Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yQAa4r77gY5IScwKCCa-gMwM_a0.roa
File: yQAa4r77gY5IScwKCCa-gMwM_a0.roa (raw, json)
Hash identifier: WNpAG3/1RttB5J4K+bmaMkAaToE6W73JLgwo4Fpx3kM=
Subject key identifier: C9:00:1A:E2:BE:FB:81:8E:48:49:CC:0A:08:26:BE:80:CC:0C:FD:AD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 85DED248
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yQAa4r77gY5IScwKCCa-gMwM_a0.roa
Signing time: Fri 20 May 2022 22:12:29 +0000
ROA not before: Fri 20 May 2022 22:12:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2245972552 (0x85ded248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 20 22:12:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9001ae2befb818e4849cc0a0826be80cc0cfdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:75:6e:12:84:51:07:0e:9d:95:00:65:17:25:
28:c9:75:50:88:b3:01:59:7c:32:f7:d3:42:45:4c:
1e:85:e8:c1:44:5f:d9:5e:8b:81:cf:2c:24:8e:86:
ec:75:09:2f:a1:2c:22:63:c9:22:91:09:0b:9c:c7:
34:1a:78:89:5f:f8:5d:b0:19:1f:ed:66:38:a0:40:
e0:e2:94:b9:bf:76:c1:cb:c8:f1:24:e6:9e:29:d0:
e8:5a:66:00:8f:e9:22:2d:44:d9:9d:63:1e:fa:8a:
8c:22:c3:2d:11:68:b9:38:76:21:a7:61:f4:7a:cb:
1c:80:5e:1b:c0:e2:55:7c:b6:88:d5:9b:49:77:b1:
fd:85:11:9e:bc:b3:e9:89:07:51:b0:50:e0:83:10:
1a:60:90:d8:1c:a4:9b:08:16:af:01:b5:27:c1:ad:
f2:c1:aa:fc:eb:18:f5:bb:89:07:e6:9c:a0:06:1f:
35:e3:65:1c:44:ed:7e:92:c8:ed:7f:d8:42:d5:c8:
39:ed:b6:d0:ad:94:9f:ac:d3:d4:6c:3d:29:78:42:
bd:d2:79:47:63:10:3a:09:1a:4f:a3:a2:48:b6:0a:
ad:3d:50:42:b5:bb:37:76:6c:47:1f:8d:5e:ee:b5:
a9:8e:4e:54:07:9d:12:70:68:db:55:76:95:a7:75:
5d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:00:1A:E2:BE:FB:81:8E:48:49:CC:0A:08:26:BE:80:CC:0C:FD:AD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yQAa4r77gY5IScwKCCa-gMwM_a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:ea:d7:26:93:7c:8e:98:76:da:40:60:82:4a:47:f4:f9:f0:
e4:52:89:5a:46:06:77:d1:52:92:ce:60:4f:b5:a5:ab:d3:49:
6d:b3:79:34:f7:b1:1d:19:ca:f5:88:0b:2d:96:56:9e:8f:73:
bc:b5:58:23:82:e8:93:c7:bc:3f:6a:a4:77:54:27:50:f2:59:
29:e2:6a:4a:ba:23:0b:1f:3c:a8:54:a2:57:d4:0b:50:26:df:
d2:32:c6:68:3e:2a:42:81:43:e4:6a:7d:b9:e8:6a:f1:12:4c:
17:6a:0f:8f:f3:bd:38:f4:52:e5:8a:06:37:69:a4:d3:36:8a:
80:b9:66:e7:37:e6:98:f7:db:70:27:60:f9:d3:ff:90:fa:c8:
d0:6d:e9:50:a6:f2:50:13:fd:86:17:28:71:5d:81:f5:a7:e3:
58:f4:5b:af:7b:da:f4:97:40:05:04:6e:66:1a:02:a6:9a:17:
ce:ab:eb:5e:bb:6c:91:02:19:52:4b:78:73:d9:dc:18:01:6d:
d2:fa:d5:4e:9a:7e:4b:a1:68:09:e9:2b:7c:c5:13:33:24:f4:
71:d9:3a:44:32:97:c1:14:5d:51:77:0c:8d:90:2d:6c:4c:af:
08:8e:ce:e8:dc:08:d9:d1:18:02:6f:7b:97:a8:b9:25:2f:05:
68:94:ba:fd
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIXe0kgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjAyMjEyMjlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGM5MDAxYWUyYmVm
YjgxOGU0ODQ5Y2MwYTA4MjZiZTgwY2MwY2ZkYWQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCadW4ShFEHDp2VAGUXJSjJdVCIswFZfDL300JFTB6F6MFE
X9lei4HPLCSOhux1CS+hLCJjySKRCQucxzQaeIlf+F2wGR/tZjigQODilLm/dsHL
yPEk5p4p0OhaZgCP6SItRNmdYx76iowiwy0RaLk4diGnYfR6yxyAXhvA4lV8tojV
m0l3sf2FEZ68s+mJB1GwUOCDEBpgkNgcpJsIFq8BtSfBrfLBqvzrGPW7iQfmnKAG
HzXjZRxE7X6SyO1/2ELVyDntttCtlJ+s09RsPSl4Qr3SeUdjEDoJGk+joki2Cq09
UEK1uzd2bEcfjV7utamOTlQHnRJwaNtVdpWndV1DAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUyQAa4r77gY5IScwKCCa+gMwM/a0wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS95UUFhNHI3N2dZNUlTY3dLQ0NhLWdNd01fYTAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEASerXJpN8jph22kBggkpH9Pnw5FKJWkYGd9FS
ks5gT7Wlq9NJbbN5NPexHRnK9YgLLZZWno9zvLVYI4Lok8e8P2qkd1QnUPJZKeJq
SrojCx88qFSiV9QLUCbf0jLGaD4qQoFD5Gp9uehq8RJMF2oPj/O9OPRS5YoGN2mk
0zaKgLlm5zfmmPfbcCdg+dP/kPrI0G3pUKbyUBP9hhcocV2B9afjWPRbr3va9JdA
BQRuZhoCppoXzqvrXrtskQIZUkt4c9ncGAFt0vrVTpp+S6FoCekrfMUTMyT0cdk6
RDKXwRRdUXcMjZAtbEyvCI7O6NwI2dEYAm97l6i5JS8FaJS6/Q==
-----END CERTIFICATE-----
Generated at Thu May 1 00:08:29 2025 by rpki-client