Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yJq7KMi-AgOjL7M7H7NRkcmmmZE.roa
File: yJq7KMi-AgOjL7M7H7NRkcmmmZE.roa (raw, json)
Hash identifier: IiUyMNH3rLsIPvhsJh40HO7KehLfnsdaJFrIDlq6aaY=
Subject key identifier: C8:9A:BB:28:C8:BE:02:03:A3:2F:B3:3B:1F:B3:51:91:C9:A6:99:91
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856D7684A941E15D3386777B6435D7525D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yJq7KMi-AgOjL7M7H7NRkcmmmZE.roa
Signing time: Sun 01 Jan 2023 13:12:41 +0000
ROA not before: Sun 01 Jan 2023 13:12:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:76:84:a9:41:e1:5d:33:86:77:7b:64:35:d7:52:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 13:12:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c89abb28c8be0203a32fb33b1fb35191c9a69991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d6:87:25:66:13:3e:e4:5e:cf:04:e8:97:d5:
0f:85:e3:93:90:ae:86:72:21:72:ab:bc:bf:19:2e:
c4:3e:4b:8e:f7:55:24:d5:0d:6f:89:64:d8:52:ea:
4b:c2:13:ec:e6:a2:07:38:8c:d3:f2:09:b6:9e:3a:
6a:71:30:88:84:0e:6e:f7:64:b9:74:c2:0d:89:51:
33:b7:12:12:12:cd:6b:1f:d3:14:a4:6f:ea:6b:bf:
84:0e:44:af:8f:f0:a1:0b:ee:f8:ca:60:85:8f:e7:
81:e4:82:68:ca:2c:ef:cd:81:66:2d:71:d2:8b:48:
95:58:99:0e:12:f0:e0:d8:bc:99:61:af:6b:c8:4f:
01:6b:ef:34:3b:64:14:c1:3d:ba:56:ed:36:c0:7d:
a2:8e:d2:fe:ac:bf:c4:6d:f5:3f:4e:20:5f:89:d7:
17:6c:e2:ce:2e:a8:14:a1:0e:e6:22:a5:4e:d8:8d:
33:17:d6:af:cf:d5:81:a9:32:2a:36:fc:7b:46:c1:
ce:3d:be:09:52:f8:47:48:59:04:39:6a:51:d5:62:
82:2b:74:ae:03:fb:c1:17:15:02:93:ab:f4:70:98:
56:e4:eb:37:a5:cc:5f:b7:4c:d7:ea:79:c0:ce:8b:
d1:ab:ca:10:c3:39:c0:67:5c:8a:d8:4c:2e:0e:bf:
29:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9A:BB:28:C8:BE:02:03:A3:2F:B3:3B:1F:B3:51:91:C9:A6:99:91
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yJq7KMi-AgOjL7M7H7NRkcmmmZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:be:df:62:b8:95:c5:14:b2:60:a4:fb:e1:e0:28:c9:a3:3f:
2e:65:48:a7:da:b7:ac:f6:0f:6a:b8:c4:93:67:18:05:ce:83:
68:c0:7c:d7:20:fa:e0:97:8f:95:76:ed:e0:58:64:67:2c:a3:
f1:d0:83:d9:c4:38:fd:e4:44:44:21:f6:f9:90:fc:6f:d3:35:
95:de:3e:9f:3c:5b:0a:5a:4b:0c:5a:13:0d:6c:4c:1a:7f:66:
af:b5:36:c4:a7:b7:d6:46:13:c3:60:fc:92:0c:03:eb:8a:83:
82:a2:50:4c:7b:f2:54:4a:2a:65:88:76:b8:b8:bd:91:e8:d1:
85:77:bb:ac:a9:0d:fe:fc:22:bd:d2:5d:4e:a4:ef:f7:60:90:
da:3a:7d:d7:2f:28:dc:55:68:52:c0:af:65:dd:1f:56:0e:c5:
82:7f:91:21:cf:ee:f6:e1:cd:1d:d2:00:ed:39:78:c6:d0:e0:
8d:a5:fb:0f:22:6f:9b:31:ba:7a:45:c2:bc:37:78:fe:c2:e4:
15:09:8f:f9:09:1a:af:9f:27:b3:07:9a:85:37:41:2c:b0:f8:
a3:84:0b:a9:95:42:9c:ce:17:1c:b1:c2:0c:ef:0c:a7:73:d2:
48:93:b8:71:1e:11:9c:7d:84:6e:c1:0e:1b:18:04:9d:59:5e:
9d:08:4e:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtdoSpQeFdM4Z3e2Q111JdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMTMxMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODlhYmIyOGM4YmUwMjAzYTMyZmIzM2IxZmIzNTE5MWM5YTY5OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdaHJWYTPuRezwTol9UPheOTkK6G
ciFyq7y/GS7EPkuO91Uk1Q1viWTYUupLwhPs5qIHOIzT8gm2njpqcTCIhA5u92S5
dMINiVEztxISEs1rH9MUpG/qa7+EDkSvj/ChC+74ymCFj+eB5IJoyizvzYFmLXHS
i0iVWJkOEvDg2LyZYa9ryE8Ba+80O2QUwT26Vu02wH2ijtL+rL/EbfU/TiBfidcX
bOLOLqgUoQ7mIqVO2I0zF9avz9WBqTIqNvx7RsHOPb4JUvhHSFkEOWpR1WKCK3Su
A/vBFxUCk6v0cJhW5Os3pcxft0zX6nnAzovRq8oQwznAZ1yK2EwuDr8pRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMiauyjIvgIDoy+zOx+zUZHJppmRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveUpxN0tNaS1BZ09qTDdNN0g3TlJrY21tbVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJi+32K4lcUUsmCk++Hg
KMmjPy5lSKfat6z2D2q4xJNnGAXOg2jAfNcg+uCXj5V27eBYZGcso/HQg9nEOP3k
REQh9vmQ/G/TNZXePp88WwpaSwxaEw1sTBp/Zq+1NsSnt9ZGE8Ng/JIMA+uKg4Ki
UEx78lRKKmWIdri4vZHo0YV3u6ypDf78Ir3SXU6k7/dgkNo6fdcvKNxVaFLAr2Xd
H1YOxYJ/kSHP7vbhzR3SAO05eMbQ4I2l+w8ib5sxunpFwrw3eP7C5BUJj/kJGq+f
J7MHmoU3QSyw+KOEC6mVQpzOFxyxwgzvDKdz0kiTuHEeEZx9hG7BDhsYBJ1ZXp0I
Tv8=
-----END CERTIFICATE-----
Generated at Thu May 1 00:24:29 2025 by rpki-client