Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ygZYZKtvuNVFUaTUvMjTAwJOz2w.roa
File: ygZYZKtvuNVFUaTUvMjTAwJOz2w.roa (raw, json)
Hash identifier: wLb0W2L/s/BdtorP846fTAqjAqihHWD/41//NvgBeNo=
Subject key identifier: CA:06:58:64:AB:6F:B8:D5:45:51:A4:D4:BC:C8:D3:03:02:4E:CF:6C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7B099A36
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ygZYZKtvuNVFUaTUvMjTAwJOz2w.roa
Signing time: Wed 13 Apr 2022 20:09:35 +0000
ROA not before: Wed 13 Apr 2022 20:09:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2064226870 (0x7b099a36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 13 20:09:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca065864ab6fb8d54551a4d4bcc8d303024ecf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2c:4e:f0:a7:a8:a2:d1:4e:e8:71:4c:96:d0:
1c:b7:3f:2e:38:e3:f7:b8:6a:ab:e8:e4:fe:d5:8c:
7d:a2:b0:20:b9:15:20:f8:46:4c:39:9c:66:5d:b1:
9c:e8:37:5f:f4:1e:2b:f6:d8:ae:ae:77:6e:8d:36:
3c:9e:24:be:d5:b1:37:e4:df:82:5a:85:77:95:c3:
bf:18:1d:fb:1c:00:0f:c1:41:1c:51:f5:ed:a8:83:
aa:62:8a:4c:2d:cc:3c:e0:00:7c:4f:ca:df:92:fd:
68:73:4f:1a:bc:cf:90:f7:9b:a5:61:00:ee:e1:9d:
f1:ad:26:5c:69:b8:bb:ef:aa:d1:4d:7f:e0:d7:55:
7e:2a:de:ac:8a:6c:7c:fb:37:79:ff:02:25:f4:c2:
64:f9:35:ef:3c:12:7f:80:a2:86:5f:0a:ce:ba:d3:
28:99:d4:db:dd:5b:3e:f4:2b:0d:0b:69:41:24:34:
65:a2:c5:61:7b:15:75:3f:0e:a5:4d:93:e6:d9:31:
08:a8:da:6f:71:35:5a:1b:bf:bf:c7:79:bc:ca:c6:
81:46:f5:7b:72:e7:a8:f1:c5:ca:8d:12:f4:01:6e:
94:bf:b8:76:7c:67:f5:5a:9c:de:7f:c9:c7:5c:18:
e0:35:a8:c0:0d:02:4a:11:3a:66:61:7f:40:89:70:
8f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:06:58:64:AB:6F:B8:D5:45:51:A4:D4:BC:C8:D3:03:02:4E:CF:6C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ygZYZKtvuNVFUaTUvMjTAwJOz2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:53:d6:8d:9a:36:b2:4a:38:b9:d0:ab:68:8e:7f:1f:9d:ff:
1f:56:b4:28:64:e2:d3:75:9c:04:97:15:8e:75:a0:86:ae:21:
c8:21:c3:6a:b7:49:3d:2d:1a:4f:77:f7:b6:f3:20:a2:54:41:
bf:f0:75:8b:76:8c:14:88:78:bf:06:f7:20:3a:4a:a3:8d:bc:
96:03:08:28:de:de:d9:11:f1:76:1e:03:9e:fd:6e:0a:76:08:
a4:53:54:35:35:b3:29:fd:bc:aa:2e:46:99:ed:4f:bd:02:6f:
6e:01:5b:f5:ff:a3:2f:a3:07:70:f9:db:07:84:5e:15:89:67:
cf:2b:b1:0a:85:5f:20:88:2d:0a:11:14:ac:cf:cc:de:81:fb:
29:9d:28:87:bc:d3:3f:b9:83:38:8f:92:54:74:05:3c:1a:44:
bf:68:37:89:5f:02:8d:3b:9e:b9:30:f2:ec:b4:5a:fa:5a:a1:
3e:30:7e:56:aa:7b:a5:18:b9:0a:ae:75:77:33:2d:87:eb:f8:
ab:66:7f:bb:63:4c:4b:56:fe:1e:bd:3a:ea:04:91:1d:ba:f5:
62:71:d1:e9:41:65:00:46:a6:72:63:61:80:1a:10:c1:06:75:
ec:1b:23:a1:32:26:6c:4f:5f:6b:77:9d:aa:cb:c8:83:4c:93:
f9:24:08:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEewmaNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQx
MzIwMDkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2EwNjU4NjRhYjZm
YjhkNTQ1NTFhNGQ0YmNjOGQzMDMwMjRlY2Y2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUsTvCnqKLRTuhxTJbQHLc/Ljjj97hqq+jk/tWMfaKwILkV
IPhGTDmcZl2xnOg3X/QeK/bYrq53bo02PJ4kvtWxN+TfglqFd5XDvxgd+xwAD8FB
HFH17aiDqmKKTC3MPOAAfE/K35L9aHNPGrzPkPebpWEA7uGd8a0mXGm4u++q0U1/
4NdVfirerIpsfPs3ef8CJfTCZPk17zwSf4Cihl8KzrrTKJnU291bPvQrDQtpQSQ0
ZaLFYXsVdT8OpU2T5tkxCKjab3E1Whu/v8d5vMrGgUb1e3LnqPHFyo0S9AFulL+4
dnxn9Vqc3n/Jx1wY4DWowA0CShE6ZmF/QIlwjxsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTKBlhkq2+41UVRpNS8yNMDAk7PbDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3lnWllaS3R2dU5WRlVhVFV2TWpUQXdKT3oydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBcU9aNmjaySji50Ktojn8fnf8fVrQoZOLTdZwE
lxWOdaCGriHIIcNqt0k9LRpPd/e28yCiVEG/8HWLdowUiHi/BvcgOkqjjbyWAwgo
3t7ZEfF2HgOe/W4KdgikU1Q1NbMp/byqLkaZ7U+9Am9uAVv1/6Mvowdw+dsHhF4V
iWfPK7EKhV8giC0KERSsz8zegfspnSiHvNM/uYM4j5JUdAU8GkS/aDeJXwKNO565
MPLstFr6WqE+MH5WqnulGLkKrnV3My2H6/irZn+7Y0xLVv4evTrqBJEduvVicdHp
QWUARqZyY2GAGhDBBnXsGyOhMiZsT19rd52qy8iDTJP5JAgv
-----END CERTIFICATE-----
Generated at Fri May 2 17:28:21 2025 by rpki-client