Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gYVfL7As8n5BmaQpjmARTcy3S9M.roa
File: gYVfL7As8n5BmaQpjmARTcy3S9M.roa (raw, json)
Hash identifier: aARhdP+YfwFPD6JXnMcD6JRXFS1EgGTUPOmkHh1zMsg=
Subject key identifier: 81:85:5F:2F:B0:2C:F2:7E:41:99:A4:29:8E:60:11:4D:CC:B7:4B:D3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E1BE7FC3371D65F02F48D6DC14997360
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gYVfL7As8n5BmaQpjmARTcy3S9M.roa
Signing time: Mon 05 Dec 2022 10:04:28 +0000
ROA not before: Mon 05 Dec 2022 10:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:e1be:4452/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:be:7f:c3:37:1d:65:f0:2f:48:d6:dc:14:99:73:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 5 10:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81855f2fb02cf27e4199a4298e60114dccb74bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:76:a6:95:d0:1a:11:19:2e:ee:7a:5e:4a:5c:
42:29:7a:75:4f:cc:c8:a4:b4:91:b5:c1:30:bf:2c:
f1:0e:c2:7b:9b:a9:2a:74:6c:e0:5a:e8:8b:43:d8:
86:8f:9e:80:fd:a1:da:56:3c:17:b2:08:d5:e6:13:
9a:d9:87:3b:1b:31:13:17:6c:36:83:15:89:76:dd:
7c:34:be:8d:ee:a7:08:c3:a5:7c:85:25:4b:28:66:
cb:56:71:c2:6c:84:07:b3:3b:a3:6c:2a:ff:e1:9d:
cd:65:ff:18:77:86:31:1e:4e:e2:26:b2:08:6a:f8:
89:3b:df:38:da:8c:f7:65:8a:29:2b:d1:06:20:7f:
df:74:d1:fd:84:29:a4:f9:2e:8f:1c:78:23:a7:23:
14:25:a6:7e:0d:e4:9b:49:5e:15:3d:f4:70:72:50:
03:cf:63:39:54:7b:e2:35:dd:81:e6:04:27:9f:64:
05:75:cb:32:9a:87:37:02:d5:8a:06:56:a5:63:c1:
82:18:72:e8:26:dd:ef:2a:0a:c1:cd:bf:d6:e2:60:
f3:ce:5d:22:3b:98:29:28:6f:ac:00:53:22:e9:fe:
2c:f7:e4:32:0a:e8:31:f5:30:fb:4d:6a:36:91:37:
ee:33:cb:44:b4:62:d0:4b:4c:c0:6a:4b:f8:ce:ea:
d8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:85:5F:2F:B0:2C:F2:7E:41:99:A4:29:8E:60:11:4D:CC:B7:4B:D3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gYVfL7As8n5BmaQpjmARTcy3S9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:69:ed:6d:c3:52:5b:84:80:ba:6e:98:f0:1a:4e:e1:42:a2:
20:91:d4:a5:8c:d2:c1:46:cd:02:44:80:b6:9e:9b:33:a6:e3:
9c:de:92:5b:0c:f5:8b:95:d4:70:34:36:c5:73:b4:47:3e:32:
70:e8:f9:76:36:ec:7a:b9:43:66:37:26:d4:ec:4b:d7:5b:ec:
e6:64:6d:23:a4:85:2c:35:d5:6e:e6:6e:d9:ef:8a:7c:dd:52:
3f:9c:00:27:e9:33:76:49:75:fa:de:01:96:95:19:9b:ad:47:
a5:80:7f:05:78:bc:d8:6b:d9:62:f6:20:d6:15:ae:f8:0c:8a:
33:5f:c9:09:08:77:ef:b1:a1:f3:23:f6:f3:5e:36:56:a4:73:
eb:c3:31:a1:50:ad:00:8c:50:b8:00:95:54:ec:19:48:0c:e2:
c7:82:fc:7d:4e:8b:3e:20:8e:28:6f:94:d9:ac:29:2b:41:5e:
d4:d9:43:57:62:7f:0a:00:7d:c7:e0:b7:6f:fb:00:de:00:41:
88:90:65:e8:84:ab:c7:07:fe:6c:c9:02:46:90:4d:ba:81:d8:
8d:09:f4:da:e2:82:74:a0:c9:9b:e5:6e:6e:7b:91:36:d7:81:
35:f3:2a:37:77:86:ab:06:84:cc:ed:26:2f:5c:06:75:89:78:
e9:67:47:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYThvn/DNx1l8C9I1twUmXNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA1MTAwNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTg1NWYyZmIwMmNmMjdlNDE5OWE0Mjk4ZTYwMTE0ZGNjYjc0YmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHamldAaERku7npeSlxCKXp1T8zI
pLSRtcEwvyzxDsJ7m6kqdGzgWuiLQ9iGj56A/aHaVjwXsgjV5hOa2Yc7GzETF2w2
gxWJdt18NL6N7qcIw6V8hSVLKGbLVnHCbIQHszujbCr/4Z3NZf8Yd4YxHk7iJrII
aviJO9842oz3ZYopK9EGIH/fdNH9hCmk+S6PHHgjpyMUJaZ+DeSbSV4VPfRwclAD
z2M5VHviNd2B5gQnn2QFdcsymoc3AtWKBlalY8GCGHLoJt3vKgrBzb/W4mDzzl0i
O5gpKG+sAFMi6f4s9+QyCugx9TD7TWo2kTfuM8tEtGLQS0zAakv4zurY8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIGFXy+wLPJ+QZmkKY5gEU3Mt0vTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ1lWZkw3QXM4bjVCbWFRcGptQVJUY3kzUzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA1p7W3DUluEgLpumPAa
TuFCoiCR1KWM0sFGzQJEgLaemzOm45zeklsM9YuV1HA0NsVztEc+MnDo+XY27Hq5
Q2Y3JtTsS9db7OZkbSOkhSw11W7mbtnvinzdUj+cACfpM3ZJdfreAZaVGZutR6WA
fwV4vNhr2WL2INYVrvgMijNfyQkId++xofMj9vNeNlakc+vDMaFQrQCMULgAlVTs
GUgM4seC/H1Oiz4gjihvlNmsKStBXtTZQ1difwoAfcfgt2/7AN4AQYiQZeiEq8cH
/mzJAkaQTbqB2I0J9NrignSgyZvlbm57kTbXgTXzKjd3hqsGhMztJi9cBnWJeOln
R7k=
-----END CERTIFICATE-----
Generated at Thu May 1 03:34:10 2025 by rpki-client