Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/y3566aL3A-YWDFQPkdZfIu0mbjA.roa
File: y3566aL3A-YWDFQPkdZfIu0mbjA.roa (raw, json)
Hash identifier: N3zu/tSlkxtPmqDPlq2CxD/inMVvPS9LusCgzFMj1Jo=
Subject key identifier: CB:7E:7A:E9:A2:F7:03:E6:16:0C:54:0F:91:D6:5F:22:ED:26:6E:30
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 742CDAEA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/y3566aL3A-YWDFQPkdZfIu0mbjA.roa
Signing time: Sun 20 Mar 2022 16:10:35 +0000
ROA not before: Sun 20 Mar 2022 16:10:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1949096682 (0x742cdaea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 20 16:10:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb7e7ae9a2f703e6160c540f91d65f22ed266e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:86:e5:e3:2e:18:73:a9:2a:73:35:89:30:
19:3e:0f:d2:ed:cd:31:63:6b:15:44:94:7a:1a:75:
4d:5e:40:3c:0c:f1:a6:31:a3:bb:44:2e:1e:21:c5:
64:f2:cb:9c:85:fc:68:6d:ab:78:8d:dd:55:47:53:
1d:63:e0:f1:76:fd:36:1a:80:37:df:03:9f:e1:8b:
fe:9e:7d:c7:dd:02:d1:4f:36:35:35:98:e8:77:5a:
3c:15:f3:92:fb:9b:c7:c1:20:0d:ac:16:e1:16:de:
ec:20:16:1e:b9:b6:5c:80:3b:8a:47:9a:30:ec:e9:
f0:61:36:fb:db:8f:4f:4a:2b:89:bd:c6:7e:3c:52:
ba:18:6f:62:b7:1c:8f:f6:e2:36:8d:70:83:c0:2a:
a9:7c:30:28:2c:80:cf:b9:cf:b9:07:85:6d:a3:58:
04:12:ff:d4:74:0a:82:65:c2:70:90:d7:11:e1:59:
5b:46:7b:2a:de:bf:c1:32:17:0f:8c:60:93:89:cf:
11:36:e4:26:c1:33:98:0f:07:38:8f:5c:de:78:65:
33:95:c5:2f:ef:0c:05:db:2b:ea:f8:27:82:02:b6:
76:24:51:f4:d4:6b:ec:f3:11:46:dc:12:a9:cc:1a:
80:5e:79:58:9e:5d:d1:8a:bf:e2:91:ee:93:16:05:
30:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7E:7A:E9:A2:F7:03:E6:16:0C:54:0F:91:D6:5F:22:ED:26:6E:30
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/y3566aL3A-YWDFQPkdZfIu0mbjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:72:01:d4:e4:fe:59:42:9f:28:a9:1d:18:3c:54:32:d2:56:
84:81:70:59:9c:3f:66:9e:12:71:a6:bd:b8:bc:0c:92:c1:e8:
a6:2a:b8:31:62:15:d0:74:45:de:e7:27:0b:29:6b:f2:55:10:
b4:e8:ff:cd:ad:e4:c6:db:b7:f7:e7:5d:86:c5:89:9c:d5:02:
ca:a5:0b:96:90:ec:81:8d:0e:2a:34:31:cc:09:d3:3b:11:19:
e3:b9:ae:c3:b0:d2:f2:92:db:78:fe:82:9c:6c:3f:7d:b2:6b:
18:2c:27:7b:5b:41:bc:56:b0:e8:7c:73:34:61:5b:a4:1d:c9:
9a:00:ee:91:1b:79:38:78:26:60:3f:ca:b5:03:53:f1:fe:75:
65:74:78:01:6f:e5:37:ce:ba:b5:fe:59:9c:e1:53:bc:28:78:
b5:1b:ac:63:cb:8f:6f:ac:31:2b:fa:1e:23:55:bf:14:34:10:
75:5a:65:69:3d:97:ba:07:07:ad:bd:4a:ba:62:7e:b3:15:71:
19:35:cc:f2:3c:f3:aa:31:e6:3c:6b:c1:df:90:53:36:11:c1:
8a:12:c7:cc:56:b3:42:51:31:c3:b5:04:ff:87:ff:34:60:88:
2d:43:76:e4:fc:a7:66:02:99:13:ec:90:22:13:90:28:87:b4:
05:e2:01:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdCza6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMy
MDE2MTAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I3ZTdhZTlhMmY3
MDNlNjE2MGM1NDBmOTFkNjVmMjJlZDI2NmUzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqZhuXjLhhzqSpzNYkwGT4P0u3NMWNrFUSUehp1TV5APAzx
pjGju0QuHiHFZPLLnIX8aG2reI3dVUdTHWPg8Xb9NhqAN98Dn+GL/p59x90C0U82
NTWY6HdaPBXzkvubx8EgDawW4Rbe7CAWHrm2XIA7ikeaMOzp8GE2+9uPT0orib3G
fjxSuhhvYrccj/biNo1wg8AqqXwwKCyAz7nPuQeFbaNYBBL/1HQKgmXCcJDXEeFZ
W0Z7Kt6/wTIXD4xgk4nPETbkJsEzmA8HOI9c3nhlM5XFL+8MBdsr6vgnggK2diRR
9NRr7PMRRtwSqcwagF55WJ5d0Yq/4pHukxYFMLkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTLfnrpovcD5hYMVA+R1l8i7SZuMDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3kzNTY2YUwzQS1ZV0RGUVBrZFpmSXUwbWJqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBDcgHU5P5ZQp8oqR0YPFQy0laEgXBZnD9mnhJx
pr24vAySweimKrgxYhXQdEXe5ycLKWvyVRC06P/NreTG27f3512GxYmc1QLKpQuW
kOyBjQ4qNDHMCdM7ERnjua7DsNLyktt4/oKcbD99smsYLCd7W0G8VrDofHM0YVuk
HcmaAO6RG3k4eCZgP8q1A1Px/nVldHgBb+U3zrq1/lmc4VO8KHi1G6xjy49vrDEr
+h4jVb8UNBB1WmVpPZe6BwetvUq6Yn6zFXEZNczyPPOqMeY8a8HfkFM2EcGKEsfM
VrNCUTHDtQT/h/80YIgtQ3bk/KdmApkT7JAiE5Aoh7QF4gED
-----END CERTIFICATE-----
Generated at Thu May 1 12:34:02 2025 by rpki-client