Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YKvD79_cd0_axiqGa2TJ9S6rGNI.roa
File: YKvD79_cd0_axiqGa2TJ9S6rGNI.roa (raw, json)
Hash identifier: bFDAmsN5ROKbLIJE+YzNCDMEADGIHj0st2QMnWhDt4A=
Subject key identifier: 60:AB:C3:EF:DF:DC:77:4F:DA:C6:2A:86:6B:64:C9:F5:2E:AB:18:D2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018681A3BF4D86BD14EE7A62ECFBD4EC01FA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YKvD79_cd0_axiqGa2TJ9S6rGNI.roa
Signing time: Fri 24 Feb 2023 04:17:17 +0000
ROA not before: Fri 24 Feb 2023 04:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:81:a3:bf:4d:86:bd:14:ee:7a:62:ec:fb:d4:ec:01:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 04:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60abc3efdfdc774fdac62a866b64c9f52eab18d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d3:ac:10:32:8c:a1:db:93:a8:e2:e2:f2:7f:
db:17:77:94:dc:d3:78:87:01:b4:55:9a:e4:af:72:
09:77:07:dd:33:b6:b8:ce:4e:58:9b:46:f5:be:1e:
d3:96:26:93:3c:5b:cc:4f:b1:a4:b3:f6:58:c2:91:
4b:ce:03:45:af:e2:52:8a:c6:3b:ed:5d:d2:59:62:
aa:5a:77:4e:b4:4f:11:f2:0b:b7:6c:8d:ab:64:b2:
9b:53:7f:f5:15:af:13:9c:6f:18:65:84:1e:6c:ae:
be:42:8a:b3:c8:ca:d8:bf:db:78:f5:c5:f6:25:26:
3e:0c:f4:35:d5:b6:a8:07:95:4b:69:40:d6:b0:61:
ef:eb:ea:e8:06:22:42:e1:f9:7c:31:2b:e5:d5:04:
c5:05:44:8d:d4:5c:76:e4:31:80:29:dc:1c:97:9e:
7a:1f:65:35:28:c1:55:e4:7c:99:82:0c:32:8d:1c:
8a:05:4b:56:8d:9c:ee:32:99:25:e8:bb:6b:a6:be:
15:1f:05:c2:5d:bf:87:6d:00:d3:4b:a6:40:93:a6:
31:1f:7c:c8:e0:79:16:cd:7f:c1:9d:9a:a5:ef:fe:
ef:e9:67:46:4b:ff:df:14:d9:1c:6b:cf:c5:af:e3:
39:3f:7e:5e:a5:bc:81:4c:86:a7:9f:be:11:e9:4d:
be:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AB:C3:EF:DF:DC:77:4F:DA:C6:2A:86:6B:64:C9:F5:2E:AB:18:D2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YKvD79_cd0_axiqGa2TJ9S6rGNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:9b:a4:7b:43:34:60:76:8a:2e:f5:50:b8:6b:42:2d:ff:85:
d8:0a:c4:ec:fe:e4:99:b6:72:de:e5:8c:34:55:7d:d1:56:71:
0e:ee:a3:e3:1c:38:a4:46:ab:21:e5:e8:46:8a:48:3a:7c:26:
8d:d2:1e:97:95:6e:8e:b8:f5:82:00:65:c9:a6:58:99:f9:19:
24:b9:3d:91:c4:36:24:d5:75:ab:d1:18:cd:b5:2d:cb:76:98:
b1:b5:99:4f:b7:40:fb:b6:21:f1:99:64:f1:ad:93:68:77:3a:
9e:e5:55:1e:2c:21:bc:77:71:34:1d:7b:58:66:89:53:7d:dc:
5e:fd:a2:65:d0:3c:bf:63:0f:04:a5:0d:e0:d2:ca:4f:64:3d:
7f:b6:97:21:4d:ec:53:4d:c2:a1:78:ff:c1:69:cd:ad:35:a3:
a6:16:ac:0e:3f:78:cb:45:cf:ad:a5:8d:1e:3d:e5:2d:e0:b8:
97:a3:e2:01:41:6c:9d:f8:01:f2:e2:fd:49:c6:af:6f:cf:30:
f8:d9:da:ca:b6:47:98:c5:8e:94:d1:d7:11:e4:39:ce:71:7d:
d8:13:88:21:58:68:3e:f3:b4:34:4b:6c:cd:7c:e0:1e:43:e5:
1a:e7:c8:f8:99:53:9f:a6:19:af:cf:05:b8:c9:e9:3b:c7:78:
1f:05:1e:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaBo79Nhr0U7npi7PvU7AH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MDQxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGFiYzNlZmRmZGM3NzRmZGFjNjJhODY2YjY0YzlmNTJlYWIxOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNOsEDKModuTqOLi8n/bF3eU3NN4
hwG0VZrkr3IJdwfdM7a4zk5Ym0b1vh7TliaTPFvMT7Gks/ZYwpFLzgNFr+JSisY7
7V3SWWKqWndOtE8R8gu3bI2rZLKbU3/1Fa8TnG8YZYQebK6+QoqzyMrYv9t49cX2
JSY+DPQ11baoB5VLaUDWsGHv6+roBiJC4fl8MSvl1QTFBUSN1Fx25DGAKdwcl556
H2U1KMFV5HyZggwyjRyKBUtWjZzuMpkl6Ltrpr4VHwXCXb+HbQDTS6ZAk6YxH3zI
4HkWzX/BnZql7/7v6WdGS//fFNkca8/Fr+M5P35epbyBTIann74R6U2+GwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGCrw+/f3HdP2sYqhmtkyfUuqxjSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWUt2RDc5X2NkMF9heGlxR2EyVEo5UzZyR05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABSbpHtDNGB2ii71ULhr
Qi3/hdgKxOz+5Jm2ct7ljDRVfdFWcQ7uo+McOKRGqyHl6EaKSDp8Jo3SHpeVbo64
9YIAZcmmWJn5GSS5PZHENiTVdavRGM21Lct2mLG1mU+3QPu2IfGZZPGtk2h3Op7l
VR4sIbx3cTQde1hmiVN93F79omXQPL9jDwSlDeDSyk9kPX+2lyFN7FNNwqF4/8Fp
za01o6YWrA4/eMtFz62ljR495S3guJej4gFBbJ34AfLi/UnGr2/PMPjZ2sq2R5jF
jpTR1xHkOc5xfdgTiCFYaD7ztDRLbM184B5D5RrnyPiZU5+mGa/PBbjJ6TvHeB8F
HoQ=
-----END CERTIFICATE-----
Generated at Fri May 2 03:58:51 2025 by rpki-client