Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yH1yb6U1Shgq_R1LXKbE0NK7mu8.roa
File: yH1yb6U1Shgq_R1LXKbE0NK7mu8.roa (raw, json)
Hash identifier: sqx3C3UTCILwCq3y+Mj4+XUdyhmi6rwPrr/+tECpoGw=
Subject key identifier: C8:7D:72:6F:A5:35:4A:18:2A:FD:1D:4B:5C:A6:C4:D0:D2:BB:9A:EF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018647A912F0BAA2E023922DAE7048911488
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yH1yb6U1Shgq_R1LXKbE0NK7mu8.roa
Signing time: Sun 12 Feb 2023 22:05:08 +0000
ROA not before: Sun 12 Feb 2023 22:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:47a8:4419/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:47:a9:12:f0:ba:a2:e0:23:92:2d:ae:70:48:91:14:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 12 22:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c87d726fa5354a182afd1d4b5ca6c4d0d2bb9aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:28:69:00:57:5d:f6:ec:99:81:e4:b5:9a:44:
3b:96:6c:d6:45:f7:8d:d6:5e:81:b7:21:0b:53:71:
f2:3f:a5:88:83:d8:5c:21:0a:ad:77:3f:c2:b7:3f:
a2:18:5c:33:17:95:55:5f:43:2a:0a:68:32:2a:1b:
8d:00:d8:29:5b:06:64:b9:c2:04:eb:a1:4b:ff:8f:
59:db:a4:38:77:e9:95:f4:a8:2e:dc:2e:2d:e6:60:
fa:7d:9a:8d:ef:f7:a3:d5:6f:06:ad:77:1a:98:e2:
30:2c:04:c4:1b:73:2e:d0:26:0f:b4:e6:9a:a0:45:
7a:9e:92:ae:fd:ec:32:98:e5:74:02:c0:f3:b5:5c:
ba:5d:95:63:c6:eb:81:6d:0c:95:be:24:83:bb:dd:
ca:90:28:6d:db:d5:94:1e:dc:05:d8:76:c1:fc:77:
91:ce:05:16:b9:24:bd:43:9a:c8:89:7c:5a:33:2b:
f4:fb:e2:f8:bf:9d:ab:76:6c:10:9d:52:0c:c5:8a:
fa:c5:87:87:f3:9a:68:36:8b:ca:43:c7:77:b4:7b:
6a:b0:e1:66:86:b3:e2:b7:d3:de:a9:19:53:aa:a2:
6b:a5:68:f1:0e:84:10:b5:40:66:c2:51:19:c2:d9:
c9:eb:26:9e:17:d1:3d:cd:9b:f4:98:cc:c8:b3:a7:
b1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7D:72:6F:A5:35:4A:18:2A:FD:1D:4B:5C:A6:C4:D0:D2:BB:9A:EF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yH1yb6U1Shgq_R1LXKbE0NK7mu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:b7:66:ec:94:40:dc:52:08:0c:22:14:1f:69:1d:9e:76:67:
47:21:1a:f4:c6:e2:4b:91:e2:cb:59:4b:47:30:75:38:59:02:
b1:1d:1e:e8:68:ba:f3:be:a1:ad:bc:c9:34:50:67:0a:78:53:
c5:f0:42:79:30:03:0c:47:0a:bf:c5:8c:57:43:fa:bc:f2:88:
74:d8:ac:f8:dc:8f:d5:b4:62:97:cf:44:f8:2a:04:9e:c1:8d:
03:6a:43:54:f2:f7:e3:a0:d5:27:02:86:d0:80:15:91:1b:7e:
d8:2e:ca:68:d6:d8:1e:54:e2:72:50:0f:e1:e3:17:5a:fb:ea:
fb:e3:4d:e0:51:b7:0f:99:f9:cc:6c:64:bc:cd:8b:1d:4a:63:
b3:c9:e2:9e:d8:00:c5:2b:b9:d5:23:61:e3:85:9a:71:d5:9d:
cd:ed:2b:e6:ad:db:2d:f9:91:05:8e:ed:95:15:cf:cb:1f:7a:
dc:01:c9:61:f3:37:39:02:f6:0c:45:ac:1f:f3:ec:e7:90:9d:
4b:60:40:8a:73:d2:98:e7:32:bb:93:96:0a:06:65:c6:41:2e:
75:d9:08:11:42:5a:67:50:61:62:61:62:89:dc:79:c6:f0:7e:
f7:1d:75:ff:5c:8e:5c:ca:07:bf:4b:dd:be:fe:81:0c:29:4a:
9f:0d:28:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZHqRLwuqLgI5ItrnBIkRSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEyMjIwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdkNzI2ZmE1MzU0YTE4MmFmZDFkNGI1Y2E2YzRkMGQyYmI5YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArihpAFdd9uyZgeS1mkQ7lmzWRfeN
1l6BtyELU3HyP6WIg9hcIQqtdz/Ctz+iGFwzF5VVX0MqCmgyKhuNANgpWwZkucIE
66FL/49Z26Q4d+mV9Kgu3C4t5mD6fZqN7/ej1W8GrXcamOIwLATEG3Mu0CYPtOaa
oEV6npKu/ewymOV0AsDztVy6XZVjxuuBbQyVviSDu93KkCht29WUHtwF2HbB/HeR
zgUWuSS9Q5rIiXxaMyv0++L4v52rdmwQnVIMxYr6xYeH85poNovKQ8d3tHtqsOFm
hrPit9PeqRlTqqJrpWjxDoQQtUBmwlEZwtnJ6yaeF9E9zZv0mMzIs6exbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMh9cm+lNUoYKv0dS1ymxNDSu5rvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveUgxeWI2VTFTaGdxX1IxTFhLYkUwTks3bXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC63ZuyUQNxSCAwiFB9p
HZ52Z0chGvTG4kuR4stZS0cwdThZArEdHuhouvO+oa28yTRQZwp4U8XwQnkwAwxH
Cr/FjFdD+rzyiHTYrPjcj9W0YpfPRPgqBJ7BjQNqQ1Ty9+Og1ScChtCAFZEbftgu
ymjW2B5U4nJQD+HjF1r76vvjTeBRtw+Z+cxsZLzNix1KY7PJ4p7YAMUrudUjYeOF
mnHVnc3tK+at2y35kQWO7ZUVz8sfetwByWHzNzkC9gxFrB/z7OeQnUtgQIpz0pjn
MruTlgoGZcZBLnXZCBFCWmdQYWJhYoncecbwfvcddf9cjlzKB79L3b7+gQwpSp8N
KF0=
-----END CERTIFICATE-----
Generated at Fri May 2 20:17:23 2025 by rpki-client