Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z1YpxbuCFwwPoBLTFMylkGxlvlM.roa
File: Z1YpxbuCFwwPoBLTFMylkGxlvlM.roa (raw, json)
Hash identifier: YIRx9aTdmvWATDgMp1CsLUOoOzbF+fqidEwbuCpZZOo=
Subject key identifier: 67:56:29:C5:BB:82:17:0C:0F:A0:12:D3:14:CC:A5:90:6C:65:BE:53
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3B6E01A74EB34CC02060DBD370DE6BAB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z1YpxbuCFwwPoBLTFMylkGxlvlM.roa
Signing time: Mon 28 Aug 2023 09:16:19 +0000
ROA not before: Mon 28 Aug 2023 09:16:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:6e:01:a7:4e:b3:4c:c0:20:60:db:d3:70:de:6b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 09:16:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=675629c5bb82170c0fa012d314cca5906c65be53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:52:03:54:7f:77:df:56:d2:63:be:e1:c6:b4:
95:73:8a:ec:c5:a7:90:97:80:d6:53:c0:c6:b0:82:
03:82:59:b7:bc:0e:f6:f1:97:2b:ce:3f:ff:ba:2f:
fc:36:55:2c:05:8c:05:ee:2b:e9:e4:15:a8:99:bd:
04:4a:24:63:39:7a:26:b8:c7:da:52:78:a6:e1:ae:
24:31:a4:6f:28:61:88:8f:7a:b0:41:9a:d2:7c:f3:
2b:09:f9:0f:37:ed:b1:8f:44:d9:4d:d8:cd:f4:89:
f8:9e:18:ef:76:7b:4a:d9:4c:f4:c1:4a:43:20:8b:
14:f9:7f:4d:ac:03:a0:a7:4e:7a:6a:75:9f:ec:91:
90:f6:53:fe:36:b4:a3:c6:c6:17:fb:8f:dd:c3:b0:
1e:80:ba:ab:94:66:67:94:16:4d:30:af:3e:a8:37:
ce:bd:3f:13:7d:e6:25:d9:f5:38:12:5c:36:b8:74:
4b:ac:a4:a5:37:19:e7:dd:9d:dd:ff:15:c7:17:8f:
ce:d4:ff:c8:89:3d:e0:37:a0:5a:78:4c:35:de:0e:
e0:0a:ed:e8:f5:19:a1:7e:6d:56:2b:96:1f:10:0d:
bd:cb:18:d2:ec:7b:a8:c7:9d:41:2e:f3:f7:9d:10:
58:b4:ff:df:3f:04:d0:04:d0:e2:85:f0:eb:ae:4d:
32:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:56:29:C5:BB:82:17:0C:0F:A0:12:D3:14:CC:A5:90:6C:65:BE:53
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z1YpxbuCFwwPoBLTFMylkGxlvlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:b3:94:84:35:eb:95:fa:61:07:3b:08:dd:3d:44:f1:4d:e0:
0e:01:8b:3b:17:f0:93:35:4e:58:a2:4f:30:7e:a2:0d:a7:fc:
67:59:ff:73:39:a7:a3:46:d6:7a:37:01:83:07:da:a7:bb:ba:
bb:69:c1:88:12:09:ac:59:2d:a3:9c:d2:77:c9:1e:16:67:f6:
1e:c9:eb:bb:d9:4a:9e:d8:09:dd:8b:6e:70:aa:cb:67:e9:84:
30:9f:ae:7c:7a:c6:78:74:33:2c:92:12:a9:36:53:88:47:60:
af:78:bc:69:8e:09:d3:72:e6:25:ac:77:52:eb:70:2d:28:55:
c9:8d:19:97:5c:91:4a:00:a7:3f:58:af:75:f0:19:4e:d3:ff:
d8:b7:25:3d:38:5d:03:3e:a8:94:3e:fb:40:53:d9:1e:45:44:
68:8e:9e:e7:0b:c4:75:3d:df:4b:7b:dd:35:2f:d7:74:a0:43:
4e:16:31:b1:5a:f5:cd:74:46:3b:11:f8:1c:f4:ca:18:e0:7c:
ed:51:ab:3f:ed:34:ea:6a:70:20:7b:42:d9:93:92:2d:70:14:
89:77:11:4d:f4:ab:a6:73:b6:7d:5d:ae:9a:46:32:51:51:b2:
40:22:aa:eb:b9:a2:bf:8b:4f:aa:75:dd:4c:0e:7e:3d:f9:86:
f9:fd:bd:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo7bgGnTrNMwCBg29Nw3murMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MDkxNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzU2MjljNWJiODIxNzBjMGZhMDEyZDMxNGNjYTU5MDZjNjViZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5lIDVH9331bSY77hxrSVc4rsxaeQ
l4DWU8DGsIIDglm3vA728Zcrzj//ui/8NlUsBYwF7ivp5BWomb0ESiRjOXomuMfa
Unim4a4kMaRvKGGIj3qwQZrSfPMrCfkPN+2xj0TZTdjN9In4nhjvdntK2Uz0wUpD
IIsU+X9NrAOgp056anWf7JGQ9lP+NrSjxsYX+4/dw7AegLqrlGZnlBZNMK8+qDfO
vT8TfeYl2fU4Elw2uHRLrKSlNxnn3Z3d/xXHF4/O1P/IiT3gN6BaeEw13g7gCu3o
9Rmhfm1WK5YfEA29yxjS7Huox51BLvP3nRBYtP/fPwTQBNDihfDrrk0yMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGdWKcW7ghcMD6AS0xTMpZBsZb5TMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWjFZcHhidUNGd3dQb0JMVEZNeWxrR3hsdmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHqzlIQ165X6YQc7CN09
RPFN4A4BizsX8JM1TliiTzB+og2n/GdZ/3M5p6NG1no3AYMH2qe7urtpwYgSCaxZ
LaOc0nfJHhZn9h7J67vZSp7YCd2LbnCqy2fphDCfrnx6xnh0MyySEqk2U4hHYK94
vGmOCdNy5iWsd1LrcC0oVcmNGZdckUoApz9Yr3XwGU7T/9i3JT04XQM+qJQ++0BT
2R5FRGiOnucLxHU930t73TUv13SgQ04WMbFa9c10RjsR+Bz0yhjgfO1Rqz/tNOpq
cCB7QtmTki1wFIl3EU30q6Zztn1drppGMlFRskAiquu5or+LT6p13UwOfj35hvn9
vW0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:36:25 2025 by rpki-client