Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yd5EJAIebttPMIqggZnWQUyvyF0.roa
File: yd5EJAIebttPMIqggZnWQUyvyF0.roa (raw, json)
Hash identifier: bFrIdIeyAhHRgX7rGnXqjigKxxVHfX4iFE6HUnV4iys=
Subject key identifier: C9:DE:44:24:02:1E:6E:DB:4F:30:8A:A0:81:99:D6:41:4C:AF:C8:5D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F8DE57840E8AF4D51D07933C015C16FD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yd5EJAIebttPMIqggZnWQUyvyF0.roa
Signing time: Tue 15 Aug 2023 11:04:28 +0000
ROA not before: Tue 15 Aug 2023 11:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:f8de:2eed/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:de:57:84:0e:8a:f4:d5:1d:07:93:3c:01:5c:16:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 15 11:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9de4424021e6edb4f308aa08199d6414cafc85d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9c:fe:c6:b7:be:a1:c4:6d:d3:90:b9:ff:a7:
61:46:2c:75:92:df:d3:34:9b:c4:74:58:5a:a1:ba:
ef:e1:20:82:ec:49:76:87:0a:3b:e1:70:6f:e5:bd:
44:c7:45:e1:15:60:b9:06:fd:51:c6:45:cc:b2:7f:
2d:e5:3f:42:0d:81:3a:ac:20:ac:00:4d:09:95:7c:
e3:7b:ae:1b:12:97:b1:3d:8a:d7:99:02:e6:ee:5e:
35:83:9a:fb:43:7e:17:c5:8f:2d:7c:e1:f6:9d:48:
73:b0:27:c8:2e:16:65:fb:9b:ff:55:d3:d5:bc:e5:
7f:93:c2:16:a2:c7:a4:a4:ae:f0:a7:d6:21:0e:67:
55:c0:3d:c6:31:f9:31:dc:e0:87:e8:a7:bd:80:80:
db:fa:48:7e:33:30:17:b7:39:77:50:92:f9:42:fb:
63:b4:c7:1a:9c:20:29:07:09:e7:f2:22:56:23:38:
c4:da:e0:99:a0:dc:27:3d:c5:2b:01:00:20:06:fe:
bd:8d:8e:37:64:d0:81:c6:70:ca:a4:ca:74:66:bc:
37:f3:97:8f:8b:5f:ba:8f:be:b9:fe:e0:f7:99:e7:
a0:fd:34:4d:62:67:d7:b8:8a:d8:cf:ba:d9:63:35:
f8:86:6a:35:de:dc:60:6b:3e:0b:97:46:29:f9:de:
c7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DE:44:24:02:1E:6E:DB:4F:30:8A:A0:81:99:D6:41:4C:AF:C8:5D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yd5EJAIebttPMIqggZnWQUyvyF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:1f:c4:8e:21:86:22:11:22:78:28:94:e0:90:97:cd:70:54:
f3:f6:61:ba:27:19:ec:89:ce:5f:ac:15:35:70:13:84:9e:fc:
f8:f3:40:47:24:04:6d:1d:bc:19:f5:95:1e:60:a8:14:92:e1:
fe:83:1f:ba:f4:ff:cc:83:5d:b9:67:3c:d2:1a:ed:6b:0e:3d:
74:51:fe:5a:15:56:13:62:a3:3f:59:08:4c:41:00:9f:e1:30:
0d:1f:f2:c7:b2:6c:79:e8:08:db:bd:e7:10:da:a0:d4:86:98:
50:62:bd:01:6b:d5:ce:86:86:07:95:d2:fe:8b:fc:bd:c3:e3:
0a:2d:5e:36:db:b0:e7:47:96:43:10:8e:a8:9c:4c:86:d8:12:
b5:38:c7:c2:d1:c3:14:44:39:d8:7e:35:11:da:cc:5e:27:37:
a2:72:ee:49:37:50:db:c6:97:97:df:76:31:51:28:1b:32:9e:
4a:73:7a:c0:18:d0:fc:76:9a:da:2f:f9:2a:12:6e:03:22:31:
ae:de:f5:d6:c3:3e:d9:78:38:b3:5e:74:fe:a7:c3:9f:2f:1d:
12:51:c6:ae:0e:4f:f4:32:45:40:bc:4f:67:c6:22:49:31:09:
94:3c:ed:b6:6a:c4:2a:73:f0:3b:fa:90:89:8f:07:6c:34:c2:
a8:1e:c2:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn43leEDor01R0HkzwBXBb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE1MTEwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRlNDQyNDAyMWU2ZWRiNGYzMDhhYTA4MTk5ZDY0MTRjYWZjODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpz+xre+ocRt05C5/6dhRix1kt/T
NJvEdFhaobrv4SCC7El2hwo74XBv5b1Ex0XhFWC5Bv1RxkXMsn8t5T9CDYE6rCCs
AE0JlXzje64bEpexPYrXmQLm7l41g5r7Q34XxY8tfOH2nUhzsCfILhZl+5v/VdPV
vOV/k8IWosekpK7wp9YhDmdVwD3GMfkx3OCH6Ke9gIDb+kh+MzAXtzl3UJL5Qvtj
tMcanCApBwnn8iJWIzjE2uCZoNwnPcUrAQAgBv69jY43ZNCBxnDKpMp0Zrw385eP
i1+6j765/uD3meeg/TRNYmfXuIrYz7rZYzX4hmo13txgaz4Ll0Yp+d7HHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMneRCQCHm7bTzCKoIGZ1kFMr8hdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWQ1RUpBSWVidHRQTUlxZ2dabldRVXl2eUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABwfxI4hhiIRIngolOCQ
l81wVPP2YbonGeyJzl+sFTVwE4Se/PjzQEckBG0dvBn1lR5gqBSS4f6DH7r0/8yD
XblnPNIa7WsOPXRR/loVVhNioz9ZCExBAJ/hMA0f8seybHnoCNu95xDaoNSGmFBi
vQFr1c6GhgeV0v6L/L3D4wotXjbbsOdHlkMQjqicTIbYErU4x8LRwxREOdh+NRHa
zF4nN6Jy7kk3UNvGl5ffdjFRKBsynkpzesAY0Px2mtov+SoSbgMiMa7e9dbDPtl4
OLNedP6nw58vHRJRxq4OT/QyRUC8T2fGIkkxCZQ87bZqxCpz8Dv6kImPB2w0wqge
ws0=
-----END CERTIFICATE-----
Generated at Fri May 2 03:16:25 2025 by rpki-client