Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yfNoLpc3xhMJ4ZLQuDiQgQ3uAoc.roa
File: yfNoLpc3xhMJ4ZLQuDiQgQ3uAoc.roa (raw, json)
Hash identifier: o3eVGjDz0P7X0J1yhGus7KCdxMwnLoC/aw7EsTCtiRo=
Subject key identifier: C9:F3:68:2E:97:37:C6:13:09:E1:92:D0:B8:38:90:81:0D:EE:02:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B54F07FA0C33C9CE6682A1AB8F1015AB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yfNoLpc3xhMJ4ZLQuDiQgQ3uAoc.roa
Signing time: Mon 06 Mar 2023 05:05:00 +0000
ROA not before: Mon 06 Mar 2023 05:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:b54e:54da/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:4f:07:fa:0c:33:c9:ce:66:82:a1:ab:8f:10:15:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 6 05:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f3682e9737c61309e192d0b83890810dee0287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9f:39:e5:17:fb:0e:26:38:66:04:0c:f7:50:
56:1d:86:5b:c2:c1:84:21:ed:69:9f:a1:96:b8:2f:
6e:1c:56:b9:f8:5f:8c:23:c6:a0:7c:49:77:ce:3b:
30:3c:06:78:15:c2:02:10:9a:50:08:42:a4:86:5b:
32:4d:83:d8:06:d8:b3:a8:3e:0e:f7:85:8e:76:df:
77:32:99:69:99:8e:95:75:46:8c:23:cc:22:e0:a2:
7f:1b:c6:42:9c:79:81:13:12:d5:7d:c7:7d:e2:03:
3a:0a:d6:9c:29:4d:79:c6:62:26:ea:9e:80:47:b3:
0b:4e:17:6b:c1:45:ab:91:40:c0:e5:c3:2d:66:e3:
6a:c5:09:93:fd:65:5b:fe:cb:62:2d:e7:70:bf:e0:
f6:23:25:e5:82:93:c1:c3:ac:63:cb:45:62:b9:d3:
7f:da:e0:34:76:9c:7f:91:0c:9e:3c:1f:99:bc:3e:
24:73:09:19:bd:89:af:16:84:42:ff:f3:a0:d4:b2:
d9:80:b9:47:79:4e:dc:20:56:0c:5d:f4:89:47:90:
fd:e1:98:21:9a:e0:6e:52:e8:c6:bd:16:3b:13:9a:
be:75:85:ea:4d:f4:66:ec:f2:0a:45:d4:8c:4c:fa:
36:5f:95:77:c6:e1:fc:78:18:fc:45:ca:21:cf:92:
73:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F3:68:2E:97:37:C6:13:09:E1:92:D0:B8:38:90:81:0D:EE:02:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yfNoLpc3xhMJ4ZLQuDiQgQ3uAoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:42:1a:a9:a1:b3:ac:b1:61:68:ff:cb:d9:1f:c0:b6:74:b5:
1f:99:ee:8c:df:e6:ec:c8:e4:e3:ef:46:78:81:51:c3:9c:b7:
b4:5e:40:5a:d8:11:b7:81:02:3a:79:57:52:ad:d5:c3:0a:29:
fd:75:0f:47:35:5d:85:0f:e9:b5:36:d2:74:73:d9:50:20:80:
39:49:26:81:9c:01:19:ad:ff:bc:ef:bd:cc:13:52:f6:b0:60:
3e:e9:fc:e1:8d:51:c8:68:41:d7:47:f4:fe:57:d5:ac:37:55:
12:05:32:63:3f:3e:2b:9f:67:45:42:3e:22:a2:41:6f:5e:26:
f2:38:51:07:43:53:2e:a2:ae:a8:94:97:ac:7e:ea:ce:d1:8a:
18:ad:19:a0:84:7a:22:29:5c:b5:06:36:8f:20:79:19:4c:21:
89:0f:a0:f3:88:06:0f:7b:85:77:8e:47:77:d5:a8:69:0c:65:
a3:e1:2d:74:c0:3d:2c:79:52:3f:cb:90:6f:ae:0a:28:e2:b8:
81:8d:31:24:9b:f9:b0:cc:6f:34:d2:e0:42:3e:77:cf:5c:40:
1f:1d:8d:a6:73:ac:97:e5:56:a5:57:5b:f4:ee:0a:ce:dd:f4:
f3:71:26:17:7d:f5:95:83:fe:5c:fc:16:e5:46:50:c8:48:51:
df:8c:85:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa1Twf6DDPJzmaCoauPEBWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA2MDUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWYzNjgyZTk3MzdjNjEzMDllMTkyZDBiODM4OTA4MTBkZWUwMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ855Rf7DiY4ZgQM91BWHYZbwsGE
Ie1pn6GWuC9uHFa5+F+MI8agfEl3zjswPAZ4FcICEJpQCEKkhlsyTYPYBtizqD4O
94WOdt93MplpmY6VdUaMI8wi4KJ/G8ZCnHmBExLVfcd94gM6CtacKU15xmIm6p6A
R7MLThdrwUWrkUDA5cMtZuNqxQmT/WVb/stiLedwv+D2IyXlgpPBw6xjy0ViudN/
2uA0dpx/kQyePB+ZvD4kcwkZvYmvFoRC//Og1LLZgLlHeU7cIFYMXfSJR5D94Zgh
muBuUujGvRY7E5q+dYXqTfRm7PIKRdSMTPo2X5V3xuH8eBj8Rcohz5JzpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMnzaC6XN8YTCeGS0Lg4kIEN7gKHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWZOb0xwYzN4aE1KNFpMUXVEaVFnUTN1QW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACJCGqmhs6yxYWj/y9kf
wLZ0tR+Z7ozf5uzI5OPvRniBUcOct7ReQFrYEbeBAjp5V1Kt1cMKKf11D0c1XYUP
6bU20nRz2VAggDlJJoGcARmt/7zvvcwTUvawYD7p/OGNUchoQddH9P5X1aw3VRIF
MmM/PiufZ0VCPiKiQW9eJvI4UQdDUy6irqiUl6x+6s7RihitGaCEeiIpXLUGNo8g
eRlMIYkPoPOIBg97hXeOR3fVqGkMZaPhLXTAPSx5Uj/LkG+uCijiuIGNMSSb+bDM
bzTS4EI+d89cQB8djaZzrJflVqVXW/TuCs7d9PNxJhd99ZWD/lz8FuVGUMhIUd+M
hbk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:51:16 2025 by rpki-client