Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yadq7OiybpzhtVKkKtQ18bJXdvw.roa
File: yadq7OiybpzhtVKkKtQ18bJXdvw.roa (raw, json)
Hash identifier: 4FLGGG/cgOCWOp/AeChn3qHIbOBMDUm5uWVv7Ei0YJE=
Subject key identifier: C9:A7:6A:EC:E8:B2:6E:9C:E1:B5:52:A4:2A:D4:35:F1:B2:57:76:FC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189EECF6B9D451F28812E334ED05BF543A0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yadq7OiybpzhtVKkKtQ18bJXdvw.roa
Signing time: Sun 13 Aug 2023 12:11:58 +0000
ROA not before: Sun 13 Aug 2023 12:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ee:cf:6b:9d:45:1f:28:81:2e:33:4e:d0:5b:f5:43:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 12:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9a76aece8b26e9ce1b552a42ad435f1b25776fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ef:1c:4a:16:9b:0a:23:5e:b5:7d:f0:28:ca:
8e:11:75:9e:a3:95:a2:0c:00:2c:ab:e1:c8:af:28:
cf:40:b6:39:05:85:b3:7e:e7:1b:d9:bb:b8:0e:78:
ca:43:1a:a6:a6:a1:45:c2:1a:14:c5:23:ce:ed:1c:
d2:75:a8:55:77:84:7f:15:a6:24:df:c9:06:bb:80:
8d:f4:87:03:7b:f2:22:dd:14:16:15:e7:8d:36:85:
08:1f:74:97:8c:5d:05:53:80:aa:10:6a:9d:fd:79:
a6:a1:ce:94:84:80:88:99:c7:b1:b3:1a:05:a9:dc:
27:16:55:fc:78:61:ef:30:c8:e9:3a:71:4c:be:73:
5d:22:ee:ea:e9:11:48:cd:30:b6:a3:84:d2:c9:4e:
a9:00:12:29:76:ef:da:1d:44:2b:d9:1d:be:a3:51:
47:ae:bb:c3:53:22:c9:85:2c:6f:b2:cf:fe:86:37:
e3:c7:d7:02:36:b5:1c:c7:f9:02:e5:ee:2b:2c:78:
e5:e2:3d:f1:ea:31:a3:bc:3a:dd:fa:f2:bd:ea:6a:
c4:70:65:5d:08:1a:98:39:44:8f:3c:0d:8c:38:54:
be:15:64:ee:bd:dd:cb:1c:1c:7e:36:34:07:01:f2:
ff:94:83:7d:2d:12:20:e5:c0:79:a4:fd:78:96:bb:
9c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A7:6A:EC:E8:B2:6E:9C:E1:B5:52:A4:2A:D4:35:F1:B2:57:76:FC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yadq7OiybpzhtVKkKtQ18bJXdvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:e9:9f:a5:ec:36:70:77:f9:11:65:bf:52:f1:6d:e4:8a:e6:
74:b5:f7:1c:a9:d7:bd:02:dd:8e:66:40:e5:7a:d2:26:4f:9a:
1a:e1:f5:1a:9c:05:84:ce:73:06:4f:2a:e8:55:75:6d:3f:ed:
2c:5a:02:66:39:66:67:7c:33:fe:54:eb:18:1d:2a:4b:aa:4d:
b6:19:75:c1:8a:49:f7:3d:70:27:b8:b5:ac:95:44:c1:5f:d9:
b8:42:12:4a:67:2f:d1:52:24:bb:63:36:21:7e:71:47:74:6e:
bf:7a:1d:88:95:d7:0a:f1:fb:3b:2e:db:d2:83:52:e9:b2:44:
a7:7e:69:13:1c:88:ff:5a:dd:3c:81:ba:a9:e9:54:4b:00:2c:
7a:09:b3:41:ea:cb:6d:aa:06:77:29:38:fa:f9:2a:39:93:3a:
45:22:db:64:c4:a6:df:66:5e:60:10:2e:b7:e1:57:91:eb:a5:
b5:69:91:20:c0:dd:de:22:05:61:7b:df:55:72:82:f4:85:44:
cf:50:03:ad:c7:6e:cf:e9:5e:1a:38:7d:24:bc:83:dd:a3:02:
21:bd:ce:8e:62:cf:da:30:81:4c:68:5b:c5:6a:43:9f:27:c9:
fb:73:b4:68:e9:f1:ca:c3:31:6a:0d:4e:6f:62:f0:52:71:18:
50:94:81:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnuz2udRR8ogS4zTtBb9UOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMTIxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWE3NmFlY2U4YjI2ZTljZTFiNTUyYTQyYWQ0MzVmMWIyNTc3NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+8cShabCiNetX3wKMqOEXWeo5Wi
DAAsq+HIryjPQLY5BYWzfucb2bu4DnjKQxqmpqFFwhoUxSPO7RzSdahVd4R/FaYk
38kGu4CN9IcDe/Ii3RQWFeeNNoUIH3SXjF0FU4CqEGqd/Xmmoc6UhICImcexsxoF
qdwnFlX8eGHvMMjpOnFMvnNdIu7q6RFIzTC2o4TSyU6pABIpdu/aHUQr2R2+o1FH
rrvDUyLJhSxvss/+hjfjx9cCNrUcx/kC5e4rLHjl4j3x6jGjvDrd+vK96mrEcGVd
CBqYOUSPPA2MOFS+FWTuvd3LHBx+NjQHAfL/lIN9LRIg5cB5pP14lrucywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMmnauzosm6c4bVSpCrUNfGyV3b8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWFkcTdPaXlicHpodFZLa0t0UTE4YkpYZHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEbpn6XsNnB3+RFlv1Lx
beSK5nS19xyp170C3Y5mQOV60iZPmhrh9RqcBYTOcwZPKuhVdW0/7SxaAmY5Zmd8
M/5U6xgdKkuqTbYZdcGKSfc9cCe4tayVRMFf2bhCEkpnL9FSJLtjNiF+cUd0br96
HYiV1wrx+zsu29KDUumyRKd+aRMciP9a3TyBuqnpVEsALHoJs0Hqy22qBncpOPr5
KjmTOkUi22TEpt9mXmAQLrfhV5HrpbVpkSDA3d4iBWF731VygvSFRM9QA63Hbs/p
Xho4fSS8g92jAiG9zo5iz9owgUxoW8VqQ58nyftztGjp8crDMWoNTm9i8FJxGFCU
gdo=
-----END CERTIFICATE-----
Generated at Sun May 4 07:31:55 2025 by rpki-client