Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YZ2kqgq02Bd0v7jNzNE6BaBDYbc.roa
File: YZ2kqgq02Bd0v7jNzNE6BaBDYbc.roa (raw, json)
Hash identifier: YsPA7vGC7PMvWOW5zOen3whO1j+AJX1cS5BuQW/AE8Q=
Subject key identifier: 61:9D:A4:AA:0A:B4:D8:17:74:BF:B8:CD:CC:D1:3A:05:A0:43:61:B7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01861FFC3C1DFC08C19184BE5A80A73CEF7E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YZ2kqgq02Bd0v7jNzNE6BaBDYbc.roa
Signing time: Sun 05 Feb 2023 05:11:09 +0000
ROA not before: Sun 05 Feb 2023 05:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1f:fc:3c:1d:fc:08:c1:91:84:be:5a:80:a7:3c:ef:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 5 05:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=619da4aa0ab4d81774bfb8cdccd13a05a04361b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e4:73:43:5d:90:7c:4e:42:df:ea:e4:6a:29:
b7:4d:4e:4b:68:f8:6d:b2:1b:e0:20:ac:d0:d4:11:
9b:a1:1d:07:b3:2d:af:a3:1c:89:aa:28:d6:21:d1:
8f:5f:05:bb:d1:28:ee:6e:38:a4:fe:30:a9:f7:e1:
d1:f9:15:57:97:62:26:5d:19:ab:18:cf:ec:21:f2:
e2:e0:37:d9:1e:9a:ec:09:75:b5:8e:98:28:c6:89:
5f:5a:92:76:46:c0:8b:f9:8e:bd:12:ee:a9:b5:e2:
02:a0:14:ec:e2:44:c1:64:36:fc:d1:cd:1e:ab:c0:
cb:87:2e:0a:c0:5f:96:f8:b4:01:94:2b:47:60:59:
ce:f6:36:59:85:5f:2a:14:ad:9d:a5:ae:ac:4b:61:
0a:43:72:77:30:29:65:b4:78:ee:40:45:f4:d8:00:
25:b5:a3:b9:88:d8:69:ed:5b:fa:40:c7:5b:ac:3a:
cb:e1:d4:e4:12:2e:b9:b5:aa:6a:a4:6d:af:4f:ec:
e6:ba:77:55:1b:f8:cd:3c:e2:4b:66:be:d8:09:f4:
38:f1:ee:4f:eb:e3:1d:0d:bf:a7:ee:49:42:ec:c1:
dc:14:9a:14:5b:b6:e5:10:d4:8e:05:db:01:68:f7:
cd:0c:b0:aa:fa:ef:b6:6c:1d:15:09:fd:76:cf:81:
2b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9D:A4:AA:0A:B4:D8:17:74:BF:B8:CD:CC:D1:3A:05:A0:43:61:B7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YZ2kqgq02Bd0v7jNzNE6BaBDYbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:80:ae:d2:33:71:cf:06:0f:d2:25:97:81:18:1e:70:9a:c7:
35:44:f7:dd:51:b0:36:f1:f2:72:8f:0d:65:88:80:96:55:6e:
68:0b:d7:ce:11:78:03:42:56:f2:a3:a2:83:67:be:0b:19:77:
b6:e7:2d:09:27:e5:d4:e5:60:c4:02:e8:41:76:30:08:b9:22:
26:bd:b8:43:31:36:e8:15:49:97:41:61:c9:7a:51:89:3b:59:
b8:bd:d2:65:16:e8:fb:e3:60:b3:62:ce:bd:f3:1d:e4:c0:94:
b0:22:9e:6f:15:fe:be:02:39:0e:b5:78:07:3e:19:d5:c0:4b:
4a:58:b1:ff:52:8d:01:9c:c5:36:91:dc:45:19:60:5b:91:1e:
37:2c:39:6f:64:1f:d9:3c:78:61:ec:a3:84:19:8e:e8:6e:b3:
fa:16:56:ed:67:22:42:1a:e2:8f:ea:a3:b8:d9:e2:4e:39:1a:
30:39:cc:c6:d7:c8:34:3e:3d:1f:e5:55:f5:53:c8:19:4f:11:
31:40:b8:cb:66:54:14:b6:17:f1:92:86:09:57:64:fc:ad:37:
41:8e:f5:1c:81:07:7b:11:0d:87:81:9d:e9:2e:e7:2a:ad:ff:
cd:36:f7:3b:2c:74:bc:87:db:46:cd:a6:85:98:70:6e:7e:44:
85:c0:66:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYf/Dwd/AjBkYS+WoCnPO9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA1MDUxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlkYTRhYTBhYjRkODE3NzRiZmI4Y2RjY2QxM2EwNWEwNDM2MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ORzQ12QfE5C3+rkaim3TU5LaPht
shvgIKzQ1BGboR0Hsy2voxyJqijWIdGPXwW70Sjubjik/jCp9+HR+RVXl2ImXRmr
GM/sIfLi4DfZHprsCXW1jpgoxolfWpJ2RsCL+Y69Eu6pteICoBTs4kTBZDb80c0e
q8DLhy4KwF+W+LQBlCtHYFnO9jZZhV8qFK2dpa6sS2EKQ3J3MClltHjuQEX02AAl
taO5iNhp7Vv6QMdbrDrL4dTkEi65tapqpG2vT+zmundVG/jNPOJLZr7YCfQ48e5P
6+MdDb+n7klC7MHcFJoUW7blENSOBdsBaPfNDLCq+u+2bB0VCf12z4ErfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGGdpKoKtNgXdL+4zczROgWgQ2G3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWVoya3FncTAyQmQwdjdqTnpORTZCYUJEWWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACaArtIzcc8GD9Ill4EY
HnCaxzVE991RsDbx8nKPDWWIgJZVbmgL184ReANCVvKjooNnvgsZd7bnLQkn5dTl
YMQC6EF2MAi5Iia9uEMxNugVSZdBYcl6UYk7Wbi90mUW6PvjYLNizr3zHeTAlLAi
nm8V/r4COQ61eAc+GdXAS0pYsf9SjQGcxTaR3EUZYFuRHjcsOW9kH9k8eGHso4QZ
juhus/oWVu1nIkIa4o/qo7jZ4k45GjA5zMbXyDQ+PR/lVfVTyBlPETFAuMtmVBS2
F/GShglXZPytN0GO9RyBB3sRDYeBneku5yqt/8029zssdLyH20bNpoWYcG5+RIXA
ZiI=
-----END CERTIFICATE-----
Generated at Thu May 1 13:25:53 2025 by rpki-client