Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y8k4mjCPM4GqL7dSsApSRzDXC5U.roa
File: Y8k4mjCPM4GqL7dSsApSRzDXC5U.roa (raw, json)
Hash identifier: SHM9Wa+dfk6DisJRySOn2FfsMZBNADtuyvxwkkV/2IU=
Subject key identifier: 63:C9:38:9A:30:8F:33:81:AA:2F:B7:52:B0:0A:52:47:30:D7:0B:95
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018644ACA09D127145B8A745EEC6230C0DA5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y8k4mjCPM4GqL7dSsApSRzDXC5U.roa
Signing time: Sun 12 Feb 2023 08:10:09 +0000
ROA not before: Sun 12 Feb 2023 08:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:44:ac:a0:9d:12:71:45:b8:a7:45:ee:c6:23:0c:0d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 12 08:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63c9389a308f3381aa2fb752b00a524730d70b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:64:7e:7c:a4:be:b6:71:ba:f7:6e:f5:32:46:
8e:d0:00:b2:91:25:ad:11:1d:cb:5b:96:8e:05:b9:
68:96:4f:17:33:42:56:d2:2d:f4:d9:e1:4c:84:7a:
c0:65:61:cd:21:d5:5e:33:31:8f:aa:7c:97:2b:86:
2f:0d:5a:21:33:0c:ff:0c:6f:19:42:37:69:68:8a:
4a:27:68:b5:34:e5:1d:51:ce:ff:a3:3b:11:8b:1b:
ab:66:54:c2:f7:ca:87:40:b8:2a:ff:91:46:bf:a7:
10:f8:53:dd:01:f5:6c:ff:c6:ff:11:e6:8c:0c:84:
0a:31:7b:ed:2b:2b:33:0b:68:c2:8b:4a:07:2a:fe:
01:29:3c:b6:d5:fe:ba:39:23:c4:1c:cb:9e:68:36:
69:17:e2:ea:4c:36:5d:fb:c2:4d:24:6d:64:cc:9c:
7a:d7:f2:c9:b2:d7:48:b7:e3:00:56:79:b0:85:ce:
f4:d3:3a:94:63:5b:72:b3:d8:1c:c8:90:f4:41:37:
dc:fb:c7:db:d3:49:73:2c:a7:16:53:82:42:08:9a:
f6:9e:f5:41:e8:68:80:28:6c:4c:59:a2:23:cc:76:
8c:df:1f:c5:5d:bc:31:27:05:6b:41:d5:e9:9a:96:
aa:f6:32:4c:24:47:49:e9:2a:40:fd:f7:28:ac:6d:
08:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C9:38:9A:30:8F:33:81:AA:2F:B7:52:B0:0A:52:47:30:D7:0B:95
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y8k4mjCPM4GqL7dSsApSRzDXC5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:71:ea:d0:42:c6:bc:7a:83:b8:58:d0:a2:4d:4a:b9:73:38:
e6:65:e4:0e:35:e0:ff:12:63:fe:2a:de:a2:dc:8d:13:25:e1:
db:15:0c:d6:07:43:9b:e7:1c:de:43:45:ee:a3:2a:e8:ca:39:
b6:cf:21:ce:f2:de:f0:34:8d:85:4e:1c:46:5f:b2:4b:3f:ab:
08:e2:78:3c:dd:9c:57:b1:fc:f3:d6:89:56:e4:0a:78:d4:7d:
32:71:04:d7:77:7e:40:9d:fa:33:f6:95:77:ef:3a:a8:1c:b0:
16:3c:72:1d:17:b6:95:c4:ba:8d:85:a2:ef:55:cd:02:27:7e:
54:15:48:eb:b4:4c:1a:eb:b7:27:02:d9:6f:fe:07:86:5e:25:
af:e7:de:0c:e0:39:78:bb:b6:49:10:d2:55:b8:ce:3e:03:59:
fd:09:d2:36:4e:c3:8a:cb:a6:e9:c9:f9:72:22:49:f8:d6:aa:
00:97:c8:ad:ff:75:83:11:05:68:5b:24:34:f6:6b:44:6c:80:
48:88:85:24:10:02:27:8c:c6:38:76:f1:47:14:b4:87:94:28:
f9:31:1b:5f:db:31:9c:19:3e:0b:34:46:36:9f:21:e1:18:0d:
1d:0c:83:85:14:a9:d0:68:2b:e7:0d:21:4d:65:62:9d:02:60:
16:84:9b:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZErKCdEnFFuKdF7sYjDA2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEyMDgxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M5Mzg5YTMwOGYzMzgxYWEyZmI3NTJiMDBhNTI0NzMwZDcwYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GR+fKS+tnG69271MkaO0ACykSWt
ER3LW5aOBblolk8XM0JW0i302eFMhHrAZWHNIdVeMzGPqnyXK4YvDVohMwz/DG8Z
QjdpaIpKJ2i1NOUdUc7/ozsRixurZlTC98qHQLgq/5FGv6cQ+FPdAfVs/8b/EeaM
DIQKMXvtKyszC2jCi0oHKv4BKTy21f66OSPEHMueaDZpF+LqTDZd+8JNJG1kzJx6
1/LJstdIt+MAVnmwhc700zqUY1tys9gcyJD0QTfc+8fb00lzLKcWU4JCCJr2nvVB
6GiAKGxMWaIjzHaM3x/FXbwxJwVrQdXpmpaq9jJMJEdJ6SpA/fcorG0IwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGPJOJowjzOBqi+3UrAKUkcw1wuVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWThrNG1qQ1BNNEdxTDdkU3NBcFNSekRYQzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxx6tBCxrx6g7hY0KJN
SrlzOOZl5A414P8SY/4q3qLcjRMl4dsVDNYHQ5vnHN5DRe6jKujKObbPIc7y3vA0
jYVOHEZfsks/qwjieDzdnFex/PPWiVbkCnjUfTJxBNd3fkCd+jP2lXfvOqgcsBY8
ch0XtpXEuo2Fou9VzQInflQVSOu0TBrrtycC2W/+B4ZeJa/n3gzgOXi7tkkQ0lW4
zj4DWf0J0jZOw4rLpunJ+XIiSfjWqgCXyK3/dYMRBWhbJDT2a0RsgEiIhSQQAieM
xjh28UcUtIeUKPkxG1/bMZwZPgs0RjafIeEYDR0Mg4UUqdBoK+cNIU1lYp0CYBaE
m9E=
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:17 2025 by rpki-client