Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pY9RGWnze0Fjuvdj_LqbxhKLVSg.roa
File: pY9RGWnze0Fjuvdj_LqbxhKLVSg.roa (raw, json)
Hash identifier: jjvw8xQs3vg4teZmdIA35g+PIQitzK+kjRkzjNfC1S4=
Subject key identifier: A5:8F:51:19:69:F3:7B:41:63:BA:F7:63:FC:BA:9B:C6:12:8B:55:28
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018517D5069C0EEC8403D70B1DB0C249C214
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pY9RGWnze0Fjuvdj_LqbxhKLVSg.roa
Signing time: Thu 15 Dec 2022 22:08:34 +0000
ROA not before: Thu 15 Dec 2022 22:08:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:17:d5:06:9c:0e:ec:84:03:d7:0b:1d:b0:c2:49:c2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 15 22:08:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a58f511969f37b4163baf763fcba9bc6128b5528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:df:05:98:59:1e:57:11:14:0c:c4:0a:ec:8f:
1f:f1:e7:47:ab:14:96:8b:d4:55:06:7a:df:ae:cd:
0b:3e:2b:ea:5e:c1:63:98:d8:91:de:a2:08:7d:0d:
a7:b1:9a:66:76:f8:c1:78:fa:ff:ee:7e:49:2d:18:
9b:be:e6:cb:ca:16:1f:41:b0:e3:55:7a:df:d0:0b:
7c:02:fc:7d:67:d6:08:7c:98:2a:f1:3f:22:45:23:
7d:b6:03:07:f9:3a:55:72:b7:73:be:05:fb:32:1d:
65:79:f2:aa:39:b0:d1:8f:41:1d:47:fb:99:d2:94:
93:7d:86:c2:11:e2:23:17:a2:80:61:20:ff:5f:8a:
04:5f:0b:43:3a:d2:f9:f0:57:20:90:02:eb:33:bd:
6b:60:08:8a:cf:b1:c3:a3:7f:94:78:bd:14:d2:61:
0b:1e:cb:93:13:e4:25:36:fe:2d:cd:7a:37:8e:16:
01:5b:3a:24:70:af:dd:ed:eb:6e:bc:aa:67:49:03:
37:9b:d1:93:0c:ce:e8:a3:2b:aa:d1:ef:3b:70:b5:
cf:71:2d:fb:11:d2:4f:e2:d0:3d:18:58:77:2d:53:
d8:be:0c:15:33:0f:cc:c0:59:86:e3:fd:6d:a2:14:
8a:75:40:e2:f7:d9:fd:15:1d:9b:b3:91:a9:52:6d:
52:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8F:51:19:69:F3:7B:41:63:BA:F7:63:FC:BA:9B:C6:12:8B:55:28
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pY9RGWnze0Fjuvdj_LqbxhKLVSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:02:cc:35:82:0a:34:9d:ff:f7:9e:e3:ed:af:0a:5a:71:5a:
b0:9f:fc:45:f9:60:6d:34:d0:57:06:7c:32:1e:d1:23:18:95:
44:93:e0:14:02:78:1d:23:70:68:23:19:90:e9:2d:c1:f7:9b:
0d:c9:b2:dd:39:09:90:59:ef:2f:8a:d2:15:6d:46:66:0b:e3:
d1:d0:41:62:65:ab:35:d7:1c:25:1f:45:2a:c3:61:ed:6b:03:
1e:bd:57:89:68:78:6d:46:fe:05:e8:61:73:28:d1:eb:5b:ff:
54:8b:bb:24:b3:ee:73:e8:a3:26:54:3b:11:f9:45:03:8c:31:
6d:16:42:da:f2:95:88:a1:69:a7:59:c2:5f:0c:36:76:6f:91:
20:7a:7c:0c:09:40:4a:1f:d8:49:a0:04:75:2f:cb:1b:2b:27:
37:9b:c6:1f:01:19:8a:e5:a5:70:e5:a4:5e:df:75:fb:dc:46:
c6:0c:ce:35:ba:64:4b:43:da:f7:76:33:7f:76:ab:70:36:e0:
54:92:3e:a6:17:fc:fe:97:37:38:c5:86:5f:0c:6d:79:0b:c2:
0d:3a:6e:7d:40:ef:77:2b:19:28:f4:1d:74:0b:7c:41:87:f5:
e9:ad:9d:ec:9d:f4:08:bf:54:c6:b1:72:69:75:3e:d7:11:5b:
45:bb:5b:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUX1QacDuyEA9cLHbDCScIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE1MjIwODM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThmNTExOTY5ZjM3YjQxNjNiYWY3NjNmY2JhOWJjNjEyOGI1NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN8FmFkeVxEUDMQK7I8f8edHqxSW
i9RVBnrfrs0LPivqXsFjmNiR3qIIfQ2nsZpmdvjBePr/7n5JLRibvubLyhYfQbDj
VXrf0At8Avx9Z9YIfJgq8T8iRSN9tgMH+TpVcrdzvgX7Mh1lefKqObDRj0EdR/uZ
0pSTfYbCEeIjF6KAYSD/X4oEXwtDOtL58FcgkALrM71rYAiKz7HDo3+UeL0U0mEL
HsuTE+QlNv4tzXo3jhYBWzokcK/d7etuvKpnSQM3m9GTDM7ooyuq0e87cLXPcS37
EdJP4tA9GFh3LVPYvgwVMw/MwFmG4/1tohSKdUDi99n9FR2bs5GpUm1SkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKWPURlp83tBY7r3Y/y6m8YSi1UoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcFk5UkdXbnplMEZqdXZkal9McWJ4aEtMVlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGICzDWCCjSd//ee4+2v
ClpxWrCf/EX5YG000FcGfDIe0SMYlUST4BQCeB0jcGgjGZDpLcH3mw3Jst05CZBZ
7y+K0hVtRmYL49HQQWJlqzXXHCUfRSrDYe1rAx69V4loeG1G/gXoYXMo0etb/1SL
uySz7nPooyZUOxH5RQOMMW0WQtrylYihaadZwl8MNnZvkSB6fAwJQEof2EmgBHUv
yxsrJzebxh8BGYrlpXDlpF7fdfvcRsYMzjW6ZEtD2vd2M392q3A24FSSPqYX/P6X
NzjFhl8MbXkLwg06bn1A73crGSj0HXQLfEGH9emtneyd9Ai/VMaxcml1PtcRW0W7
W58=
-----END CERTIFICATE-----
Generated at Mon May 5 12:10:11 2025 by rpki-client