4sA1cjjRlohkFm8AhWRmTEgHJ8vFW4vjB9ueFYOoj+Y4qFPoaAO4q
QenXlJmU9F8HSKY6Zga+ORpIGoQvCDRhGJ2UmP47v1gZi0aai64RL7hWCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF8S/0B+0EEtd6DcGJBhCbhG9ZvnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWHhMX1FIN1FRUzEzb053WWtHRUp1RWIxbS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEbJmaT4b200jaiOAgQC
BPk3bs4FBexqjJa3Rqvx29HKfvt7eUgcY9itkxwlR6jf0B0LG+3j0bwSccnahqCl
eg9GTyrtB/mB7qYO6lI6urRQVCMwwAVtYDK6y6iFCLMLLEmHE5H6Ag3InRPO6ARn
Bgu96tWfwn2Q1nMpcZT7HsI42T3iLSSpZQJYSFBVdSOp8c/I83FMOi8NDsx7RNOK
1W3CrCkITDepB3UvgAmB0Z4fplNdYFX258ulSOwApqfktLuWjMFvztH3WwhwbNsv
HwajPbUoVdz0XH8duZ+vlfX2oLq4TvoL6I19Tr/lN/0yARPLGyJRoj7yrCTbyXVa
PGM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:16:59 2025 by rpki-client