Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YxUqWTCHF1yC9OFi6EixyVqaCN4.roa
File: YxUqWTCHF1yC9OFi6EixyVqaCN4.roa (raw, json)
Hash identifier: XiqFgWDa1qU+xZr6ZkSi5aYXO1p79sUhK0WCHXlADBo=
Subject key identifier: 63:15:2A:59:30:87:17:5C:82:F4:E1:62:E8:48:B1:C9:5A:9A:08:DE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01847A9040EAC16ABA892A45FB2FE4D4746A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YxUqWTCHF1yC9OFi6EixyVqaCN4.roa
Signing time: Tue 15 Nov 2022 09:13:04 +0000
ROA not before: Tue 15 Nov 2022 09:13:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
2001:67c:64:ffff:0:184:75cf:c8d9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:90:40:ea:c1:6a:ba:89:2a:45:fb:2f:e4:d4:74:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 15 09:13:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63152a593087175c82f4e162e848b1c95a9a08de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:28:8d:e8:5b:e0:14:49:30:2f:6f:1b:2b:d8:
2b:66:6a:4a:b9:6b:46:a9:8d:85:80:5a:28:63:38:
a5:df:ee:90:be:55:28:e4:1c:0d:62:cf:d0:7f:83:
d8:a4:c2:c5:ce:99:df:29:0d:e3:c8:85:69:18:a7:
07:fc:8a:e8:a1:5d:ef:e3:88:c4:ea:ac:95:ea:46:
97:6c:52:a2:4e:4a:ba:64:5d:2c:f7:03:98:a0:13:
01:37:ad:4f:19:49:18:dd:73:f3:4a:37:c6:b0:7b:
ca:8a:a7:52:fb:14:74:4e:00:a6:6c:d8:f6:7c:d1:
88:2d:4f:77:d6:7b:8c:0e:56:a7:f9:6d:98:7f:5f:
f9:26:9d:c0:fd:58:e9:9c:ad:ca:86:05:9e:10:f8:
98:a1:97:a9:8a:04:a2:99:34:23:65:fe:88:84:8d:
00:d6:64:5a:53:ea:59:b0:d0:6b:14:58:c3:ed:9f:
a8:b7:86:95:35:12:78:15:85:cd:70:75:89:51:a0:
d2:c8:cf:9b:d1:e5:1a:48:d0:36:7c:07:c5:4a:85:
6a:ee:ac:d3:16:9b:6f:e5:e2:98:19:ca:89:a7:35:
b0:30:37:fe:f0:0a:cd:78:44:f0:b1:f2:64:ff:24:
39:c6:7a:d1:b4:a5:29:46:19:37:fe:c3:ae:82:a6:
34:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:15:2A:59:30:87:17:5C:82:F4:E1:62:E8:48:B1:C9:5A:9A:08:DE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/YxUqWTCHF1yC9OFi6EixyVqaCN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:b6:4e:45:e8:bc:4e:7f:da:61:d8:02:fa:54:44:b5:9d:e3:
89:8a:95:54:e0:ec:b2:cc:92:61:17:7a:29:66:b8:15:bf:12:
b8:42:4b:69:86:50:e2:c7:3d:c4:cd:b3:2d:77:b0:21:d8:25:
8c:b4:9a:fa:25:79:5c:1e:88:76:a9:a2:45:28:a5:52:dc:11:
49:e9:91:ff:61:f2:6b:cb:a5:4e:59:f0:0c:69:b9:cc:23:1b:
c9:d3:95:cb:60:ee:9b:9e:15:39:91:3a:8a:4c:38:9c:ca:02:
a2:5d:ac:34:05:ce:52:42:30:78:32:8c:8d:5d:e4:1e:99:ad:
1f:d9:07:15:0e:9f:d8:7e:30:4f:a4:2f:c6:aa:2c:1d:49:ee:
44:70:e4:74:13:a2:e3:24:14:6f:b7:2f:1d:c5:dc:05:a6:66:
8f:42:e8:ed:88:d9:68:cf:e2:cf:1b:20:8b:70:63:55:ad:c9:
31:37:58:52:e0:6e:d5:ee:98:42:e2:b0:e7:a1:49:75:b0:d1:
e1:53:36:dd:e5:05:10:c2:22:2a:5f:8e:7d:cc:08:7f:dd:6a:
ca:94:76:e4:34:8e:61:d5:a2:0c:6d:04:70:b7:d4:4d:38:0d:
2d:79:21:b6:3b:ab:1a:59:c9:cd:37:3a:8f:74:ef:61:45:e2:
df:43:a2:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYR6kEDqwWq6iSpF+y/k1HRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTE1MDkxMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE1MmE1OTMwODcxNzVjODJmNGUxNjJlODQ4YjFjOTVhOWEwOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSiN6FvgFEkwL28bK9grZmpKuWtG
qY2FgFooYzil3+6QvlUo5BwNYs/Qf4PYpMLFzpnfKQ3jyIVpGKcH/IrooV3v44jE
6qyV6kaXbFKiTkq6ZF0s9wOYoBMBN61PGUkY3XPzSjfGsHvKiqdS+xR0TgCmbNj2
fNGILU931nuMDlan+W2Yf1/5Jp3A/VjpnK3KhgWeEPiYoZepigSimTQjZf6IhI0A
1mRaU+pZsNBrFFjD7Z+ot4aVNRJ4FYXNcHWJUaDSyM+b0eUaSNA2fAfFSoVq7qzT
Fptv5eKYGcqJpzWwMDf+8ArNeETwsfJk/yQ5xnrRtKUpRhk3/sOugqY0uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGMVKlkwhxdcgvThYuhIsclamgjeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWXhVcVdUQ0hGMXlDOU9GaTZFaXh5VnFhQ040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK22TkXovE5/2mHYAvpU
RLWd44mKlVTg7LLMkmEXeilmuBW/ErhCS2mGUOLHPcTNsy13sCHYJYy0mvoleVwe
iHapokUopVLcEUnpkf9h8mvLpU5Z8AxpucwjG8nTlctg7pueFTmROopMOJzKAqJd
rDQFzlJCMHgyjI1d5B6ZrR/ZBxUOn9h+ME+kL8aqLB1J7kRw5HQTouMkFG+3Lx3F
3AWmZo9C6O2I2WjP4s8bIItwY1WtyTE3WFLgbtXumELisOehSXWw0eFTNt3lBRDC
Iipfjn3MCH/dasqUduQ0jmHVogxtBHC31E04DS15IbY7qxpZyc03Oo9072FF4t9D
ol4=
-----END CERTIFICATE-----
Generated at Sat May 3 04:49:14 2025 by rpki-client