Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lyKxCwymozfiH7HJU2wZBm_6xoY.roa
File: lyKxCwymozfiH7HJU2wZBm_6xoY.roa (raw, json)
Hash identifier: HcpMSbzxRFcmUxfPg/bMI5nD0nAVfWIDxgg+uvO2wew=
Subject key identifier: 97:22:B1:0B:0C:A6:A3:37:E2:1F:B1:C9:53:6C:19:06:6F:FA:C6:86
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187620F4C647162970BD2B4B93DC16496F1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lyKxCwymozfiH7HJU2wZBm_6xoY.roa
Signing time: Sat 08 Apr 2023 18:09:42 +0000
ROA not before: Sat 08 Apr 2023 18:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:62:0f:4c:64:71:62:97:0b:d2:b4:b9:3d:c1:64:96:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 8 18:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9722b10b0ca6a337e21fb1c9536c19066ffac686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bc:68:44:d5:46:e7:df:15:8f:ea:3a:1b:de:
7f:9f:78:c4:b5:ac:eb:13:95:22:74:33:19:bf:ac:
f3:3d:54:fe:98:99:6d:40:b1:f0:4d:12:f3:6c:b5:
89:8f:e9:02:9a:a8:a5:8b:60:6c:58:da:13:48:79:
1a:61:7e:01:f1:77:7d:51:19:d1:24:bf:b3:82:5b:
97:a2:e6:1d:7f:e1:ae:2c:2e:f4:27:65:50:41:98:
64:a0:4c:c4:ba:58:2a:de:31:b8:56:e2:e5:19:f0:
91:b8:c1:67:5b:83:df:5a:62:5e:c3:6b:1f:6d:70:
cb:1f:23:9a:2a:df:d0:17:ee:16:e3:a1:36:3d:1a:
3a:ef:88:7e:d8:ec:84:1f:fe:1f:2a:9f:b3:87:74:
c8:44:68:81:4d:f4:6b:9f:a8:21:ed:24:fd:e6:39:
51:0c:2e:00:a8:8c:0b:c2:45:c6:2a:83:d2:f2:fc:
91:a3:ac:b3:e8:d3:27:f8:9d:53:49:81:23:b3:db:
c1:bb:37:82:e7:e4:80:6a:fe:ce:cd:25:68:1a:fa:
99:ad:64:a4:78:80:3f:da:b6:cd:69:4c:8d:25:a5:
f7:58:46:b4:6f:26:59:8d:42:df:52:0d:bf:93:1f:
ee:94:a1:f9:ee:f6:46:ef:c3:23:9d:31:19:0b:df:
a3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:22:B1:0B:0C:A6:A3:37:E2:1F:B1:C9:53:6C:19:06:6F:FA:C6:86
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lyKxCwymozfiH7HJU2wZBm_6xoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:96:a4:a5:81:bf:87:e1:94:3c:a6:72:01:67:7a:65:ae:f1:
ab:33:24:f8:4a:3d:05:04:74:15:21:de:5c:c5:7a:18:ff:3e:
08:13:97:3d:1a:dd:e5:10:0d:46:a1:11:20:27:56:72:69:d3:
ca:6b:c9:cf:89:3d:ce:c5:f8:fa:ab:4d:da:6e:2a:cd:b3:f0:
2f:3d:20:b2:92:ac:eb:21:3b:1e:9c:83:04:5c:77:67:5b:46:
43:91:59:2d:f9:81:fa:bd:47:e1:8a:6a:fb:97:6d:55:c9:20:
3b:f6:71:9b:3f:5b:34:e7:23:54:43:49:4f:c8:6c:98:3d:26:
ac:85:0b:1d:1b:a9:54:55:ff:70:6f:ca:11:ac:02:2a:01:90:
29:29:15:e6:9e:93:80:e9:12:c1:a6:0e:8d:a2:0e:e5:84:5c:
72:fc:e4:25:4d:c6:d3:61:df:84:1e:a0:75:58:c1:43:e7:8c:
0f:fb:f6:77:a5:94:b5:00:c2:b0:de:55:42:90:a4:d8:66:83:
18:38:66:f1:9c:ce:1a:80:0d:57:d0:32:89:a8:86:37:52:12:
7e:d2:80:15:58:01:34:73:4e:9b:c2:17:91:8f:34:81:7b:65:
3e:6f:e0:84:b4:84:3d:f1:0f:71:35:36:b6:5e:bd:e0:aa:ee:
4a:e1:a3:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdiD0xkcWKXC9K0uT3BZJbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA4MTgwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzIyYjEwYjBjYTZhMzM3ZTIxZmIxYzk1MzZjMTkwNjZmZmFjNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7xoRNVG598Vj+o6G95/n3jEtazr
E5UidDMZv6zzPVT+mJltQLHwTRLzbLWJj+kCmqili2BsWNoTSHkaYX4B8Xd9URnR
JL+zgluXouYdf+GuLC70J2VQQZhkoEzEulgq3jG4VuLlGfCRuMFnW4PfWmJew2sf
bXDLHyOaKt/QF+4W46E2PRo674h+2OyEH/4fKp+zh3TIRGiBTfRrn6gh7ST95jlR
DC4AqIwLwkXGKoPS8vyRo6yz6NMn+J1TSYEjs9vBuzeC5+SAav7OzSVoGvqZrWSk
eIA/2rbNaUyNJaX3WEa0byZZjULfUg2/kx/ulKH57vZG78MjnTEZC9+jDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJcisQsMpqM34h+xyVNsGQZv+saGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbHlLeEN3eW1vemZpSDdISlUyd1pCbV82eG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFyWpKWBv4fhlDymcgFn
emWu8aszJPhKPQUEdBUh3lzFehj/PggTlz0a3eUQDUahESAnVnJp08pryc+JPc7F
+PqrTdpuKs2z8C89ILKSrOshOx6cgwRcd2dbRkORWS35gfq9R+GKavuXbVXJIDv2
cZs/WzTnI1RDSU/IbJg9JqyFCx0bqVRV/3BvyhGsAioBkCkpFeaek4DpEsGmDo2i
DuWEXHL85CVNxtNh34QeoHVYwUPnjA/79nellLUAwrDeVUKQpNhmgxg4ZvGczhqA
DVfQMomohjdSEn7SgBVYATRzTpvCF5GPNIF7ZT5v4IS0hD3xD3E1NrZeveCq7krh
o1c=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:48:28 2025 by rpki-client