Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bYubQlj9ny5u2aLFF2NPCSIQ1qA.roa
File: bYubQlj9ny5u2aLFF2NPCSIQ1qA.roa (raw, json)
Hash identifier: nk22037sgyuiQFDbSl/gZJq/4KwzkTii1VCUFB+l2uc=
Subject key identifier: 6D:8B:9B:42:58:FD:9F:2E:6E:D9:A2:C5:17:63:4F:09:22:10:D6:A0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 9208B7E3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bYubQlj9ny5u2aLFF2NPCSIQ1qA.roa
Signing time: Sun 03 Jul 2022 13:10:25 +0000
ROA not before: Sun 03 Jul 2022 13:10:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2450044899 (0x9208b7e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 3 13:10:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d8b9b4258fd9f2e6ed9a2c517634f092210d6a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8c:15:86:c1:d0:6c:9f:8e:18:e3:b4:1c:57:
8e:e6:4a:81:73:2e:9b:a4:c3:fc:8c:8f:ac:47:36:
23:ec:c2:30:a5:5c:83:1a:a4:cb:f1:99:17:75:4b:
ef:96:28:fb:76:49:1e:d8:d5:f7:10:a3:e7:02:00:
21:39:68:42:94:c1:d3:8a:fe:55:09:aa:c1:ac:9e:
5d:e1:5c:df:73:9e:fa:48:18:3a:db:f1:23:d8:a0:
c2:d6:3c:9b:56:40:62:ab:d9:da:4c:42:5b:d9:e8:
80:6e:14:0d:39:82:b6:96:c9:a1:a7:ff:37:9c:9d:
ec:e9:62:11:36:0e:e3:da:48:66:54:a4:53:e9:30:
21:50:1f:23:10:2a:99:e3:46:db:27:b3:6f:5b:b3:
f5:b8:2f:98:89:12:c5:a4:93:dc:3e:0b:08:f1:e6:
05:e7:d9:a3:94:74:73:c2:2b:3b:12:c1:7e:4c:0b:
7a:cb:f1:83:01:02:82:24:38:80:0c:0f:06:d9:65:
2e:b7:3a:ad:7a:72:14:da:0a:79:8e:ae:0e:75:18:
2f:69:02:14:94:e4:d2:76:3e:f3:9c:3b:76:c8:79:
12:3b:1a:4f:08:30:14:a3:6f:4b:30:b6:68:b8:23:
0d:29:90:5a:a1:93:65:c7:55:c5:17:31:6e:02:f5:
14:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8B:9B:42:58:FD:9F:2E:6E:D9:A2:C5:17:63:4F:09:22:10:D6:A0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bYubQlj9ny5u2aLFF2NPCSIQ1qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:55:09:68:28:07:44:e8:37:fe:6a:82:ac:b4:3d:ed:fb:7b:
fe:51:b9:6c:84:10:27:5e:27:bd:89:53:49:5d:2a:e3:b1:d0:
d1:0f:45:17:fc:4e:c4:a2:cc:88:7d:6e:2a:5a:ed:57:77:4f:
44:52:66:08:41:ba:76:77:df:32:82:80:84:f8:b4:da:00:84:
4a:29:ad:57:1e:fb:45:c6:5d:75:55:ef:6e:de:40:4a:14:74:
05:b4:2c:b1:4e:8c:d7:77:ba:80:bc:2a:e7:de:0e:94:92:ee:
f5:e8:99:1f:59:d1:50:bc:81:7a:24:1f:17:8e:04:d5:89:85:
5e:82:97:b5:de:bd:dc:a8:97:9b:29:cc:95:af:20:af:15:e2:
c5:cb:4d:3a:8d:9d:62:44:93:66:55:03:de:ed:33:c2:c6:54:
5f:5d:9c:f7:b2:ff:50:24:f1:c6:23:ea:dd:b2:8f:8d:b5:02:
e7:a8:b6:0b:55:74:62:0e:81:99:80:31:d4:a7:a6:cc:3f:ee:
68:32:4e:3f:e7:65:8c:c0:94:f4:e0:72:76:90:7c:d8:09:3d:
78:36:25:f8:49:ed:f9:07:ec:98:12:70:cf:ee:59:55:b2:38:
64:3a:1c:ae:cb:12:71:f3:0c:a5:6d:3e:db:34:bc:f6:36:4e:
3a:94:c4:42
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJIIt+MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA3
MDMxMzEwMjVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZkOGI5YjQyNThm
ZDlmMmU2ZWQ5YTJjNTE3NjM0ZjA5MjIxMGQ2YTAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCDjBWGwdBsn44Y47QcV47mSoFzLpukw/yMj6xHNiPswjCl
XIMapMvxmRd1S++WKPt2SR7Y1fcQo+cCACE5aEKUwdOK/lUJqsGsnl3hXN9znvpI
GDrb8SPYoMLWPJtWQGKr2dpMQlvZ6IBuFA05graWyaGn/zecnezpYhE2DuPaSGZU
pFPpMCFQHyMQKpnjRtsns29bs/W4L5iJEsWkk9w+Cwjx5gXn2aOUdHPCKzsSwX5M
C3rL8YMBAoIkOIAMDwbZZS63Oq16chTaCnmOrg51GC9pAhSU5NJ2PvOcO3bIeRI7
Gk8IMBSjb0swtmi4Iw0pkFqhk2XHVcUXMW4C9RSXAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUbYubQlj9ny5u2aLFF2NPCSIQ1qAwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9iWXViUWxqOW55NXUyYUxGRjJOUENTSVExcUEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAjVUJaCgHROg3/mqCrLQ97ft7/lG5bIQQJ14n
vYlTSV0q47HQ0Q9FF/xOxKLMiH1uKlrtV3dPRFJmCEG6dnffMoKAhPi02gCESimt
Vx77RcZddVXvbt5AShR0BbQssU6M13e6gLwq594OlJLu9eiZH1nRULyBeiQfF44E
1YmFXoKXtd693KiXmynMla8grxXixctNOo2dYkSTZlUD3u0zwsZUX12c97L/UCTx
xiPq3bKPjbUC56i2C1V0Yg6BmYAx1KemzD/uaDJOP+dljMCU9OBydpB82Ak9eDYl
+Ent+QfsmBJwz+5ZVbI4ZDocrssScfMMpW0+2zS89jZOOpTEQg==
-----END CERTIFICATE-----
Generated at Thu May 1 00:22:26 2025 by rpki-client