Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Yyj3PUit7wO0MO2uX6Onp7DFUqc.roa
File: Yyj3PUit7wO0MO2uX6Onp7DFUqc.roa (raw, json)
Hash identifier: 9xwGxKZFgIrqcM0+MnY2svh7VUsdD9nJbtrQ3dHbH7w=
Subject key identifier: 63:28:F7:3D:48:AD:EF:03:B4:30:ED:AE:5F:A3:A7:A7:B0:C5:52:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864589419BB744A696D2757B705B65C02C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Yyj3PUit7wO0MO2uX6Onp7DFUqc.roa
Signing time: Sun 12 Feb 2023 12:11:08 +0000
ROA not before: Sun 12 Feb 2023 12:11:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:89:41:9b:b7:44:a6:96:d2:75:7b:70:5b:65:c0:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 12 12:11:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6328f73d48adef03b430edae5fa3a7a7b0c552a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:cb:0b:ad:6b:75:69:88:b2:f3:9d:04:8f:d3:
8f:4f:d9:4b:e5:2d:32:55:47:83:55:1f:3a:9a:4b:
46:3a:ad:80:91:b1:bd:a3:a2:91:4e:0c:84:a2:2b:
d4:58:5f:cc:db:12:69:82:73:e1:a3:64:0c:c0:15:
4b:ac:e6:31:b4:83:8f:ef:49:bf:51:a2:6f:83:a6:
01:19:96:ed:b1:e0:46:f3:4d:3e:99:c9:91:dc:94:
ed:52:96:53:14:27:46:9a:cb:49:4d:9d:d7:ce:38:
44:44:80:d7:3b:85:27:29:e6:d5:1f:92:7f:c0:0b:
5c:bd:91:cc:0b:25:d0:45:f0:c1:8c:e1:c3:aa:e8:
1e:ca:d6:ee:5f:89:b6:fa:a6:79:03:e8:0b:d6:e8:
3e:2a:ff:8b:d8:98:af:b9:7a:37:72:09:a2:92:ae:
5d:6f:56:48:53:1c:c9:ea:0d:1f:9a:05:1f:8b:28:
2f:ae:15:6b:87:7d:2d:5e:68:00:15:1f:eb:dc:7e:
ac:34:67:08:25:47:c8:f2:a9:b6:95:7d:7d:49:de:
d0:68:94:65:77:0f:0f:fb:41:1f:43:91:aa:80:e9:
fb:6f:07:3c:83:93:34:fa:7e:13:b4:00:73:be:78:
9b:18:f5:11:bd:eb:0c:05:36:a9:51:43:b6:1c:c4:
1a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:28:F7:3D:48:AD:EF:03:B4:30:ED:AE:5F:A3:A7:A7:B0:C5:52:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Yyj3PUit7wO0MO2uX6Onp7DFUqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:01:8c:5d:89:c7:af:14:9b:a0:fe:cc:40:79:cb:be:42:db:
68:76:e9:3a:c1:8b:ad:e5:10:ec:7c:48:66:23:5f:08:ed:bf:
48:4c:68:3e:dc:d6:08:fa:c6:53:1c:07:e9:a6:9f:8d:10:07:
99:7e:5d:32:06:8f:d1:69:32:8f:91:d1:31:01:f2:21:ce:78:
bc:09:91:8f:2a:ad:63:54:b3:79:b6:30:d3:9f:37:88:1b:10:
5c:00:5b:c0:01:48:e0:ee:a7:e1:b1:d6:d3:2b:92:64:0e:fa:
db:ea:67:8e:9b:81:f6:f1:31:bf:24:6d:b1:0a:87:50:3e:26:
49:d4:0a:64:77:b9:02:25:79:be:ff:11:8e:5c:54:93:a4:a7:
3a:96:6a:94:66:95:40:d3:aa:a7:a1:5b:c2:a9:50:33:5e:45:
ff:84:3f:95:9d:6b:9a:41:5a:ea:d6:4a:89:95:b4:8e:99:8e:
44:16:5a:7f:14:4b:19:61:f0:85:b7:f5:41:63:01:8f:e3:62:
c1:de:a6:9e:7f:4b:98:6f:22:6d:5a:0d:73:b2:f6:0c:ce:ae:
69:61:87:06:dc:9f:73:19:7f:ee:b5:00:d5:f2:f1:71:d3:3e:
6e:13:c8:38:e5:9a:ec:20:34:c0:26:e6:78:85:f5:07:3d:18:
10:64:27:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZFiUGbt0SmltJ1e3BbZcAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEyMTIxMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI4ZjczZDQ4YWRlZjAzYjQzMGVkYWU1ZmEzYTdhN2IwYzU1MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcsLrWt1aYiy850Ej9OPT9lL5S0y
VUeDVR86mktGOq2AkbG9o6KRTgyEoivUWF/M2xJpgnPho2QMwBVLrOYxtIOP70m/
UaJvg6YBGZbtseBG800+mcmR3JTtUpZTFCdGmstJTZ3XzjhERIDXO4UnKebVH5J/
wAtcvZHMCyXQRfDBjOHDqugeytbuX4m2+qZ5A+gL1ug+Kv+L2JivuXo3cgmikq5d
b1ZIUxzJ6g0fmgUfiygvrhVrh30tXmgAFR/r3H6sNGcIJUfI8qm2lX19Sd7QaJRl
dw8P+0EfQ5GqgOn7bwc8g5M0+n4TtABzvnibGPURvesMBTapUUO2HMQadwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGMo9z1Ire8DtDDtrl+jp6ewxVKnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWXlqM1BVaXQ3d08wTU8ydVg2T25wN0RGVXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUBjF2Jx68Um6D+zEB5
y75C22h26TrBi63lEOx8SGYjXwjtv0hMaD7c1gj6xlMcB+mmn40QB5l+XTIGj9Fp
Mo+R0TEB8iHOeLwJkY8qrWNUs3m2MNOfN4gbEFwAW8ABSODup+Gx1tMrkmQO+tvq
Z46bgfbxMb8kbbEKh1A+JknUCmR3uQIleb7/EY5cVJOkpzqWapRmlUDTqqehW8Kp
UDNeRf+EP5Wda5pBWurWSomVtI6ZjkQWWn8USxlh8IW39UFjAY/jYsHepp5/S5hv
Im1aDXOy9gzOrmlhhwbcn3MZf+61ANXy8XHTPm4TyDjlmuwgNMAm5niF9Qc9GBBk
JwQ=
-----END CERTIFICATE-----
Generated at Thu May 1 07:08:12 2025 by rpki-client