Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YMlHr7Fxi0tu6XeFk4fblglqV_4.roa
File: YMlHr7Fxi0tu6XeFk4fblglqV_4.roa (raw, json)
Hash identifier: 7Trh9UwrXn2QsnvPKpBKgLo7kujot6O3NZk8NO4Yv9g=
Subject key identifier: 60:C9:47:AF:B1:71:8B:4B:6E:E9:77:85:93:87:DB:96:09:6A:57:FE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 67627FEA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YMlHr7Fxi0tu6XeFk4fblglqV_4.roa
Signing time: Thu 03 Feb 2022 03:08:52 +0000
ROA not before: Thu 03 Feb 2022 03:08:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17e:a0dd:2f5b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1734508522 (0x67627fea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 3 03:08:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60c947afb1718b4b6ee977859387db96096a57fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8e:78:42:ef:ba:6f:d2:e4:eb:2f:cb:c7:93:
57:d5:18:c5:35:29:25:b8:7b:09:f0:49:fe:22:3a:
d1:5b:04:1b:39:75:a3:0c:c7:d5:ba:29:b4:54:e2:
26:87:52:24:a3:af:5f:5e:91:ff:6a:57:ec:49:4e:
b2:04:88:df:8b:9d:7d:7f:78:ec:96:a4:d5:6b:7d:
14:d5:08:d2:1e:e5:01:c2:5d:2f:e8:db:18:8f:c6:
f8:10:8b:58:66:4b:b7:bc:a8:6c:44:64:72:db:c3:
aa:c1:16:84:28:c3:ef:74:7d:0f:01:d8:c8:cf:9a:
ae:0f:fe:7f:f6:48:81:fb:3f:1f:bf:47:70:71:af:
95:88:dc:5e:23:7a:51:8c:69:68:b4:83:e6:0d:b8:
34:49:44:cf:63:7e:9d:2f:09:c7:ef:a0:40:ed:59:
da:56:bd:41:6b:1a:69:13:27:60:3f:0f:84:e1:1d:
03:15:7c:b5:c6:ec:fb:34:12:19:6c:9d:f1:a3:03:
9f:b8:33:1a:43:95:1f:d1:83:eb:86:40:22:14:bb:
8b:78:9b:1b:09:c2:7f:b5:5d:b6:18:71:ba:84:2b:
93:dc:bb:56:93:34:62:10:f8:9e:ea:62:d3:ce:e0:
0b:18:27:68:23:4b:4f:4c:4b:83:87:04:0e:e0:5c:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C9:47:AF:B1:71:8B:4B:6E:E9:77:85:93:87:DB:96:09:6A:57:FE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YMlHr7Fxi0tu6XeFk4fblglqV_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:5a:a0:0d:19:c1:2a:a3:2e:f3:95:d3:7b:4f:4d:f9:f0:3f:
a4:e6:55:de:b4:6f:0c:b8:74:83:5f:11:8d:8f:82:40:d3:06:
d4:4d:49:3d:32:60:cd:e0:df:d3:2e:b7:91:9a:71:6f:4c:f1:
0a:04:4f:0c:bd:4f:bb:b3:bf:4d:11:52:4f:f1:10:d2:36:90:
69:5a:73:58:8c:e8:9c:32:f6:bf:51:83:e1:94:67:ef:4c:2b:
e8:b8:aa:92:6a:f4:0d:fc:79:6e:22:f9:e3:7b:4d:a9:86:85:
cb:3d:09:33:61:61:4e:42:92:e6:52:eb:b8:34:00:eb:5a:96:
eb:bf:0e:6b:5a:23:e2:1d:a5:97:fd:cf:ff:e4:8c:2b:e4:51:
13:09:a7:57:97:68:83:4f:b8:61:f1:c6:0a:2a:79:dd:52:e1:
98:94:65:8c:5b:57:f5:04:10:8c:14:61:26:c3:ee:ad:dc:9f:
6d:bb:97:12:0c:6a:b6:f2:7f:20:a8:af:a0:8c:92:6f:d6:2c:
d8:1f:35:f8:7b:ef:3e:16:4b:e0:3a:1a:2f:27:b9:3a:23:a6:
68:f0:22:e7:e9:59:72:8e:ed:9d:12:74:a6:db:6b:56:72:db:
6d:7d:44:b1:6f:13:16:17:14:13:c7:bc:51:34:f0:29:22:74:
2c:e2:d8:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEZ2J/6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIw
MzAzMDg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBjOTQ3YWZiMTcx
OGI0YjZlZTk3Nzg1OTM4N2RiOTYwOTZhNTdmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqOeELvum/S5Osvy8eTV9UYxTUpJbh7CfBJ/iI60VsEGzl1
owzH1boptFTiJodSJKOvX16R/2pX7ElOsgSI34udfX947Jak1Wt9FNUI0h7lAcJd
L+jbGI/G+BCLWGZLt7yobERkctvDqsEWhCjD73R9DwHYyM+arg/+f/ZIgfs/H79H
cHGvlYjcXiN6UYxpaLSD5g24NElEz2N+nS8Jx++gQO1Z2la9QWsaaRMnYD8PhOEd
AxV8tcbs+zQSGWyd8aMDn7gzGkOVH9GD64ZAIhS7i3ibGwnCf7VdthhxuoQrk9y7
VpM0YhD4nupi087gCxgnaCNLT0xLg4cEDuBchY0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRgyUevsXGLS27pd4WTh9uWCWpX/jAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1lNbEhyN0Z4aTB0dTZYZUZrNGZibGdscVZfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQATWqANGcEqoy7zldN7T0358D+k5lXetG8MuHSD
XxGNj4JA0wbUTUk9MmDN4N/TLreRmnFvTPEKBE8MvU+7s79NEVJP8RDSNpBpWnNY
jOicMva/UYPhlGfvTCvouKqSavQN/HluIvnje02phoXLPQkzYWFOQpLmUuu4NADr
Wpbrvw5rWiPiHaWX/c//5Iwr5FETCadXl2iDT7hh8cYKKnndUuGYlGWMW1f1BBCM
FGEmw+6t3J9tu5cSDGq28n8gqK+gjJJv1izYHzX4e+8+FkvgOhovJ7k6I6Zo8CLn
6Vlyju2dEnSm22tWctttfUSxbxMWFxQTx7xRNPApInQs4tiR
-----END CERTIFICATE-----
Generated at Sun May 4 22:25:53 2025 by rpki-client