Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YGkaXVvFvt5ILbebc673SCYgzNw.roa
File: YGkaXVvFvt5ILbebc673SCYgzNw.roa (raw, json)
Hash identifier: TZ/1dBQIlQlIRG1iQIeDulQ3aeJcyzoI70N4Sre7Xwo=
Subject key identifier: 60:69:1A:5D:5B:C5:BE:DE:48:2D:B7:9B:73:AE:F7:48:26:20:CC:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D4D8B168CFDE07E40B05CAE54DEC8B84
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YGkaXVvFvt5ILbebc673SCYgzNw.roa
Signing time: Tue 08 Aug 2023 11:11:58 +0000
ROA not before: Tue 08 Aug 2023 11:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:d8:b1:68:cf:de:07:e4:0b:05:ca:e5:4d:ec:8b:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 8 11:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60691a5d5bc5bede482db79b73aef7482620ccdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f1:9d:fd:03:9a:9a:ea:70:57:71:13:be:82:
21:ca:4f:cc:21:88:60:85:f1:65:47:4a:c8:28:9f:
a8:dc:9f:16:ad:f5:b5:0c:ac:ea:2f:dd:0f:dc:ac:
4f:ec:0a:3a:ee:64:17:b7:24:4c:26:4b:bd:92:39:
2a:b3:97:a4:49:12:55:ee:27:f5:5d:b4:a8:d8:32:
4e:43:ba:6c:38:17:50:7e:26:c6:3b:1d:6e:85:27:
42:3f:39:2d:dc:7f:22:81:c3:8d:90:79:80:57:89:
76:cc:87:60:56:6d:a2:23:c6:cc:e4:a4:cc:11:ca:
f7:32:7d:6b:87:51:5e:e2:94:3e:2c:1d:16:13:84:
89:d7:68:f5:50:0c:e4:27:a2:f6:a9:18:b8:9a:37:
d0:ee:d5:45:0a:71:a5:99:9e:60:fd:98:81:77:35:
34:84:64:e7:57:cd:02:f3:47:39:b5:f0:58:91:9c:
1c:e5:51:93:25:e1:24:6c:82:a9:02:f8:da:16:20:
d8:4d:3a:ee:3c:bd:21:b4:fb:83:dc:1b:3b:29:cd:
97:75:d5:8e:00:cd:b1:46:67:41:39:5f:0e:ed:e4:
07:32:b9:b7:5a:b6:9c:2d:c5:5f:ae:cd:a2:bc:20:
e0:4f:60:c5:5e:0a:ce:c1:f7:07:20:9c:d3:53:2a:
5e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:69:1A:5D:5B:C5:BE:DE:48:2D:B7:9B:73:AE:F7:48:26:20:CC:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YGkaXVvFvt5ILbebc673SCYgzNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:bf:e8:af:ef:1f:a3:5e:22:4d:71:70:71:f0:b3:1a:0a:92:
61:3a:5f:7d:6a:06:8b:e2:8a:81:3e:35:63:47:ff:64:fe:37:
e9:20:ee:e0:9c:99:6c:34:ce:d4:38:75:b7:b4:72:5f:3e:73:
d3:2a:b7:f8:54:a9:cd:94:ce:1a:fd:af:e3:8d:f4:18:dd:b4:
19:49:53:ab:df:17:de:91:a7:28:bc:70:1b:c8:0e:8f:d7:ee:
02:9c:32:c4:a1:1f:4a:ae:6f:45:49:3f:3b:8f:05:ec:1f:cc:
b5:ea:7e:40:84:93:87:44:8a:ba:e4:53:b4:5d:67:02:e3:05:
04:f2:47:48:df:ba:19:c0:63:bd:80:c7:3d:fa:25:2d:88:41:
43:42:f5:fb:c2:ef:80:a7:a0:aa:74:bf:60:34:8e:56:05:b5:
26:5c:ae:4c:7c:2e:c6:23:46:62:fd:56:2a:c2:de:75:c7:06:
49:c0:8f:8e:65:84:d7:09:d7:c9:57:6a:bd:4a:78:00:dd:93:
76:f1:68:0e:01:cf:71:34:f1:d2:8e:d3:de:1c:8c:b3:e1:5f:
ac:d9:3a:3b:aa:13:39:c6:7d:be:43:53:2e:e7:f5:f6:be:e1:
6d:cc:27:e8:37:b4:49:a7:82:b5:29:fd:84:7c:93:91:69:82:
80:cb:c9:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnU2LFoz94H5AsFyuVN7IuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA4MTExMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY5MWE1ZDViYzViZWRlNDgyZGI3OWI3M2FlZjc0ODI2MjBjY2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivGd/QOamupwV3ETvoIhyk/MIYhg
hfFlR0rIKJ+o3J8WrfW1DKzqL90P3KxP7Ao67mQXtyRMJku9kjkqs5ekSRJV7if1
XbSo2DJOQ7psOBdQfibGOx1uhSdCPzkt3H8igcONkHmAV4l2zIdgVm2iI8bM5KTM
Ecr3Mn1rh1Fe4pQ+LB0WE4SJ12j1UAzkJ6L2qRi4mjfQ7tVFCnGlmZ5g/ZiBdzU0
hGTnV80C80c5tfBYkZwc5VGTJeEkbIKpAvjaFiDYTTruPL0htPuD3Bs7Kc2XddWO
AM2xRmdBOV8O7eQHMrm3WracLcVfrs2ivCDgT2DFXgrOwfcHIJzTUype6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGBpGl1bxb7eSC23m3Ou90gmIMzcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWUdrYVhWdkZ2dDVJTGJlYmM2NzNTQ1lnek53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIS/6K/vH6NeIk1xcHHw
sxoKkmE6X31qBoviioE+NWNH/2T+N+kg7uCcmWw0ztQ4dbe0cl8+c9Mqt/hUqc2U
zhr9r+ON9BjdtBlJU6vfF96Rpyi8cBvIDo/X7gKcMsShH0qub0VJPzuPBewfzLXq
fkCEk4dEirrkU7RdZwLjBQTyR0jfuhnAY72Axz36JS2IQUNC9fvC74CnoKp0v2A0
jlYFtSZcrkx8LsYjRmL9VirC3nXHBknAj45lhNcJ18lXar1KeADdk3bxaA4Bz3E0
8dKO094cjLPhX6zZOjuqEznGfb5DUy7n9fa+4W3MJ+g3tEmngrUp/YR8k5FpgoDL
yR4=
-----END CERTIFICATE-----
Generated at Fri May 2 21:03:29 2025 by rpki-client