Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nr-LyUyyhg4fIFPz3y7jamfUOXo.roa
File: nr-LyUyyhg4fIFPz3y7jamfUOXo.roa (raw, json)
Hash identifier: 9FhsraGcHaYvf5dqnBwlcwZQln5xERMtLLq4ugZtCX0=
Subject key identifier: 9E:BF:8B:C9:4C:B2:86:0E:1F:20:53:F3:DF:2E:E3:6A:67:D4:39:7A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186D95BBCDEB622B52801F670BA2D7A4036
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nr-LyUyyhg4fIFPz3y7jamfUOXo.roa
Signing time: Mon 13 Mar 2023 05:05:13 +0000
ROA not before: Mon 13 Mar 2023 05:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:d95b:3dff/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d9:5b:bc:de:b6:22:b5:28:01:f6:70:ba:2d:7a:40:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 13 05:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ebf8bc94cb2860e1f2053f3df2ee36a67d4397a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:f6:d5:d0:25:0c:bb:f9:5e:b4:a3:6e:ab:
10:5a:ae:45:fd:1c:40:17:4b:68:f3:a0:19:46:24:
67:1e:59:21:b2:66:f5:f0:69:83:aa:a8:69:e3:d1:
fb:70:97:bb:6f:cb:3e:d5:0b:c4:c6:37:e4:6a:ff:
22:a9:8f:04:e9:1c:95:03:20:d3:10:b2:ed:b1:7c:
7d:38:da:bd:30:07:e7:93:da:f9:14:f7:14:d5:de:
ec:eb:b8:18:3f:72:8a:74:7d:12:5e:43:3e:13:84:
5a:c9:49:5f:f3:f8:c5:08:5b:5b:09:99:07:ae:13:
bc:b5:c9:a1:27:ff:b7:8a:26:b5:00:57:9b:64:e9:
80:2e:bf:64:53:01:5e:70:95:d3:3f:d5:3b:18:bf:
c5:5e:95:b3:0a:0f:26:72:6c:fc:0e:f4:3c:8d:cd:
55:37:5d:23:25:4a:af:a5:24:06:da:5d:cd:6b:cd:
33:ab:f3:4a:66:34:f0:ef:24:87:41:ca:2e:20:e7:
24:b6:ee:37:db:9f:22:db:f6:f4:f4:db:c4:d0:d7:
18:b1:2b:84:3e:8f:06:23:05:b9:81:53:ab:df:f4:
28:d9:64:fc:c6:26:3c:83:af:c5:8a:d8:de:2d:37:
40:ad:e6:a7:43:5e:0d:47:2d:80:d6:2f:f8:4a:10:
c6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BF:8B:C9:4C:B2:86:0E:1F:20:53:F3:DF:2E:E3:6A:67:D4:39:7A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nr-LyUyyhg4fIFPz3y7jamfUOXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:3a:60:3b:e8:d7:8f:e7:9a:74:e2:5a:f2:c4:c4:52:09:30:
b0:00:65:61:9d:9b:dd:56:96:76:c3:02:63:b5:eb:28:9f:7b:
db:18:39:ed:02:bf:b2:1c:b0:c3:0a:d7:ae:46:ff:e8:36:e0:
38:a8:c6:54:1d:39:04:5c:b4:3a:10:22:5b:47:71:ea:48:3f:
67:45:46:4b:3f:a8:6a:93:d0:42:47:8e:e8:81:e1:69:8d:c2:
17:06:22:bf:5b:d7:26:04:a6:0a:a4:f7:b6:bc:79:8f:1d:cb:
c0:00:4a:39:22:9e:c7:fd:dc:78:91:19:26:3d:ac:cd:7b:ab:
6f:91:e5:2f:58:f2:81:ce:d6:36:4f:a7:0d:8b:46:37:e6:21:
b8:ec:e4:ed:de:80:79:f3:56:3d:7b:5e:be:74:df:87:55:69:
5e:14:45:04:be:0c:f9:9e:3c:96:2d:24:0a:06:1a:b7:34:c0:
f8:bd:56:02:6f:38:da:8e:ee:18:53:7e:69:c8:6e:c6:a8:47:
16:f1:fc:c8:9d:ea:35:8e:4c:0b:74:0d:67:07:00:b3:a2:f9:
30:fa:84:06:29:bf:1f:b6:c9:58:62:79:aa:85:3d:b9:56:59:
10:d9:18:28:e4:95:41:d0:d1:ef:d6:f4:46:03:5c:b0:7b:51:
cb:c1:87:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbZW7zetiK1KAH2cLotekA2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzEzMDUwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWJmOGJjOTRjYjI4NjBlMWYyMDUzZjNkZjJlZTM2YTY3ZDQzOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGv21dAlDLv5XrSjbqsQWq5F/RxA
F0to86AZRiRnHlkhsmb18GmDqqhp49H7cJe7b8s+1QvExjfkav8iqY8E6RyVAyDT
ELLtsXx9ONq9MAfnk9r5FPcU1d7s67gYP3KKdH0SXkM+E4RayUlf8/jFCFtbCZkH
rhO8tcmhJ/+3iia1AFebZOmALr9kUwFecJXTP9U7GL/FXpWzCg8mcmz8DvQ8jc1V
N10jJUqvpSQG2l3Na80zq/NKZjTw7ySHQcouIOcktu43258i2/b09NvE0NcYsSuE
Po8GIwW5gVOr3/Qo2WT8xiY8g6/FitjeLTdAreanQ14NRy2A1i/4ShDGwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ6/i8lMsoYOHyBT898u42pn1Dl6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbnItTHlVeXloZzRmSUZQejN5N2phbWZVT1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKM6YDvo14/nmnTiWvLE
xFIJMLAAZWGdm91WlnbDAmO16yife9sYOe0Cv7IcsMMK165G/+g24DioxlQdOQRc
tDoQIltHcepIP2dFRks/qGqT0EJHjuiB4WmNwhcGIr9b1yYEpgqk97a8eY8dy8AA
Sjkinsf93HiRGSY9rM17q2+R5S9Y8oHO1jZPpw2LRjfmIbjs5O3egHnzVj17Xr50
34dVaV4URQS+DPmePJYtJAoGGrc0wPi9VgJvONqO7hhTfmnIbsaoRxbx/Mid6jWO
TAt0DWcHALOi+TD6hAYpvx+2yVhieaqFPblWWRDZGCjklUHQ0e/W9EYDXLB7UcvB
h+g=
-----END CERTIFICATE-----
Generated at Thu May 1 06:46:59 2025 by rpki-client