Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pYrFOFi42UpNBK9zWa9CDivov28.roa
File: pYrFOFi42UpNBK9zWa9CDivov28.roa (raw, json)
Hash identifier: EGWQ2w97Zu5glG+YkqEuzFxGVmv4jIUub453u9xpsgU=
Subject key identifier: A5:8A:C5:38:58:B8:D9:4A:4D:04:AF:73:59:AF:42:0E:2B:E8:BF:6F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1B0768836952331E47E2BF0491EC8D14
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pYrFOFi42UpNBK9zWa9CDivov28.roa
Signing time: Tue 22 Aug 2023 02:16:24 +0000
ROA not before: Tue 22 Aug 2023 02:16:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:07:68:83:69:52:33:1e:47:e2:bf:04:91:ec:8d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 22 02:16:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a58ac53858b8d94a4d04af7359af420e2be8bf6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e8:94:50:a0:72:cc:45:4f:00:56:03:96:2f:
80:dd:9f:3c:7f:9a:69:1b:06:09:d8:1a:e8:be:bc:
d3:e9:63:3e:1d:3a:86:63:94:98:d0:5e:4a:f5:33:
74:27:36:41:36:20:ba:d7:ea:3e:79:1c:c1:b4:71:
5d:43:33:ef:0c:a4:8d:c1:cc:2c:6c:dd:6d:7a:57:
58:96:0a:83:d3:43:54:55:20:41:80:97:6b:fc:a2:
8c:62:ef:15:77:b1:58:b0:59:bb:4c:7b:89:f9:4a:
8f:92:8f:62:c2:5c:e9:f0:91:63:e9:a9:4f:ec:97:
61:a9:67:a9:ec:9c:c2:f8:b8:51:e0:8a:99:e3:f4:
d4:67:73:f3:66:9e:0a:c4:9f:4e:8d:ed:f3:61:6e:
76:fa:a5:72:26:35:5c:c4:9a:77:79:c5:62:87:6e:
38:6d:b1:37:9d:1f:12:bf:7e:85:a3:aa:a4:31:38:
ae:a8:24:cc:d9:b5:9c:31:77:a4:21:db:99:20:0c:
aa:d2:f9:4d:e0:18:06:85:ca:d2:1c:86:2c:40:ab:
c3:3f:60:02:ed:51:87:0a:1a:ae:e0:57:6f:03:06:
3d:6a:be:d2:6d:14:61:ee:84:cd:2a:d3:04:61:27:
dd:f5:fb:ac:1b:44:d8:98:98:09:d3:82:3e:f8:68:
b4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8A:C5:38:58:B8:D9:4A:4D:04:AF:73:59:AF:42:0E:2B:E8:BF:6F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pYrFOFi42UpNBK9zWa9CDivov28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:c6:08:62:85:4f:0e:ff:58:6d:24:2f:e2:55:08:1a:9f:7d:
2a:83:c9:5d:97:14:ae:f5:1e:8f:77:b8:cf:7c:d1:9c:cc:fe:
02:3c:4e:45:28:fb:54:7b:50:6b:ed:88:70:60:e1:d8:42:a6:
07:e6:8d:77:c8:b7:5f:7f:28:ae:f5:97:d5:fc:0a:0d:7f:72:
61:3b:27:3f:56:42:97:cc:cc:99:41:7f:9e:f8:b2:61:c1:1e:
85:eb:54:0f:79:b5:4b:de:46:07:fc:a9:a8:09:1b:e1:0f:b4:
93:10:0b:b2:c0:3d:15:01:b6:b0:51:41:8a:49:8e:8b:6d:27:
34:78:37:66:10:80:cf:2a:89:64:54:d4:5a:50:25:bf:0e:6b:
fb:f2:64:91:65:47:23:25:53:b7:23:55:7b:bc:39:0d:2b:c9:
dd:0d:ea:f6:fa:69:c2:74:dd:c6:ed:35:50:a1:77:7c:a5:d5:
28:67:19:d8:4d:d2:51:88:51:d5:a5:b2:1f:76:e6:88:cb:1f:
ac:04:1f:ee:ba:26:f4:a6:f7:94:4d:ed:87:72:9d:4b:d7:ed:
71:62:85:d9:4d:d4:9c:b7:6b:96:aa:0b:6f:55:48:43:b3:85:
6f:56:18:6b:32:92:2d:a5:e5:0d:03:bc:e3:7c:4e:6c:cc:46:
b6:80:57:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYobB2iDaVIzHkfivwSR7I0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIyMDIxNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThhYzUzODU4YjhkOTRhNGQwNGFmNzM1OWFmNDIwZTJiZThiZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+iUUKByzEVPAFYDli+A3Z88f5pp
GwYJ2BrovrzT6WM+HTqGY5SY0F5K9TN0JzZBNiC61+o+eRzBtHFdQzPvDKSNwcws
bN1teldYlgqD00NUVSBBgJdr/KKMYu8Vd7FYsFm7THuJ+UqPko9iwlzp8JFj6alP
7JdhqWep7JzC+LhR4IqZ4/TUZ3PzZp4KxJ9Oje3zYW52+qVyJjVcxJp3ecVih244
bbE3nR8Sv36Fo6qkMTiuqCTM2bWcMXekIduZIAyq0vlN4BgGhcrSHIYsQKvDP2AC
7VGHChqu4FdvAwY9ar7SbRRh7oTNKtMEYSfd9fusG0TYmJgJ04I++Gi0MQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKWKxThYuNlKTQSvc1mvQg4r6L9vMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcFlyRk9GaTQyVXBOQks5eldhOUNEaXZvdjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIjGCGKFTw7/WG0kL+JV
CBqffSqDyV2XFK71Ho93uM980ZzM/gI8TkUo+1R7UGvtiHBg4dhCpgfmjXfIt19/
KK71l9X8Cg1/cmE7Jz9WQpfMzJlBf574smHBHoXrVA95tUveRgf8qagJG+EPtJMQ
C7LAPRUBtrBRQYpJjottJzR4N2YQgM8qiWRU1FpQJb8Oa/vyZJFlRyMlU7cjVXu8
OQ0ryd0N6vb6acJ03cbtNVChd3yl1ShnGdhN0lGIUdWlsh925ojLH6wEH+66JvSm
95RN7YdynUvX7XFihdlN1Jy3a5aqC29VSEOzhW9WGGsyki2l5Q0DvON8TmzMRraA
V2A=
-----END CERTIFICATE-----
Generated at Thu May 1 07:47:04 2025 by rpki-client