Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lYmpbcdciCjt5d3FQzHrMePCwyQ.roa
File: lYmpbcdciCjt5d3FQzHrMePCwyQ.roa (raw, json)
Hash identifier: PivBed/KeVHTSm0BOceh/pWzFYds7SCmum+DBF5aNc4=
Subject key identifier: 95:89:A9:6D:C7:5C:88:28:ED:E5:DD:C5:43:31:EB:31:E3:C2:C3:24
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C1F833B8CF7AA684AFB098DF75EFDE13
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lYmpbcdciCjt5d3FQzHrMePCwyQ.roa
Signing time: Wed 08 Mar 2023 16:05:14 +0000
ROA not before: Wed 08 Mar 2023 16:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:c1f7:51b5/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:f8:33:b8:cf:7a:a6:84:af:b0:98:df:75:ef:de:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 8 16:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9589a96dc75c8828ede5ddc54331eb31e3c2c324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:41:9b:85:6c:95:59:c6:ae:77:0c:e3:69:fb:
70:2c:23:1d:2b:e4:68:2d:0f:8f:96:ff:dc:7f:a9:
3a:dc:a0:ea:67:3c:a1:bc:1a:91:7c:0b:7d:69:93:
e6:e8:59:ac:fa:c4:65:4c:cf:33:80:d5:c6:d0:53:
d7:bc:1a:36:1e:d6:a5:e3:15:88:6f:95:87:ff:60:
f2:16:82:f5:20:c7:49:5e:18:48:9b:70:98:58:ff:
5b:2b:9d:9b:1d:6a:89:67:2e:78:40:79:6a:2a:7f:
33:2f:35:ec:c5:c2:ff:6a:4a:e9:10:cc:85:a3:96:
55:20:fc:c5:cd:ef:93:22:bf:27:d7:8a:ff:b2:08:
50:86:bd:4f:38:95:6f:35:fe:94:6b:a4:0a:23:24:
7a:ad:82:5f:5a:b5:5b:ab:1a:46:0a:68:bf:c4:e5:
84:28:80:c7:c9:1c:cd:70:d4:c2:54:a4:96:8a:89:
ba:b5:df:68:33:e9:fe:8e:dc:ed:05:5d:ac:d4:bb:
6e:da:10:e9:8f:5e:d8:82:7d:0d:76:2f:3f:ef:84:
16:12:e5:d7:f2:ea:d8:6d:ce:d1:1d:b3:53:70:bc:
ed:91:0a:04:b5:b6:eb:f5:2a:46:79:f4:e4:40:e7:
b9:99:83:dc:ab:40:55:08:43:6b:b7:d5:44:a8:d1:
62:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:89:A9:6D:C7:5C:88:28:ED:E5:DD:C5:43:31:EB:31:E3:C2:C3:24
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lYmpbcdciCjt5d3FQzHrMePCwyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:20:01:3e:f9:8f:1a:08:25:ff:90:b7:72:78:3f:bf:33:7d:
cd:b4:9f:4d:f1:1c:af:99:60:1d:94:e8:e3:0b:85:e3:f7:9f:
5f:6b:44:f7:ce:f2:f8:8f:fc:c8:eb:72:8e:aa:d4:56:3f:14:
78:6d:c1:77:b9:a0:ec:d1:27:34:21:51:22:18:b8:b5:3b:48:
1d:62:47:06:33:e8:57:71:21:31:64:f4:6b:df:29:e7:61:e0:
5c:d9:68:2b:89:a2:18:82:60:4e:2e:06:b0:85:36:a4:3b:0a:
ed:c5:32:1b:8d:61:b3:2b:b7:04:ce:02:e3:5e:0b:5e:82:b0:
f1:90:05:bb:74:3d:f3:71:8f:e8:2a:11:b0:d3:47:4a:77:b8:
e7:b8:4b:54:03:e7:a0:38:05:87:21:b6:f5:0c:bc:49:e6:ff:
7c:ad:73:72:b6:94:87:cc:86:3e:82:96:00:8d:bc:a3:93:b9:
c7:62:5c:65:8e:7a:7c:7f:c2:1d:de:fc:c2:67:e3:14:c9:95:
19:75:02:d2:0a:a6:31:78:77:03:17:1c:e5:eb:b8:ab:6c:bd:
c7:5a:a6:45:e8:a1:a3:bc:35:06:b7:f0:15:4e:c5:03:a1:be:
e5:b7:98:6e:92:f2:84:66:f5:37:9f:91:8c:dc:84:17:ad:08:
0f:11:ae:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbB+DO4z3qmhK+wmN91794TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA4MTYwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg5YTk2ZGM3NWM4ODI4ZWRlNWRkYzU0MzMxZWIzMWUzYzJjMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUGbhWyVWcaudwzjaftwLCMdK+Ro
LQ+Plv/cf6k63KDqZzyhvBqRfAt9aZPm6Fms+sRlTM8zgNXG0FPXvBo2Htal4xWI
b5WH/2DyFoL1IMdJXhhIm3CYWP9bK52bHWqJZy54QHlqKn8zLzXsxcL/akrpEMyF
o5ZVIPzFze+TIr8n14r/sghQhr1POJVvNf6Ua6QKIyR6rYJfWrVbqxpGCmi/xOWE
KIDHyRzNcNTCVKSWiom6td9oM+n+jtztBV2s1Ltu2hDpj17Ygn0Ndi8/74QWEuXX
8urYbc7RHbNTcLztkQoEtbbr9SpGefTkQOe5mYPcq0BVCENrt9VEqNFiIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJWJqW3HXIgo7eXdxUMx6zHjwsMkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbFltcGJjZGNpQ2p0NWQzRlF6SHJNZVBDd3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIQgAT75jxoIJf+Qt3J4
P78zfc20n03xHK+ZYB2U6OMLheP3n19rRPfO8viP/Mjrco6q1FY/FHhtwXe5oOzR
JzQhUSIYuLU7SB1iRwYz6FdxITFk9GvfKedh4FzZaCuJohiCYE4uBrCFNqQ7Cu3F
MhuNYbMrtwTOAuNeC16CsPGQBbt0PfNxj+gqEbDTR0p3uOe4S1QD56A4BYchtvUM
vEnm/3ytc3K2lIfMhj6ClgCNvKOTucdiXGWOenx/wh3e/MJn4xTJlRl1AtIKpjF4
dwMXHOXruKtsvcdapkXooaO8NQa38BVOxQOhvuW3mG6S8oRm9TefkYzchBetCA8R
rqE=
-----END CERTIFICATE-----
Generated at Thu May 1 14:00:45 2025 by rpki-client