Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yhVy7mj7i0_oiqwOxVBXIxDD8As.roa
File: yhVy7mj7i0_oiqwOxVBXIxDD8As.roa (raw, json)
Hash identifier: EmTz9SjHIUlr59ps5Qxpd6VnSVBJ0SuuW5u+HsJrugU=
Subject key identifier: CA:15:72:EE:68:FB:8B:4F:E8:8A:AC:0E:C5:50:57:23:10:C3:F0:0B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01832ECD39EA21ADC60B35A7C417B8DC6E74
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yhVy7mj7i0_oiqwOxVBXIxDD8As.roa
Signing time: Sun 11 Sep 2022 23:05:45 +0000
ROA not before: Sun 11 Sep 2022 23:05:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:2ecc:6124/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:2e:cd:39:ea:21:ad:c6:0b:35:a7:c4:17:b8:dc:6e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 11 23:05:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca1572ee68fb8b4fe88aac0ec550572310c3f00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:56:0b:6e:99:35:9d:5d:fb:bd:3e:f7:7f:5c:
19:58:40:5d:01:a4:a4:78:35:21:cb:d4:24:36:83:
b2:81:55:e7:ac:2c:db:1c:bf:48:81:28:4c:92:5b:
57:a9:23:f1:f9:2d:d2:f3:32:62:0b:cb:f6:0b:37:
ea:74:4a:04:fc:76:ed:6b:79:23:29:91:39:30:a2:
ea:aa:83:8d:65:ec:0b:cf:bb:4d:a6:92:d5:2d:67:
bc:82:ee:ef:ae:ca:49:46:7a:db:68:ff:cb:4d:ba:
5a:28:7d:cf:6f:f9:b9:b2:a5:f7:7f:11:63:19:2e:
fd:23:32:c3:c8:7e:83:19:32:88:d0:8a:ff:a1:23:
b9:7f:5b:80:99:c6:a8:2b:08:3e:46:97:5f:9b:ef:
44:33:8b:dd:00:a1:0a:09:35:19:75:5a:2f:6a:51:
59:f6:7c:96:d7:da:7e:f5:f2:35:34:1a:a6:a6:19:
ec:3d:be:e5:1a:75:7f:23:69:79:4b:70:17:47:ce:
f8:dc:b4:77:84:f7:a5:e2:6b:86:7c:05:3c:ea:86:
44:ad:6b:04:2e:cb:31:c0:06:98:7f:48:13:aa:5f:
21:48:18:21:a6:59:6f:69:78:83:e0:b0:d8:6c:4e:
0e:e8:89:38:a9:fe:c8:2e:ac:d9:51:5d:15:8f:b0:
38:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:15:72:EE:68:FB:8B:4F:E8:8A:AC:0E:C5:50:57:23:10:C3:F0:0B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yhVy7mj7i0_oiqwOxVBXIxDD8As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:0b:2f:cf:67:fc:b9:04:33:e7:62:11:80:39:20:da:8e:89:
ae:24:6c:4a:1c:39:79:e7:de:60:49:3a:cf:5b:42:cf:72:e2:
ea:78:26:c1:5f:8e:3f:0f:40:46:5d:66:a7:c0:fa:e6:de:8c:
d1:88:b0:81:24:8d:a0:0b:2e:51:24:88:28:b2:05:be:52:68:
61:f2:92:5b:ba:48:a4:70:9c:a3:c7:0d:30:10:23:ef:59:af:
c6:79:59:fc:e5:a4:5a:a7:9d:7a:95:06:04:14:d2:e7:45:74:
aa:41:bd:95:f8:7f:cf:5a:d2:6e:99:74:c2:ea:0c:07:6b:cb:
fd:0f:1d:78:ff:62:c8:34:a6:b6:e1:ef:d3:25:5d:9e:a4:6e:
e3:13:56:14:80:21:e0:d9:13:6b:0e:c3:25:fb:a6:b1:2a:46:
a9:08:21:5c:b1:44:3b:38:31:73:8b:17:61:ff:57:ec:2c:f9:
a0:a2:a8:cc:26:85:32:af:d2:ab:8b:d6:f1:68:05:47:ec:c5:
04:ba:83:91:89:ad:5d:44:8c:51:b6:fa:8b:b7:2e:30:63:ae:
90:97:5c:d5:6f:4b:cd:e4:a3:73:a9:c8:8a:6d:0d:8a:b2:d0:
61:73:46:31:c8:61:46:72:d1:34:83:a4:6c:61:a5:cd:49:65:
5a:5d:a8:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMuzTnqIa3GCzWnxBe43G50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTExMjMwNTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE1NzJlZTY4ZmI4YjRmZTg4YWFjMGVjNTUwNTcyMzEwYzNmMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilYLbpk1nV37vT73f1wZWEBdAaSk
eDUhy9QkNoOygVXnrCzbHL9IgShMkltXqSPx+S3S8zJiC8v2CzfqdEoE/Hbta3kj
KZE5MKLqqoONZewLz7tNppLVLWe8gu7vrspJRnrbaP/LTbpaKH3Pb/m5sqX3fxFj
GS79IzLDyH6DGTKI0Ir/oSO5f1uAmcaoKwg+Rpdfm+9EM4vdAKEKCTUZdVovalFZ
9nyW19p+9fI1NBqmphnsPb7lGnV/I2l5S3AXR8743LR3hPel4muGfAU86oZErWsE
LssxwAaYf0gTql8hSBghpllvaXiD4LDYbE4O6Ik4qf7ILqzZUV0Vj7A4BwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMoVcu5o+4tP6IqsDsVQVyMQw/ALMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWhWeTdtajdpMF9vaXF3T3hWQlhJeEREOEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG4LL89n/LkEM+diEYA5
INqOia4kbEocOXnn3mBJOs9bQs9y4up4JsFfjj8PQEZdZqfA+ubejNGIsIEkjaAL
LlEkiCiyBb5SaGHyklu6SKRwnKPHDTAQI+9Zr8Z5WfzlpFqnnXqVBgQU0udFdKpB
vZX4f89a0m6ZdMLqDAdry/0PHXj/Ysg0prbh79MlXZ6kbuMTVhSAIeDZE2sOwyX7
prEqRqkIIVyxRDs4MXOLF2H/V+ws+aCiqMwmhTKv0quL1vFoBUfsxQS6g5GJrV1E
jFG2+ou3LjBjrpCXXNVvS83ko3OpyIptDYqy0GFzRjHIYUZy0TSDpGxhpc1JZVpd
qHQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:48 2025 by rpki-client