Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YH2icHTLLKaFkrb3G1lVSudbTno.roa
File: YH2icHTLLKaFkrb3G1lVSudbTno.roa (raw, json)
Hash identifier: +MSJu4tskt9LvaEOSmHN2npkEmRLgS/IpiSc22ADs+0=
Subject key identifier: 60:7D:A2:70:74:CB:2C:A6:85:92:B6:F7:1B:59:55:4A:E7:5B:4E:7A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 91E0B36E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YH2icHTLLKaFkrb3G1lVSudbTno.roa
Signing time: Sat 02 Jul 2022 23:10:25 +0000
ROA not before: Sat 02 Jul 2022 23:10:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2447422318 (0x91e0b36e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 2 23:10:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=607da27074cb2ca68592b6f71b59554ae75b4e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:98:b3:c2:6c:b8:27:8d:e5:da:dc:d6:94:46:
b1:fe:e1:5f:cc:c3:f2:f4:64:18:30:45:26:63:e8:
b3:ce:43:34:71:8f:0d:df:f6:a6:7f:42:96:c4:49:
7b:34:2b:0a:a6:d4:38:41:57:9b:a3:81:91:ea:7f:
65:24:ef:d5:46:91:6a:71:9c:fb:55:2a:7f:cd:ca:
2c:7d:35:b7:2a:27:77:33:1a:98:39:9d:0b:a3:cf:
67:25:57:7e:c3:c8:c7:09:d2:ea:6d:97:31:25:6a:
35:26:ee:44:49:d8:79:a4:27:52:b4:dc:5b:e1:81:
55:d5:e7:b9:eb:8e:e0:cd:96:d9:b9:eb:d1:89:6e:
ab:49:2c:3b:48:cc:5f:ac:d9:5c:4c:69:17:6d:6d:
5c:5e:84:a8:7e:4d:4a:d4:55:bc:93:e8:b9:b4:a2:
5c:d3:57:7d:96:13:6c:b0:ec:d4:3a:1c:ea:1c:99:
9d:6a:b1:c1:a8:90:1e:68:49:fe:60:c0:58:1d:8f:
23:69:c2:10:b9:a6:86:e2:44:63:38:56:95:31:ce:
18:8d:55:0b:21:df:c2:2f:e1:de:79:8c:99:ac:2f:
a6:10:e7:29:0f:2f:03:aa:e7:88:46:f9:f3:42:7a:
48:fa:ab:3d:e0:cc:77:b4:f5:b3:ca:a5:dc:ca:db:
dd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7D:A2:70:74:CB:2C:A6:85:92:B6:F7:1B:59:55:4A:E7:5B:4E:7A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YH2icHTLLKaFkrb3G1lVSudbTno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:62:ea:8d:4b:5e:08:24:c9:8a:d6:47:c9:6b:7c:f9:bd:e6:
54:79:db:fc:7e:1b:48:33:4d:ee:d2:df:a6:92:b1:b0:1c:6a:
4d:b8:22:02:45:1a:07:20:b7:f5:ec:10:58:72:36:cd:b1:77:
91:30:8b:f5:dd:2e:29:4e:30:65:c3:bc:3a:6f:85:96:10:21:
65:8a:c8:1a:3e:c6:b5:6b:44:30:1d:2b:d6:a0:99:95:7e:83:
d9:4c:ff:95:36:8e:ab:01:1d:2d:40:02:ff:76:fe:4a:aa:0e:
a6:42:8d:33:0b:dd:9d:8d:f6:57:0f:7b:e8:f0:db:2d:19:64:
e9:3d:50:58:8b:1c:44:55:d8:c8:22:7b:79:9f:d6:3a:b5:dd:
0b:52:18:02:33:85:54:df:b7:7d:4e:fe:c0:52:d0:3e:cf:2c:
00:69:98:cb:9d:5a:e1:2c:9f:d9:c9:8e:be:f7:48:60:05:06:
ee:9f:77:76:76:ee:80:f5:6d:fe:24:62:a2:2a:62:4d:87:88:
90:17:2e:06:6a:df:55:97:76:f8:92:85:4b:e8:8e:8c:6e:97:
fa:d8:14:3b:b5:ae:65:2c:c8:8b:e2:83:9b:32:47:69:65:67:
d7:eb:a7:6c:12:26:fe:d7:bb:51:2b:0b:88:7d:c2:93:a6:cd:
5e:32:44:8a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJHgs24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA3
MDIyMzEwMjVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDYwN2RhMjcwNzRj
YjJjYTY4NTkyYjZmNzFiNTk1NTRhZTc1YjRlN2EwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCAmLPCbLgnjeXa3NaURrH+4V/Mw/L0ZBgwRSZj6LPOQzRx
jw3f9qZ/QpbESXs0Kwqm1DhBV5ujgZHqf2Uk79VGkWpxnPtVKn/Nyix9NbcqJ3cz
Gpg5nQujz2clV37DyMcJ0uptlzElajUm7kRJ2HmkJ1K03FvhgVXV57nrjuDNltm5
69GJbqtJLDtIzF+s2VxMaRdtbVxehKh+TUrUVbyT6Lm0olzTV32WE2yw7NQ6HOoc
mZ1qscGokB5oSf5gwFgdjyNpwhC5pobiRGM4VpUxzhiNVQsh38Iv4d55jJmsL6YQ
5ykPLwOq54hG+fNCekj6qz3gzHe09bPKpdzK291XAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUYH2icHTLLKaFkrb3G1lVSudbTnowHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9ZSDJpY0hUTExLYUZrcmIzRzFsVlN1ZGJUbm8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAYWLqjUteCCTJitZHyWt8+b3mVHnb/H4bSDNN
7tLfppKxsBxqTbgiAkUaByC39ewQWHI2zbF3kTCL9d0uKU4wZcO8Om+FlhAhZYrI
Gj7GtWtEMB0r1qCZlX6D2Uz/lTaOqwEdLUAC/3b+SqoOpkKNMwvdnY32Vw976PDb
LRlk6T1QWIscRFXYyCJ7eZ/WOrXdC1IYAjOFVN+3fU7+wFLQPs8sAGmYy51a4Syf
2cmOvvdIYAUG7p93dnbugPVt/iRioipiTYeIkBcuBmrfVZd2+JKFS+iOjG6X+tgU
O7WuZSzIi+KDmzJHaWVn1+unbBIm/te7USsLiH3Ck6bNXjJEig==
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:46:17 2025 by rpki-client