Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9ytaYf_fLJGgyJTNEXmiqnhgJb0.roa
File: 9ytaYf_fLJGgyJTNEXmiqnhgJb0.roa (raw, json)
Hash identifier: px/WMQr/NkBomFrTvD/KH3Hvhoq3cMNTyLK6L2W/VrQ=
Subject key identifier: F7:2B:5A:61:FF:DF:2C:91:A0:C8:94:CD:11:79:A2:AA:78:60:25:BD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185F76CE8FD9F3ED055F023117EC42EF7DA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9ytaYf_fLJGgyJTNEXmiqnhgJb0.roa
Signing time: Sat 28 Jan 2023 08:09:47 +0000
ROA not before: Sat 28 Jan 2023 08:09:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f7:6c:e8:fd:9f:3e:d0:55:f0:23:11:7e:c4:2e:f7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 28 08:09:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f72b5a61ffdf2c91a0c894cd1179a2aa786025bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c6:6e:9b:32:87:8e:36:2b:95:69:15:f4:7b:
6f:dc:d6:ce:23:30:cc:e8:ac:88:60:cb:39:72:17:
89:6d:c0:1a:fa:30:c2:36:ac:a6:cc:a2:77:28:39:
e7:17:71:2d:56:ac:61:89:be:f3:a2:51:92:6c:6f:
54:26:ef:05:4c:f5:0a:ca:46:71:40:37:d9:6e:b5:
ca:0f:ec:19:2a:03:08:a5:a8:6a:86:d9:0f:ff:71:
2e:8f:2f:66:e5:36:34:ee:ca:57:c3:44:b3:ae:cf:
d3:5b:61:ed:da:cf:b9:8d:0b:f2:9b:87:a0:d5:c0:
0c:b0:ba:db:f5:6d:9b:da:4c:d7:4e:d5:2c:2c:a4:
d0:70:0f:54:38:43:27:25:14:2b:9d:8e:e8:b6:29:
0a:6a:2e:b8:17:e2:3b:6e:8e:01:e3:6e:7c:dc:b9:
09:8c:df:da:14:92:ec:c7:dc:09:e5:c7:9c:b4:13:
46:22:c3:d4:b0:94:85:60:0b:69:4b:bf:65:6e:59:
b0:aa:8d:f1:0d:34:b9:9e:88:87:45:0f:c9:db:f8:
34:33:3a:55:fa:90:39:25:5e:6a:90:d1:9d:01:e2:
f2:1d:63:89:f0:20:eb:78:11:8d:6b:7f:df:69:91:
02:ca:a6:2e:9b:dc:46:ca:58:51:9a:de:23:fa:c7:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2B:5A:61:FF:DF:2C:91:A0:C8:94:CD:11:79:A2:AA:78:60:25:BD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9ytaYf_fLJGgyJTNEXmiqnhgJb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:63:72:ec:65:26:11:b8:47:90:e5:4e:24:f8:df:d0:d0:44:
d6:32:02:4d:69:95:18:dd:96:72:e4:34:a7:1f:81:e8:4b:c0:
64:69:90:dd:91:6d:72:10:95:4a:2e:68:48:63:d2:65:64:3f:
8a:42:89:64:6f:f2:bf:b0:bf:8b:e8:fd:d3:cb:50:a4:24:a0:
a7:47:f8:74:46:8c:90:f8:3d:5d:3f:c8:b9:15:79:37:bc:af:
ba:bb:53:53:b4:4f:a3:a4:e5:b2:ed:5c:ca:83:36:06:9f:2a:
59:51:38:08:67:f4:e6:4b:fa:66:81:7f:1c:62:fa:95:f2:d3:
0b:48:5a:b7:04:7b:94:bd:6b:2f:86:eb:8d:65:ed:b8:fa:ae:
c8:2b:4a:7a:c7:fc:70:de:5c:ee:aa:b5:a5:cc:4a:6b:59:79:
c6:a8:55:c9:1a:9a:05:d4:b8:19:7f:53:af:80:9a:a9:99:1a:
ca:88:90:b2:a3:83:56:60:2f:a2:9e:5e:ea:c1:1e:8c:77:23:
21:f2:25:2c:44:ba:6f:7f:4e:60:82:11:57:8c:2b:c0:c2:a2:
8a:46:41:ec:00:38:4d:4e:4d:2c:ad:cf:c1:fb:49:ed:92:ef:
b6:24:25:f2:87:fe:73:ad:26:f4:1d:df:7a:e6:4a:f1:13:15:
14:a2:6f:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYX3bOj9nz7QVfAjEX7ELvfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI4MDgwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJiNWE2MWZmZGYyYzkxYTBjODk0Y2QxMTc5YTJhYTc4NjAyNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssZumzKHjjYrlWkV9Htv3NbOIzDM
6KyIYMs5cheJbcAa+jDCNqymzKJ3KDnnF3EtVqxhib7zolGSbG9UJu8FTPUKykZx
QDfZbrXKD+wZKgMIpahqhtkP/3Eujy9m5TY07spXw0Szrs/TW2Ht2s+5jQvym4eg
1cAMsLrb9W2b2kzXTtUsLKTQcA9UOEMnJRQrnY7otikKai64F+I7bo4B42583LkJ
jN/aFJLsx9wJ5cectBNGIsPUsJSFYAtpS79lblmwqo3xDTS5noiHRQ/J2/g0MzpV
+pA5JV5qkNGdAeLyHWOJ8CDreBGNa3/faZECyqYum9xGylhRmt4j+sdmXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPcrWmH/3yyRoMiUzRF5oqp4YCW9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOXl0YVlmX2ZMSkdneUpUTkVYbWlxbmhnSmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHdjcuxlJhG4R5DlTiT4
39DQRNYyAk1plRjdlnLkNKcfgehLwGRpkN2RbXIQlUouaEhj0mVkP4pCiWRv8r+w
v4vo/dPLUKQkoKdH+HRGjJD4PV0/yLkVeTe8r7q7U1O0T6Ok5bLtXMqDNgafKllR
OAhn9OZL+maBfxxi+pXy0wtIWrcEe5S9ay+G641l7bj6rsgrSnrH/HDeXO6qtaXM
SmtZecaoVckamgXUuBl/U6+AmqmZGsqIkLKjg1ZgL6KeXurBHox3IyHyJSxEum9/
TmCCEVeMK8DCoopGQewAOE1OTSytz8H7Se2S77YkJfKH/nOtJvQd33rmSvETFRSi
b9U=
-----END CERTIFICATE-----
Generated at Thu May 1 01:44:17 2025 by rpki-client