Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ky5JjATk5RIY8y-1_NhJGa25dl0.roa
File: ky5JjATk5RIY8y-1_NhJGa25dl0.roa (raw, json)
Hash identifier: PCVBy8WSHvDp1+UI8u6UPHIGb9X3CaZEz1I10kgro5g=
Subject key identifier: 93:2E:49:8C:04:E4:E5:12:18:F3:2F:B5:FC:D8:49:19:AD:B9:76:5D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018998FB3627FB63B4F596BDC6AED0A8BE09
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ky5JjATk5RIY8y-1_NhJGa25dl0.roa
Signing time: Thu 27 Jul 2023 20:12:27 +0000
ROA not before: Thu 27 Jul 2023 20:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:98:fb:36:27:fb:63:b4:f5:96:bd:c6:ae:d0:a8:be:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 27 20:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=932e498c04e4e51218f32fb5fcd84919adb9765d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f6:47:3e:49:fd:7d:84:5e:ed:6b:e4:58:4c:
c5:b5:f0:21:57:e5:c9:4b:79:f4:a5:37:e0:b0:b9:
23:4d:7f:53:b4:be:66:2a:8f:86:b6:66:30:40:70:
83:72:3d:67:1d:49:99:e9:b1:86:e2:21:ef:77:b2:
b2:12:01:e1:36:89:5e:14:57:c4:55:55:fc:1c:10:
06:dc:1e:ae:45:dd:68:67:71:db:4e:82:64:48:ab:
34:a5:74:7c:ef:46:81:f8:c5:b9:e3:8c:3c:27:02:
36:5b:d8:b8:11:37:ba:9f:3a:db:49:83:1a:a9:25:
d6:0f:a7:1c:92:e9:0f:dc:75:94:98:0b:00:d9:a7:
0b:b4:a2:1e:56:49:80:e5:9b:78:45:d5:2b:78:5a:
2b:33:c9:59:12:7c:06:a4:2b:58:59:84:99:cc:99:
57:a6:7f:c3:25:48:76:c4:ba:23:03:0a:f0:d2:49:
8f:7b:48:e5:0b:f8:25:f7:7a:5c:99:6d:5b:02:42:
be:3c:0d:42:c9:49:fe:7e:ce:bf:09:42:bd:62:ec:
1f:cc:07:f4:67:42:a1:d0:40:ee:c9:b4:a9:29:3d:
58:bc:6e:3f:24:64:e9:b6:a2:56:48:59:9e:e9:45:
1f:c8:66:fd:5d:a8:87:4b:ea:98:66:be:bb:72:e1:
fd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2E:49:8C:04:E4:E5:12:18:F3:2F:B5:FC:D8:49:19:AD:B9:76:5D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ky5JjATk5RIY8y-1_NhJGa25dl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:91:ec:24:ee:e3:94:78:ba:34:c4:61:49:17:42:33:1c:66:
d6:49:71:22:1e:88:75:ba:84:cc:bf:78:df:45:c9:26:58:75:
a3:f4:4f:e0:cd:34:fb:a1:db:ca:fd:df:0f:e6:b3:d7:88:54:
de:ba:d3:59:38:20:4b:88:43:2b:29:05:ab:2e:18:f7:d9:1f:
31:06:77:c3:d3:21:9c:8b:99:24:a6:28:c6:72:38:9e:1d:b8:
6d:d0:eb:fd:25:53:83:cc:40:56:d0:17:05:22:56:34:6a:98:
76:99:84:c0:62:01:dd:9b:78:aa:42:ab:08:0a:2f:c8:9b:5d:
67:1d:fc:ef:0f:bc:83:37:1c:fe:f4:4c:43:0c:ad:6b:ca:03:
b1:bf:f6:a8:c5:08:a3:5d:16:7d:5f:fd:59:af:8c:6e:16:e7:
7e:47:3a:4f:d6:cf:c7:34:2c:94:09:ba:17:64:c4:77:14:af:
61:c4:28:38:64:f0:46:4b:17:d6:8d:37:b6:ac:3d:75:39:0e:
c0:95:c6:3d:4c:cc:68:9a:87:66:64:23:0a:d9:bd:0c:a8:69:
87:9d:56:0b:98:ec:25:95:0e:e8:93:af:1f:67:c4:b1:b6:c0:
97:41:21:5e:86:f0:61:9f:db:3c:76:8c:1c:c7:b1:fb:91:57:
ff:58:66:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmY+zYn+2O09Za9xq7QqL4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI3MjAxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJlNDk4YzA0ZTRlNTEyMThmMzJmYjVmY2Q4NDkxOWFkYjk3NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfZHPkn9fYRe7WvkWEzFtfAhV+XJ
S3n0pTfgsLkjTX9TtL5mKo+GtmYwQHCDcj1nHUmZ6bGG4iHvd7KyEgHhNoleFFfE
VVX8HBAG3B6uRd1oZ3HbToJkSKs0pXR870aB+MW544w8JwI2W9i4ETe6nzrbSYMa
qSXWD6cckukP3HWUmAsA2acLtKIeVkmA5Zt4RdUreForM8lZEnwGpCtYWYSZzJlX
pn/DJUh2xLojAwrw0kmPe0jlC/gl93pcmW1bAkK+PA1CyUn+fs6/CUK9YuwfzAf0
Z0Kh0EDuybSpKT1YvG4/JGTptqJWSFme6UUfyGb9XaiHS+qYZr67cuH90wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJMuSYwE5OUSGPMvtfzYSRmtuXZdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva3k1SmpBVGs1UklZOHktMV9OaEpHYTI1ZGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKaR7CTu45R4ujTEYUkX
QjMcZtZJcSIeiHW6hMy/eN9FySZYdaP0T+DNNPuh28r93w/ms9eIVN6601k4IEuI
QyspBasuGPfZHzEGd8PTIZyLmSSmKMZyOJ4duG3Q6/0lU4PMQFbQFwUiVjRqmHaZ
hMBiAd2beKpCqwgKL8ibXWcd/O8PvIM3HP70TEMMrWvKA7G/9qjFCKNdFn1f/Vmv
jG4W535HOk/Wz8c0LJQJuhdkxHcUr2HEKDhk8EZLF9aNN7asPXU5DsCVxj1MzGia
h2ZkIwrZvQyoaYedVguY7CWVDuiTrx9nxLG2wJdBIV6G8GGf2zx2jBzHsfuRV/9Y
Zqo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:47 2025 by rpki-client