Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YSAI75VBVM2_TN9X4zJthgVQgng.roa
File: YSAI75VBVM2_TN9X4zJthgVQgng.roa (raw, json)
Hash identifier: Da4cVXYCaG5iOa0e0ov8RrUQ6ywviv3ZBd0Hm4o+xPg=
Subject key identifier: 61:20:08:EF:95:41:54:CD:BF:4C:DF:57:E3:32:6D:86:05:50:82:78
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A501340D3C49168018C6E01F4D8B99E6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YSAI75VBVM2_TN9X4zJthgVQgng.roa
Signing time: Sun 30 Jul 2023 04:14:26 +0000
ROA not before: Sun 30 Jul 2023 04:14:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a5:01:34:0d:3c:49:16:80:18:c6:e0:1f:4d:8b:99:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 04:14:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=612008ef954154cdbf4cdf57e3326d8605508278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e9:cd:09:2e:3a:cf:65:8f:31:4d:62:90:bb:
98:14:e6:a8:a8:ed:9f:c8:1a:d4:7a:b5:b7:a7:18:
26:99:df:86:04:db:94:85:ba:c3:64:d8:a6:fd:80:
e5:ac:3d:f5:6d:91:ed:8a:13:2a:8e:d7:5a:4e:fe:
70:68:b3:de:90:28:6c:43:82:9f:07:2b:ef:f5:65:
9b:6e:5d:79:a5:ef:32:7c:7d:c4:99:e3:80:22:91:
0a:67:10:fc:b1:1d:a5:b6:d9:44:6a:f9:4e:1c:53:
20:16:ed:eb:96:20:dd:6b:7c:8e:66:a1:a8:a4:87:
70:a7:ec:50:7b:51:2b:53:a8:1b:d9:27:36:c3:47:
0d:e2:7a:1e:ef:47:65:ef:ba:54:77:92:e3:27:ca:
0d:d7:4f:f4:30:32:45:ad:92:20:3e:08:e4:9b:a9:
64:59:64:05:7d:e3:b7:12:39:d2:ef:56:ba:8a:69:
61:7b:b9:d8:6b:52:96:90:c9:59:3d:10:cd:1b:05:
cf:2b:1d:74:db:4b:87:98:c9:c4:c1:69:df:fd:79:
bd:b9:10:b7:76:2b:39:fa:cd:f4:89:25:3e:5a:01:
c4:f4:ce:5f:56:57:72:52:50:a5:20:21:2b:d1:97:
33:77:4e:2d:02:e0:ab:bf:65:45:4e:fd:db:51:80:
43:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:20:08:EF:95:41:54:CD:BF:4C:DF:57:E3:32:6D:86:05:50:82:78
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YSAI75VBVM2_TN9X4zJthgVQgng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:97:6c:88:84:17:31:ee:6e:7b:5f:8c:6a:96:30:62:9d:50:
83:3e:cb:da:c1:22:55:62:1d:57:9f:1e:7e:0f:1c:ae:8f:a4:
6c:02:a0:07:ef:93:46:15:04:9d:33:78:3f:60:60:58:e3:68:
59:29:f3:78:48:90:34:2a:41:8c:8c:6e:97:51:49:61:22:4e:
5c:a6:6c:92:1e:5c:ef:82:47:73:47:c1:28:47:37:bd:b5:ad:
6c:01:df:24:9d:d6:47:43:00:43:99:8c:a3:32:ea:03:9d:df:
2e:70:06:e9:d0:cc:7f:2b:d6:d7:f0:49:74:b2:c6:ab:ff:9b:
b8:38:69:b4:40:83:50:b4:67:e9:71:a1:7c:4d:53:08:77:1f:
73:70:59:a4:4d:54:3b:4e:2c:e7:06:42:d9:45:39:5e:5f:d6:
3c:0a:2e:a0:bd:c4:f5:a5:4c:89:35:0b:59:2a:ec:92:b8:2a:
77:54:dd:99:4a:79:26:e4:e0:0a:8f:fb:df:c3:47:c6:dd:27:
2b:18:e4:4f:e9:db:17:e6:a9:06:4a:ff:ad:d1:a4:6b:a1:d4:
2f:00:61:c9:68:0a:e1:8a:81:d6:b0:9c:1b:d6:96:de:fa:9e:
d8:8f:03:71:81:70:d5:80:d4:2c:c7:b0:f6:9a:52:e6:1b:7c:
9c:96:48:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmlATQNPEkWgBjG4B9Ni5nmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMDQxNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIwMDhlZjk1NDE1NGNkYmY0Y2RmNTdlMzMyNmQ4NjA1NTA4Mjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOnNCS46z2WPMU1ikLuYFOaoqO2f
yBrUerW3pxgmmd+GBNuUhbrDZNim/YDlrD31bZHtihMqjtdaTv5waLPekChsQ4Kf
Byvv9WWbbl15pe8yfH3EmeOAIpEKZxD8sR2lttlEavlOHFMgFu3rliDda3yOZqGo
pIdwp+xQe1ErU6gb2Sc2w0cN4noe70dl77pUd5LjJ8oN10/0MDJFrZIgPgjkm6lk
WWQFfeO3EjnS71a6imlhe7nYa1KWkMlZPRDNGwXPKx1020uHmMnEwWnf/Xm9uRC3
dis5+s30iSU+WgHE9M5fVldyUlClICEr0Zczd04tAuCrv2VFTv3bUYBDWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGEgCO+VQVTNv0zfV+MybYYFUIJ4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWVNBSTc1VkJWTTJfVE45WDR6SnRoZ1ZRZ25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJOXbIiEFzHubntfjGqW
MGKdUIM+y9rBIlViHVefHn4PHK6PpGwCoAfvk0YVBJ0zeD9gYFjjaFkp83hIkDQq
QYyMbpdRSWEiTlymbJIeXO+CR3NHwShHN721rWwB3ySd1kdDAEOZjKMy6gOd3y5w
BunQzH8r1tfwSXSyxqv/m7g4abRAg1C0Z+lxoXxNUwh3H3NwWaRNVDtOLOcGQtlF
OV5f1jwKLqC9xPWlTIk1C1kq7JK4KndU3ZlKeSbk4AqP+9/DR8bdJysY5E/p2xfm
qQZK/63RpGuh1C8AYcloCuGKgdawnBvWlt76ntiPA3GBcNWA1CzHsPaaUuYbfJyW
SNI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:14:26 2025 by rpki-client