Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YO84jieMhb4NH9Hm_JfJfYFALi0.roa
File: YO84jieMhb4NH9Hm_JfJfYFALi0.roa (raw, json)
Hash identifier: TF6WtD3sbWBne3Dfr38nG1R0xdDnrkwK5jrWnvJ6sSs=
Subject key identifier: 60:EF:38:8E:27:8C:85:BE:0D:1F:D1:E6:FC:97:C9:7D:81:40:2E:2D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186DB894F3C2F95951EA828B946CB0451CC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YO84jieMhb4NH9Hm_JfJfYFALi0.roa
Signing time: Mon 13 Mar 2023 15:14:14 +0000
ROA not before: Mon 13 Mar 2023 15:14:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:89:4f:3c:2f:95:95:1e:a8:28:b9:46:cb:04:51:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 13 15:14:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60ef388e278c85be0d1fd1e6fc97c97d81402e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cc:25:0f:d9:a7:e0:5a:50:a9:ad:2e:17:ac:
06:5e:1b:ed:ff:ac:03:e3:e1:9a:b1:03:2a:08:54:
a9:08:b7:fd:64:4a:31:e9:a5:3b:3e:4a:65:99:6f:
b9:05:e7:14:fd:42:f8:20:32:e0:3f:bd:33:0a:02:
31:5a:23:a9:d3:52:19:05:c7:dd:a8:09:81:2d:fd:
e4:a5:9e:9c:8e:32:66:c5:b5:f4:e5:1c:e6:c4:8c:
51:2d:51:be:14:ba:67:17:ea:d6:e7:b1:c2:d7:08:
8f:99:e7:0a:51:ca:f6:fe:09:88:ac:a5:3e:71:cb:
88:52:91:0c:c0:8c:ff:0b:9c:0c:e4:3a:0e:fa:43:
ac:8b:f1:ff:5e:55:11:2d:b2:89:fe:47:58:69:4b:
0d:c6:2c:56:b0:36:85:2e:9e:b9:ee:44:37:2c:1c:
33:db:5a:a9:5a:94:cc:e3:42:c7:9c:46:d4:4b:32:
cb:88:16:e2:89:74:b0:c0:38:83:7a:28:8d:da:97:
39:32:7f:c2:e6:6d:c6:d2:0b:3e:c3:5e:51:1e:cd:
87:56:a3:e1:b1:80:cc:6a:80:b2:d9:29:cd:07:bd:
55:43:35:d6:88:fd:53:c4:d1:e7:ba:84:23:e1:ce:
d5:24:6a:2f:23:04:86:cf:83:61:85:70:c3:23:d4:
24:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EF:38:8E:27:8C:85:BE:0D:1F:D1:E6:FC:97:C9:7D:81:40:2E:2D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YO84jieMhb4NH9Hm_JfJfYFALi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:aa:d5:ac:8f:f0:0c:60:3e:9b:11:c8:bd:e4:88:69:a6:4b:
51:9f:df:d4:52:dc:09:50:66:41:43:b4:43:0b:66:90:37:95:
ba:e2:2f:ec:51:92:2d:bc:b1:6e:53:89:ed:a6:8f:00:cd:a9:
64:05:90:f1:25:45:e8:41:eb:49:fb:f1:b1:ed:ae:0d:d5:1a:
4d:7d:4e:93:db:c2:d5:1c:73:10:b8:65:e0:1b:8f:82:8a:6c:
73:3e:a6:09:49:2a:f0:5e:f3:12:d7:c3:c8:67:50:c4:1d:a3:
9d:47:de:b3:52:36:0f:dc:c1:34:56:02:b0:b1:2f:17:d3:e9:
53:c4:7e:58:25:6a:2f:8a:98:81:cb:4a:60:bc:c4:c0:6c:8b:
f0:c3:2d:6b:eb:25:ac:19:76:be:99:be:82:68:fd:9c:e9:12:
d7:aa:fe:21:31:ba:6f:3a:50:4d:4b:de:8d:f5:36:3e:9b:f3:
53:83:d2:9f:a5:26:84:34:c8:7d:67:c1:84:6e:08:7c:5c:3f:
85:7a:ce:e8:e9:a8:08:fb:ca:98:9d:6f:17:35:05:13:03:20:
5b:bd:55:2b:cc:de:ab:d1:0a:29:29:0f:26:26:74:d7:eb:9a:
d5:8e:16:a0:e5:50:bc:61:85:39:9f:e3:cc:ce:47:8d:78:00:
48:56:bf:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbbiU88L5WVHqgouUbLBFHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzEzMTUxNDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVmMzg4ZTI3OGM4NWJlMGQxZmQxZTZmYzk3Yzk3ZDgxNDAyZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMwlD9mn4FpQqa0uF6wGXhvt/6wD
4+GasQMqCFSpCLf9ZEox6aU7PkplmW+5BecU/UL4IDLgP70zCgIxWiOp01IZBcfd
qAmBLf3kpZ6cjjJmxbX05RzmxIxRLVG+FLpnF+rW57HC1wiPmecKUcr2/gmIrKU+
ccuIUpEMwIz/C5wM5DoO+kOsi/H/XlURLbKJ/kdYaUsNxixWsDaFLp657kQ3LBwz
21qpWpTM40LHnEbUSzLLiBbiiXSwwDiDeiiN2pc5Mn/C5m3G0gs+w15RHs2HVqPh
sYDMaoCy2SnNB71VQzXWiP1TxNHnuoQj4c7VJGovIwSGz4NhhXDDI9QkKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGDvOI4njIW+DR/R5vyXyX2BQC4tMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWU84NGppZU1oYjROSDlIbV9KZkpmWUZBTGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIaq1ayP8AxgPpsRyL3k
iGmmS1Gf39RS3AlQZkFDtEMLZpA3lbriL+xRki28sW5Tie2mjwDNqWQFkPElRehB
60n78bHtrg3VGk19TpPbwtUccxC4ZeAbj4KKbHM+pglJKvBe8xLXw8hnUMQdo51H
3rNSNg/cwTRWArCxLxfT6VPEflglai+KmIHLSmC8xMBsi/DDLWvrJawZdr6ZvoJo
/ZzpEteq/iExum86UE1L3o31Nj6b81OD0p+lJoQ0yH1nwYRuCHxcP4V6zujpqAj7
ypidbxc1BRMDIFu9VSvM3qvRCikpDyYmdNfrmtWOFqDlULxhhTmf48zOR414AEhW
vz0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:09 2025 by rpki-client