Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yFqocbAOzh2g53SOcqF4fyznkKQ.roa
File: yFqocbAOzh2g53SOcqF4fyznkKQ.roa (raw, json)
Hash identifier: 0mgQmXdVdvGuZtUYCPSaow35RjvtgG+LLLI7rd/XqUc=
Subject key identifier: C8:5A:A8:71:B0:0E:CE:1D:A0:E7:74:8E:72:A1:78:7F:2C:E7:90:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A35DAB26823E5CD77F06B5626FA10217F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yFqocbAOzh2g53SOcqF4fyznkKQ.roa
Signing time: Sun 27 Aug 2023 07:17:19 +0000
ROA not before: Sun 27 Aug 2023 07:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:35:da:b2:68:23:e5:cd:77:f0:6b:56:26:fa:10:21:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 27 07:17:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c85aa871b00ece1da0e7748e72a1787f2ce790a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c2:64:c6:c3:2a:0e:5a:12:d8:be:22:d6:31:
52:cf:5d:1b:f1:45:0a:cf:5f:a1:49:12:5a:53:ee:
25:67:89:0e:06:2a:12:d3:e8:95:96:1f:bb:b9:a1:
a6:40:a0:cb:1e:4d:90:e4:96:d6:18:e1:32:90:bb:
96:65:f2:31:7f:69:8b:f7:0d:d3:90:bb:12:c1:b9:
e9:8e:65:4b:ba:94:12:9e:d1:21:85:22:88:a9:d5:
6b:e8:c4:14:73:26:78:81:18:b1:3d:de:ed:d6:aa:
b8:33:7b:71:44:06:1c:8f:54:21:3a:ac:b0:02:2a:
77:76:71:08:e8:f8:e3:24:a1:b3:22:c7:e2:bf:76:
2f:b4:40:94:f6:21:60:20:11:c7:a2:21:94:56:39:
17:b2:0b:87:e7:28:41:96:2c:51:58:12:df:7c:73:
34:ce:45:c6:67:ef:aa:ef:a1:eb:93:40:0a:a0:00:
64:e4:28:99:66:c7:34:b8:2c:17:ea:bd:7a:d7:2d:
15:03:05:e0:c6:d7:71:e7:02:0a:50:ae:74:0f:78:
ce:94:75:45:fd:20:11:12:59:f5:52:6a:2a:46:a8:
84:43:dc:f5:5a:c0:c2:7e:e9:42:a4:4e:85:f2:f4:
e1:64:44:12:2d:45:d0:71:d9:0a:fd:68:1e:15:89:
ce:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5A:A8:71:B0:0E:CE:1D:A0:E7:74:8E:72:A1:78:7F:2C:E7:90:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yFqocbAOzh2g53SOcqF4fyznkKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:46:8d:f5:b3:74:ba:ab:72:c1:f6:f6:07:58:07:11:c6:92:
35:8c:b7:02:c0:24:3c:f5:46:5b:4e:65:da:59:4b:26:f6:f7:
43:75:d8:79:7c:6f:52:3c:4e:3a:1e:a1:1f:3a:e9:84:a9:41:
d1:f6:e8:0d:38:26:da:73:19:cc:1e:7f:2b:71:a5:96:d1:c8:
2f:82:19:dc:00:e4:05:07:0f:32:83:77:31:57:14:27:54:9d:
0d:16:e7:0d:1f:7f:c0:34:4d:be:b0:e4:65:13:b1:0c:92:de:
5e:a4:1f:b3:a5:98:8c:0f:a0:d1:d8:68:d6:93:ec:b6:23:ee:
48:30:ef:6c:49:67:98:23:30:42:b4:2c:14:2a:0d:0d:86:73:
b7:c9:47:34:be:29:4e:2f:4f:ca:6a:02:d8:1a:23:e7:2b:2e:
ee:35:e6:db:64:7a:ea:91:a2:fa:cd:79:3c:b6:41:05:17:be:
de:8d:66:a7:2b:df:bc:06:b9:bd:8e:83:23:53:3e:85:7c:17:
a0:ab:99:fb:e2:db:16:e0:9a:a1:eb:2f:88:ab:5b:af:ac:35:
4c:3c:71:fa:29:f6:10:e1:fc:9d:22:e8:b6:8b:03:27:7e:9f:
a7:98:d0:c1:47:bc:4e:5b:18:48:df:76:49:0d:16:8c:fb:76:
c4:0f:92:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo12rJoI+XNd/BrVib6ECF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI3MDcxNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODVhYTg3MWIwMGVjZTFkYTBlNzc0OGU3MmExNzg3ZjJjZTc5MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcJkxsMqDloS2L4i1jFSz10b8UUK
z1+hSRJaU+4lZ4kOBioS0+iVlh+7uaGmQKDLHk2Q5JbWGOEykLuWZfIxf2mL9w3T
kLsSwbnpjmVLupQSntEhhSKIqdVr6MQUcyZ4gRixPd7t1qq4M3txRAYcj1QhOqyw
Aip3dnEI6PjjJKGzIsfiv3YvtECU9iFgIBHHoiGUVjkXsguH5yhBlixRWBLffHM0
zkXGZ++q76Hrk0AKoABk5CiZZsc0uCwX6r161y0VAwXgxtdx5wIKUK50D3jOlHVF
/SAREln1UmoqRqiEQ9z1WsDCfulCpE6F8vThZEQSLUXQcdkK/WgeFYnOmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMhaqHGwDs4doOd0jnKheH8s55CkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveUZxb2NiQU96aDJnNTNTT2NxRjRmeXpua0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGdGjfWzdLqrcsH29gdY
BxHGkjWMtwLAJDz1RltOZdpZSyb290N12Hl8b1I8TjoeoR866YSpQdH26A04Jtpz
GcwefytxpZbRyC+CGdwA5AUHDzKDdzFXFCdUnQ0W5w0ff8A0Tb6w5GUTsQyS3l6k
H7OlmIwPoNHYaNaT7LYj7kgw72xJZ5gjMEK0LBQqDQ2Gc7fJRzS+KU4vT8pqAtga
I+crLu415ttkeuqRovrNeTy2QQUXvt6NZqcr37wGub2OgyNTPoV8F6Crmfvi2xbg
mqHrL4irW6+sNUw8cfop9hDh/J0i6LaLAyd+n6eY0MFHvE5bGEjfdkkNFoz7dsQP
kmA=
-----END CERTIFICATE-----
Generated at Fri May 2 20:25:46 2025 by rpki-client