Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YPdv7kM_ZO-7UzSPunzcwrn5mDM.roa
File: YPdv7kM_ZO-7UzSPunzcwrn5mDM.roa (raw, json)
Hash identifier: oPerYkXpmKOzxX1MxO59OMxbmMdxpjmRhbqUdndBBVY=
Subject key identifier: 60:F7:6F:EE:43:3F:64:EF:BB:53:34:8F:BA:7C:DC:C2:B9:F9:98:33
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869E58D9AC2F165F6EFA2C59B3C8C5C996
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YPdv7kM_ZO-7UzSPunzcwrn5mDM.roa
Signing time: Wed 01 Mar 2023 18:04:28 +0000
ROA not before: Wed 01 Mar 2023 18:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:58:d9:ac:2f:16:5f:6e:fa:2c:59:b3:c8:c5:c9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 18:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60f76fee433f64efbb53348fba7cdcc2b9f99833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7a:55:2a:7e:cb:66:7f:dd:db:2e:8c:74:ca:
1c:ba:b7:31:c6:c8:41:cc:90:c1:48:a7:2e:d0:b4:
15:6d:27:5c:e5:98:38:33:d0:59:5a:6e:5d:da:c5:
d3:b2:81:ad:3d:b6:f1:1e:fb:e2:a0:f7:21:a3:f8:
3d:3d:94:12:ac:81:31:09:38:da:19:7a:58:3c:2e:
69:9c:a5:4e:01:c1:85:04:84:a9:34:42:22:d4:a8:
ce:40:55:df:42:0e:ce:93:17:9c:36:1a:43:70:46:
31:66:92:9f:b5:e1:c2:04:f0:6c:e9:5c:cc:5f:83:
88:0e:38:e3:51:f9:c5:ce:0a:5b:a3:b6:71:8e:26:
07:d6:dd:4a:1d:22:81:8c:4d:28:82:8a:13:d3:35:
37:d1:1e:72:39:75:f1:18:09:03:2e:89:52:26:90:
c3:ef:e4:2d:36:c4:84:52:59:7a:04:65:e1:a6:92:
c6:6b:bc:e6:15:2c:ea:95:a4:78:b8:c6:e7:c6:ff:
c6:df:2b:ee:3e:51:34:1e:82:f8:1f:7d:f9:69:b8:
74:41:e0:af:7e:38:d6:98:f5:10:70:e3:74:8e:be:
7d:5a:14:92:51:1b:37:7a:ca:7d:ff:a6:16:87:85:
a1:1e:99:08:fc:4b:2d:12:8b:aa:c1:1f:af:f2:4a:
bf:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F7:6F:EE:43:3F:64:EF:BB:53:34:8F:BA:7C:DC:C2:B9:F9:98:33
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YPdv7kM_ZO-7UzSPunzcwrn5mDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:56:5e:32:5e:77:8e:df:19:46:a5:ba:b1:a9:a7:a4:51:c9:
fc:6d:ab:7c:82:05:e4:1a:9b:b2:13:34:db:a6:f6:63:e5:1a:
db:42:b9:05:da:e8:7a:37:f8:39:4b:e1:5a:b7:02:2e:4b:22:
83:9e:23:7c:79:b7:0d:bd:05:25:f0:f3:41:d1:47:95:0b:04:
f0:d2:d9:1f:27:34:bc:7a:fa:25:cd:34:96:9f:94:4b:8e:e2:
0d:8c:4a:91:22:86:3d:c3:67:3e:cb:35:a2:a6:0a:f1:6f:0e:
d9:50:db:f2:a6:45:17:2c:18:52:34:ef:83:bc:03:45:d6:fc:
e4:f3:6d:a8:04:31:60:2a:f6:13:63:7f:e0:15:34:71:e4:5d:
e9:b6:c8:cc:b2:3f:7a:cc:6e:4d:be:06:4e:9a:a2:43:fc:7e:
82:ae:04:a1:19:89:81:a8:46:2d:28:a1:18:6e:1e:52:cb:37:
cc:10:74:0f:0b:c8:32:65:21:a2:d1:14:53:d2:3c:f9:2c:bf:
0e:02:f4:2d:3a:2a:44:3b:7a:8b:81:fb:5a:27:f6:7e:21:a4:
7a:a3:e2:01:54:da:36:b2:d8:02:80:89:da:a4:13:a6:d2:f9:
b2:4f:37:25:4a:90:54:49:1f:29:49:f1:bb:47:d2:75:0b:6e:
a9:67:5c:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaeWNmsLxZfbvosWbPIxcmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMTgwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY3NmZlZTQzM2Y2NGVmYmI1MzM0OGZiYTdjZGNjMmI5Zjk5ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnpVKn7LZn/d2y6MdMocurcxxshB
zJDBSKcu0LQVbSdc5Zg4M9BZWm5d2sXTsoGtPbbxHvvioPcho/g9PZQSrIExCTja
GXpYPC5pnKVOAcGFBISpNEIi1KjOQFXfQg7OkxecNhpDcEYxZpKfteHCBPBs6VzM
X4OIDjjjUfnFzgpbo7ZxjiYH1t1KHSKBjE0ogooT0zU30R5yOXXxGAkDLolSJpDD
7+QtNsSEUll6BGXhppLGa7zmFSzqlaR4uMbnxv/G3yvuPlE0HoL4H335abh0QeCv
fjjWmPUQcON0jr59WhSSURs3esp9/6YWh4WhHpkI/EstEouqwR+v8kq/OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGD3b+5DP2Tvu1M0j7p83MK5+ZgzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWVBkdjdrTV9aTy03VXpTUHVuemN3cm41bURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADpWXjJed47fGUalurGp
p6RRyfxtq3yCBeQam7ITNNum9mPlGttCuQXa6Ho3+DlL4Vq3Ai5LIoOeI3x5tw29
BSXw80HRR5ULBPDS2R8nNLx6+iXNNJaflEuO4g2MSpEihj3DZz7LNaKmCvFvDtlQ
2/KmRRcsGFI074O8A0XW/OTzbagEMWAq9hNjf+AVNHHkXem2yMyyP3rMbk2+Bk6a
okP8foKuBKEZiYGoRi0ooRhuHlLLN8wQdA8LyDJlIaLRFFPSPPksvw4C9C06KkQ7
eouB+1on9n4hpHqj4gFU2jay2AKAidqkE6bS+bJPNyVKkFRJHylJ8btH0nULbqln
XMk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:24:26 2025 by rpki-client