Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y8_bFWSzNNMlUY7VxILwNzyMzO4.roa
File: Y8_bFWSzNNMlUY7VxILwNzyMzO4.roa (raw, json)
Hash identifier: 7CZf4HQ6eVq45zk8eJYG2BxlQsA2gzRj9UXd42Y2rKs=
Subject key identifier: 63:CF:DB:15:64:B3:34:D3:25:51:8E:D5:C4:82:F0:37:3C:8C:CC:EE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1E34EE68C37D6A21B4DF8D7DC08DAB4D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y8_bFWSzNNMlUY7VxILwNzyMzO4.roa
Signing time: Tue 22 Aug 2023 17:04:59 +0000
ROA not before: Tue 22 Aug 2023 17:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:18a:1e34:495b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1e:34:ee:68:c3:7d:6a:21:b4:df:8d:7d:c0:8d:ab:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 22 17:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63cfdb1564b334d325518ed5c482f0373c8cccee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:05:9c:0a:cc:af:7c:e8:41:48:76:10:e1:30:
31:91:86:72:34:03:ea:7e:7d:ab:d4:50:f8:fb:1f:
e2:35:85:56:d7:14:52:da:eb:b2:97:d2:05:c3:65:
bc:5b:23:99:57:16:08:ed:2b:f7:29:55:8e:a3:3e:
aa:7b:dc:6a:74:dd:f3:c9:c2:17:2f:f5:9d:56:84:
4f:45:aa:43:a5:b3:7f:1d:85:61:0f:be:79:d7:6f:
50:9b:12:fb:27:5a:2a:93:f7:42:62:43:f5:2e:6a:
fb:4c:f4:b1:37:32:87:24:de:cc:a6:f3:08:87:55:
7d:da:ef:eb:3d:a0:e5:a5:7d:1a:2f:31:8c:61:bb:
07:54:eb:7e:2b:8e:da:7b:d9:1f:c7:b1:61:f3:42:
b5:61:e4:bf:a0:6c:eb:30:16:a6:bf:a4:72:1e:8d:
c9:3c:17:fe:ed:a1:1e:9f:47:2f:1e:b4:70:a1:48:
1f:9e:76:d3:d3:8f:0c:2c:95:71:3e:b8:e4:4e:70:
ba:c6:5d:1b:66:7c:61:85:54:bb:85:2a:12:62:01:
cd:85:ca:c2:ca:f1:28:b2:0c:f6:1e:2b:42:2f:c0:
52:5b:4c:70:c9:3d:d5:d6:f8:1b:a4:d1:cc:7a:78:
23:84:77:9e:8d:bf:29:0b:38:12:41:c5:b7:17:69:
74:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CF:DB:15:64:B3:34:D3:25:51:8E:D5:C4:82:F0:37:3C:8C:CC:EE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y8_bFWSzNNMlUY7VxILwNzyMzO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:d4:32:73:13:5e:92:e1:c0:7a:73:a5:92:d1:cf:cb:64:d2:
d7:99:aa:11:1c:e4:5b:33:bd:1d:5d:bb:5c:86:50:8e:1f:2a:
79:87:42:e4:4f:a2:cd:64:b3:0d:2e:f4:0f:f1:49:54:06:0b:
05:ff:82:d5:93:4b:37:95:70:16:e8:06:08:99:22:ba:f5:c9:
a7:9a:2a:cc:80:59:5d:4d:95:92:c7:89:f5:33:7a:6d:79:ed:
5e:f0:a1:98:c7:07:0c:e2:43:47:4a:27:a8:26:af:23:68:8b:
75:89:d4:f5:b1:ac:4b:81:98:75:cd:79:b3:e8:31:df:90:45:
91:4c:f8:4b:64:cc:f3:3c:2d:ee:a7:53:67:f6:c8:3c:cb:9c:
a3:16:09:f4:e2:74:97:0e:85:c8:cf:24:8a:4f:f7:4d:45:c3:
86:a4:8b:5b:ab:aa:55:ef:25:5f:f0:a5:2e:c6:dd:12:50:f1:
9e:e3:df:d5:ea:4b:c1:f7:ec:19:15:fb:4e:b0:f2:d6:41:b5:
d7:28:a9:78:fd:3e:c8:fc:2b:b8:1c:ac:d4:69:f2:1c:53:aa:
d0:c6:e8:6c:c2:04:ff:10:0d:56:09:f0:27:d9:96:55:28:5b:
04:e7:cf:ab:8a:ea:11:5c:38:9d:ff:56:e7:b8:28:74:1c:d0:
00:42:a6:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoeNO5ow31qIbTfjX3AjatNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIyMTcwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2NmZGIxNTY0YjMzNGQzMjU1MThlZDVjNDgyZjAzNzNjOGNjY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQWcCsyvfOhBSHYQ4TAxkYZyNAPq
fn2r1FD4+x/iNYVW1xRS2uuyl9IFw2W8WyOZVxYI7Sv3KVWOoz6qe9xqdN3zycIX
L/WdVoRPRapDpbN/HYVhD755129QmxL7J1oqk/dCYkP1Lmr7TPSxNzKHJN7MpvMI
h1V92u/rPaDlpX0aLzGMYbsHVOt+K47ae9kfx7Fh80K1YeS/oGzrMBamv6RyHo3J
PBf+7aEen0cvHrRwoUgfnnbT048MLJVxPrjkTnC6xl0bZnxhhVS7hSoSYgHNhcrC
yvEosgz2HitCL8BSW0xwyT3V1vgbpNHMengjhHeejb8pCzgSQcW3F2l0LwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGPP2xVkszTTJVGO1cSC8Dc8jMzuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWThfYkZXU3pOTk1sVVk3VnhJTHdOenlNek80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADTUMnMTXpLhwHpzpZLR
z8tk0teZqhEc5FszvR1du1yGUI4fKnmHQuRPos1ksw0u9A/xSVQGCwX/gtWTSzeV
cBboBgiZIrr1yaeaKsyAWV1NlZLHifUzem157V7woZjHBwziQ0dKJ6gmryNoi3WJ
1PWxrEuBmHXNebPoMd+QRZFM+EtkzPM8Le6nU2f2yDzLnKMWCfTidJcOhcjPJIpP
901Fw4aki1urqlXvJV/wpS7G3RJQ8Z7j39XqS8H37BkV+06w8tZBtdcoqXj9Psj8
K7gcrNRp8hxTqtDG6GzCBP8QDVYJ8CfZllUoWwTnz6uK6hFcOJ3/Vue4KHQc0ABC
pr4=
-----END CERTIFICATE-----
Generated at Thu May 1 20:23:36 2025 by rpki-client