Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bYylE3EMxoBDtOnjwaWELpsXfN4.roa
File: bYylE3EMxoBDtOnjwaWELpsXfN4.roa (raw, json)
Hash identifier: O9wh8uZFbEyUcM0aX/8DOYtTznMP4I182akqhE55nxE=
Subject key identifier: 6D:8C:A5:13:71:0C:C6:80:43:B4:E9:E3:C1:A5:84:2E:9B:17:7C:DE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186925A22688842CE4893229A579B7FCFA8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bYylE3EMxoBDtOnjwaWELpsXfN4.roa
Signing time: Mon 27 Feb 2023 10:10:25 +0000
ROA not before: Mon 27 Feb 2023 10:10:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:5a:22:68:88:42:ce:48:93:22:9a:57:9b:7f:cf:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 10:10:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d8ca513710cc68043b4e9e3c1a5842e9b177cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:68:47:c5:3c:1f:84:fb:7d:71:7c:4e:33:85:
87:5f:7a:c1:f0:64:e9:ad:b5:14:df:03:83:0e:b1:
92:29:59:bc:ee:72:a1:52:7c:7b:0e:04:bb:c7:39:
b9:b0:cc:59:9a:eb:dd:0d:b4:6d:9e:0c:8b:a5:21:
20:a5:e7:2b:cd:f6:09:40:4d:73:2e:14:9e:29:a5:
a3:bb:3d:7d:e9:34:71:a3:21:ae:ff:23:ea:93:70:
27:a6:cb:cc:58:3d:51:1d:88:d2:30:06:99:4e:15:
bc:6b:d3:7e:98:45:39:40:af:85:90:e8:b1:84:59:
8c:90:b6:d3:cd:39:c8:e7:38:34:fd:e9:94:a8:d6:
60:e1:76:7c:54:57:1a:6a:90:89:49:2c:23:82:9f:
70:a0:3a:89:89:ae:ac:33:66:4c:9e:eb:d4:83:5c:
85:fd:31:15:ca:57:31:89:43:3a:14:c9:2a:77:1b:
17:ac:50:fc:18:16:ff:84:8a:a7:1a:85:b9:5f:cd:
54:98:73:e0:eb:1d:96:f8:60:5d:d8:70:b7:62:20:
5c:40:6a:f5:73:f9:53:92:17:69:16:d5:9b:7b:94:
42:44:24:7b:e1:12:a5:76:08:f8:7e:3f:5a:ee:97:
d1:30:d0:00:76:ac:e6:da:70:a9:70:c4:88:b8:e0:
93:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8C:A5:13:71:0C:C6:80:43:B4:E9:E3:C1:A5:84:2E:9B:17:7C:DE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bYylE3EMxoBDtOnjwaWELpsXfN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:23:97:30:b5:89:d8:42:92:74:cb:da:ee:c6:4e:f0:1b:1f:
71:dc:a6:8b:49:d8:49:4b:b6:68:d9:45:18:d8:76:7e:f4:dd:
f4:9d:75:2f:52:bf:4c:40:78:50:b0:49:4e:d7:c1:a7:ba:65:
f1:9f:d4:0c:48:7f:4e:a4:ca:38:49:73:35:1a:c8:1f:3a:fb:
2d:bd:49:68:3a:c2:ff:0e:ea:3d:0a:46:a7:69:ef:0e:3e:f1:
56:42:c2:50:ab:81:47:9f:e1:c3:04:9b:4b:98:fa:2d:bc:fa:
f3:72:72:a4:a5:48:3f:34:07:af:5e:8f:4f:b1:3c:56:2e:ce:
7c:81:e6:61:9c:25:9a:95:a2:30:c1:63:f7:15:82:4a:81:26:
a5:21:0f:25:d6:31:0e:97:83:3b:e9:ef:5d:22:a0:97:c0:40:
3f:03:ae:a3:69:a7:10:80:11:a7:41:00:84:7c:86:7d:7a:6b:
a2:e7:1e:d0:88:cf:ee:1a:df:4b:70:d6:e8:90:a5:b4:fb:c8:
1f:ba:38:4d:17:c2:f8:4c:05:21:47:3b:19:21:df:f9:d4:e8:
3f:6a:07:0e:e2:0e:5c:55:b2:5c:32:cf:06:cd:39:76:b1:7f:
a2:8b:cb:aa:59:45:f4:c4:ea:6c:c1:d6:f3:1a:78:65:92:0e:
92:57:66:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaSWiJoiELOSJMimlebf8+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MTAxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhjYTUxMzcxMGNjNjgwNDNiNGU5ZTNjMWE1ODQyZTliMTc3Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2hHxTwfhPt9cXxOM4WHX3rB8GTp
rbUU3wODDrGSKVm87nKhUnx7DgS7xzm5sMxZmuvdDbRtngyLpSEgpecrzfYJQE1z
LhSeKaWjuz196TRxoyGu/yPqk3AnpsvMWD1RHYjSMAaZThW8a9N+mEU5QK+FkOix
hFmMkLbTzTnI5zg0/emUqNZg4XZ8VFcaapCJSSwjgp9woDqJia6sM2ZMnuvUg1yF
/TEVylcxiUM6FMkqdxsXrFD8GBb/hIqnGoW5X81UmHPg6x2W+GBd2HC3YiBcQGr1
c/lTkhdpFtWbe5RCRCR74RKldgj4fj9a7pfRMNAAdqzm2nCpcMSIuOCTTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2MpRNxDMaAQ7Tp48GlhC6bF3zeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYll5bEUzRU14b0JEdE9uandhV0VMcHNYZk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB4jlzC1idhCknTL2u7G
TvAbH3HcpotJ2ElLtmjZRRjYdn703fSddS9Sv0xAeFCwSU7Xwae6ZfGf1AxIf06k
yjhJczUayB86+y29SWg6wv8O6j0KRqdp7w4+8VZCwlCrgUef4cMEm0uY+i28+vNy
cqSlSD80B69ej0+xPFYuznyB5mGcJZqVojDBY/cVgkqBJqUhDyXWMQ6Xgzvp710i
oJfAQD8DrqNppxCAEadBAIR8hn16a6LnHtCIz+4a30tw1uiQpbT7yB+6OE0XwvhM
BSFHOxkh3/nU6D9qBw7iDlxVslwyzwbNOXaxf6KLy6pZRfTE6mzB1vMaeGWSDpJX
ZvQ=
-----END CERTIFICATE-----
Generated at Sun May 4 19:58:38 2025 by rpki-client