Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AYF-TDjHecs-oYVQZL9zlrZL0PA.roa
File: AYF-TDjHecs-oYVQZL9zlrZL0PA.roa (raw, json)
Hash identifier: Ngl+6adMGbemINx0rVze387tOnrxrKnX8s/pe/fcH6s=
Subject key identifier: 01:81:7E:4C:38:C7:79:CB:3E:A1:85:50:64:BF:73:96:B6:4B:D0:F0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01897F708416C364E4F27A8207E16B8BFB46
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AYF-TDjHecs-oYVQZL9zlrZL0PA.roa
Signing time: Sat 22 Jul 2023 21:10:27 +0000
ROA not before: Sat 22 Jul 2023 21:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7f:70:84:16:c3:64:e4:f2:7a:82:07:e1:6b:8b:fb:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 22 21:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01817e4c38c779cb3ea1855064bf7396b64bd0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ce:42:ad:3b:9b:55:cd:6c:70:35:39:cd:7a:
5c:35:fd:ee:76:62:50:65:d1:87:69:a6:b8:47:93:
38:b6:42:3a:a9:aa:14:96:2f:dc:fb:24:31:45:f7:
37:10:57:e0:a9:22:db:4d:52:5e:00:61:37:90:1f:
3d:b3:b9:35:68:15:24:59:f8:8d:ff:72:ee:6b:33:
0a:1e:32:87:c8:d0:e3:ee:1b:11:32:98:5d:69:4a:
23:55:64:b8:59:7b:24:06:e0:e6:70:3a:e9:83:24:
5a:7b:65:ad:31:56:1e:85:b4:b0:fe:4d:d7:c0:e0:
fc:1e:06:6e:79:e6:24:0b:90:c2:5f:75:93:de:62:
69:28:60:db:fe:0d:00:9e:1e:b0:e0:f6:24:86:a0:
9b:6d:4b:5b:2e:73:71:e0:56:b5:00:7a:7b:cc:75:
aa:35:fa:76:05:4e:1f:6e:7c:ce:55:93:75:ad:3f:
a6:3a:da:8b:50:82:d6:4c:01:81:77:b4:2b:7f:96:
27:c2:3d:d4:8b:21:64:47:0c:65:ef:9e:41:4f:bf:
f4:08:44:30:45:a4:1b:07:4c:32:da:48:31:73:a1:
06:62:50:45:51:ac:d4:eb:e1:a6:c4:9c:67:65:df:
1f:b7:0c:14:80:09:4f:8a:02:a0:a9:6c:a1:62:d8:
bf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:81:7E:4C:38:C7:79:CB:3E:A1:85:50:64:BF:73:96:B6:4B:D0:F0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AYF-TDjHecs-oYVQZL9zlrZL0PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:da:37:96:d0:26:c2:fa:e0:94:15:f9:6b:d2:e1:93:7f:3b:
36:a7:69:1d:17:68:50:c7:a4:91:8d:b2:ee:81:6b:d6:a4:74:
c0:85:3b:8d:4f:cf:45:d1:64:81:74:c6:db:ab:35:c1:a6:07:
cf:a5:c2:b6:97:90:81:8a:6a:54:95:23:ef:3f:65:0b:e3:67:
7f:62:6d:e5:d9:d1:46:eb:70:68:2a:cd:0e:27:87:5b:c1:85:
27:01:de:03:1e:6a:1a:17:49:a2:8b:16:80:c5:43:21:d0:71:
04:61:97:c4:78:91:7d:66:37:2f:88:12:2f:85:cd:06:ec:84:
a3:8f:4f:1f:38:5a:3f:02:3d:c0:c3:eb:15:c9:2e:3d:a2:00:
e6:67:51:f1:be:f1:76:95:29:e4:55:1e:f5:ac:6a:a4:22:a7:
ab:51:68:b1:02:f0:39:9c:bb:58:6f:96:e2:15:ad:ad:f8:b3:
96:2f:83:86:92:0b:6d:42:68:7a:75:36:57:27:35:14:b5:a5:
82:f9:46:87:18:d5:68:05:16:61:8c:70:a7:9b:12:bd:af:21:
8e:e8:ae:d4:f5:3e:ef:b5:f7:d0:7d:f7:ae:fa:4a:22:30:0a:
30:e4:92:d4:f7:71:1c:01:21:b5:27:c7:04:7c:12:bf:67:39:
dd:09:7b:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYl/cIQWw2Tk8nqCB+Fri/tGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzIyMjExMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTgxN2U0YzM4Yzc3OWNiM2VhMTg1NTA2NGJmNzM5NmI2NGJkMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM5CrTubVc1scDU5zXpcNf3udmJQ
ZdGHaaa4R5M4tkI6qaoUli/c+yQxRfc3EFfgqSLbTVJeAGE3kB89s7k1aBUkWfiN
/3LuazMKHjKHyNDj7hsRMphdaUojVWS4WXskBuDmcDrpgyRae2WtMVYehbSw/k3X
wOD8HgZueeYkC5DCX3WT3mJpKGDb/g0Anh6w4PYkhqCbbUtbLnNx4Fa1AHp7zHWq
Nfp2BU4fbnzOVZN1rT+mOtqLUILWTAGBd7Qrf5Ynwj3UiyFkRwxl755BT7/0CEQw
RaQbB0wy2kgxc6EGYlBFUazU6+GmxJxnZd8ftwwUgAlPigKgqWyhYti/QQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAGBfkw4x3nLPqGFUGS/c5a2S9DwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQVlGLVREakhlY3Mtb1lWUVpMOXpsclpMMFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7aN5bQJsL64JQV+WvS
4ZN/OzanaR0XaFDHpJGNsu6Ba9akdMCFO41Pz0XRZIF0xturNcGmB8+lwraXkIGK
alSVI+8/ZQvjZ39ibeXZ0UbrcGgqzQ4nh1vBhScB3gMeahoXSaKLFoDFQyHQcQRh
l8R4kX1mNy+IEi+FzQbshKOPTx84Wj8CPcDD6xXJLj2iAOZnUfG+8XaVKeRVHvWs
aqQip6tRaLEC8Dmcu1hvluIVra34s5Yvg4aSC21CaHp1NlcnNRS1pYL5RocY1WgF
FmGMcKebEr2vIY7ortT1Pu+199B99676SiIwCjDkktT3cRwBIbUnxwR8Er9nOd0J
ewE=
-----END CERTIFICATE-----
Generated at Thu May 1 02:51:03 2025 by rpki-client