Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/g_JyUy2K7pU_aLrbLnHdv6BkI00.roa
File: g_JyUy2K7pU_aLrbLnHdv6BkI00.roa (raw, json)
Hash identifier: vaMp2FWv28f2TZb5/IW7LWMC6y00dCSdoqC2UfTsJ1A=
Subject key identifier: 83:F2:72:53:2D:8A:EE:95:3F:68:BA:DB:2E:71:DD:BF:A0:64:23:4D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855C802A74CD7134C398294766CAF1E4C4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/g_JyUy2K7pU_aLrbLnHdv6BkI00.roa
Signing time: Thu 29 Dec 2022 06:09:41 +0000
ROA not before: Thu 29 Dec 2022 06:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5c:80:2a:74:cd:71:34:c3:98:29:47:66:ca:f1:e4:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 29 06:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83f272532d8aee953f68badb2e71ddbfa064234d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e3:03:cb:2b:6c:27:a0:f8:64:5d:e4:8c:46:
e4:ab:ac:74:50:30:34:d3:ca:df:8a:46:fe:6b:11:
03:2c:5e:26:e8:44:2b:42:4d:b3:9f:e6:97:92:fd:
89:3c:de:90:be:2e:a2:61:35:61:fa:6d:dc:cd:54:
bf:5f:0d:78:d2:94:11:33:0e:6c:bc:da:3f:79:be:
ba:1c:44:24:48:1c:15:a7:c3:65:f3:ed:78:73:f9:
b3:9d:85:bd:95:90:1c:19:a3:b5:af:28:e6:94:5f:
33:bf:5c:45:a5:88:90:3c:00:90:3e:bc:1c:6f:de:
8e:3d:f7:5a:0d:61:2c:5d:9a:41:48:4b:c3:04:99:
80:d4:74:c3:4f:39:9d:fe:9b:8b:66:3c:ba:99:77:
b2:86:55:bf:dd:8b:79:18:8c:fc:4e:75:60:a0:b7:
08:71:a5:fa:07:f8:c1:99:a3:61:74:ed:2d:3c:85:
96:06:b1:e8:a9:02:3a:50:8c:b7:b6:a5:21:70:e5:
74:86:81:95:20:3f:57:88:e4:56:3a:ac:8c:cd:09:
0a:1e:33:ba:42:5c:75:c1:d2:76:db:5b:01:37:02:
95:3d:97:7a:7f:b0:9a:ab:5b:47:e6:29:fd:66:d6:
11:33:35:b9:41:84:65:c5:d2:6f:d3:c6:1c:de:2d:
f9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F2:72:53:2D:8A:EE:95:3F:68:BA:DB:2E:71:DD:BF:A0:64:23:4D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/g_JyUy2K7pU_aLrbLnHdv6BkI00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:a6:43:44:c7:c0:38:65:bb:0d:5a:79:3f:9b:d2:bc:2a:5d:
32:fc:4b:7c:c1:12:d6:39:0d:c5:b3:de:ef:16:82:34:77:11:
ab:fb:98:da:9f:84:58:1e:f2:99:03:ae:fe:17:3f:c9:41:b5:
0e:19:2a:b9:ef:fc:4e:0e:3d:49:f2:69:31:b2:88:15:ce:7a:
d5:cf:8a:a6:9e:53:30:49:aa:39:dd:09:8d:ea:4b:d7:3b:fb:
ff:23:e2:f7:d2:3f:96:c7:98:d6:af:e8:70:eb:2d:0f:f2:63:
33:2a:db:a0:44:4d:4f:15:c7:d8:23:81:8b:c5:fc:64:b3:99:
09:cd:b9:de:ca:30:c6:c9:7d:4d:48:47:75:9e:97:fa:7b:ab:
d5:8a:da:87:e4:a9:d0:23:6f:dc:e9:f6:7c:b2:d3:4e:e7:9f:
eb:93:22:1d:e0:e2:98:5a:9f:6a:93:59:22:21:37:b4:c3:dd:
c8:32:fa:1b:80:3b:ee:20:68:b6:00:00:a4:03:5e:37:43:2f:
9f:5a:af:ea:48:97:32:f3:01:86:71:5c:7a:74:f9:f7:7c:54:
0c:10:ee:dd:f0:de:59:0e:d5:b1:5f:ef:1e:0e:23:ed:da:10:
fe:24:eb:83:8a:91:c0:95:2e:3a:20:43:2d:a8:a3:bf:9e:00:
7d:6f:73:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVcgCp0zXE0w5gpR2bK8eTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI5MDYwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2YyNzI1MzJkOGFlZTk1M2Y2OGJhZGIyZTcxZGRiZmEwNjQyMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouMDyytsJ6D4ZF3kjEbkq6x0UDA0
08rfikb+axEDLF4m6EQrQk2zn+aXkv2JPN6Qvi6iYTVh+m3czVS/Xw140pQRMw5s
vNo/eb66HEQkSBwVp8Nl8+14c/mznYW9lZAcGaO1ryjmlF8zv1xFpYiQPACQPrwc
b96OPfdaDWEsXZpBSEvDBJmA1HTDTzmd/puLZjy6mXeyhlW/3Yt5GIz8TnVgoLcI
caX6B/jBmaNhdO0tPIWWBrHoqQI6UIy3tqUhcOV0hoGVID9XiORWOqyMzQkKHjO6
Qlx1wdJ221sBNwKVPZd6f7Caq1tH5in9ZtYRMzW5QYRlxdJv08Yc3i351wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIPyclMtiu6VP2i62y5x3b+gZCNNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ19KeVV5Mks3cFVfYUxyYkxuSGR2NkJrSTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE2mQ0THwDhluw1aeT+b
0rwqXTL8S3zBEtY5DcWz3u8WgjR3Eav7mNqfhFge8pkDrv4XP8lBtQ4ZKrnv/E4O
PUnyaTGyiBXOetXPiqaeUzBJqjndCY3qS9c7+/8j4vfSP5bHmNav6HDrLQ/yYzMq
26BETU8Vx9gjgYvF/GSzmQnNud7KMMbJfU1IR3Wel/p7q9WK2ofkqdAjb9zp9nyy
007nn+uTIh3g4phan2qTWSIhN7TD3cgy+huAO+4gaLYAAKQDXjdDL59ar+pIlzLz
AYZxXHp0+fd8VAwQ7t3w3lkO1bFf7x4OI+3aEP4k64OKkcCVLjogQy2oo7+eAH1v
c8Y=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:48:51 2025 by rpki-client