Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yjexVLtbvAScPwv1-yAFX9K4wxE.roa
File: yjexVLtbvAScPwv1-yAFX9K4wxE.roa (raw, json)
Hash identifier: Tq0Wo8v/Ba1uwsDrD7MmUnU0P10/n6y6sDS72aL9WjQ=
Subject key identifier: CA:37:B1:54:BB:5B:BC:04:9C:3F:0B:F5:FB:20:05:5F:D2:B8:C3:11
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186198C4A2995B650375B822935EEE26921
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yjexVLtbvAScPwv1-yAFX9K4wxE.roa
Signing time: Fri 03 Feb 2023 23:11:09 +0000
ROA not before: Fri 03 Feb 2023 23:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:19:8c:4a:29:95:b6:50:37:5b:82:29:35:ee:e2:69:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 3 23:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca37b154bb5bbc049c3f0bf5fb20055fd2b8c311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3b:98:28:65:5c:77:a3:a7:5f:36:24:a8:86:
a1:fc:59:02:26:2d:a0:9c:27:67:d6:2b:e1:71:f8:
d4:7b:c7:e0:cc:7b:14:01:cd:b8:1b:67:f3:ed:77:
28:82:f0:69:91:07:68:c5:dd:04:f0:60:4f:f2:06:
58:ae:b7:63:6a:db:16:23:31:fa:3d:18:fa:eb:e4:
ba:cd:de:b7:e3:37:88:70:07:90:ca:0c:f6:e5:29:
28:6e:09:c5:ab:57:db:13:fc:2d:b3:a0:e7:3a:39:
8c:92:b9:19:60:ce:45:79:f2:68:eb:13:74:8c:c1:
e9:72:ca:78:c3:c7:19:91:13:fb:3b:0a:8a:2c:d3:
f6:7b:08:ff:c3:fa:e9:13:08:c0:44:0b:db:1b:93:
cc:4a:17:71:f3:6d:13:a1:7a:23:dd:d5:fc:6a:96:
a6:aa:65:37:e5:58:7c:f2:62:58:ea:17:d6:16:19:
91:ad:af:e8:5a:26:f2:d3:8b:36:9d:7a:71:29:85:
ff:45:46:71:48:5d:e9:2d:01:a4:04:32:ad:50:54:
63:a8:ea:3b:60:8f:03:fe:d2:b8:7b:0e:52:9d:a4:
28:24:58:d9:5b:16:af:fb:a9:66:22:cf:74:b9:85:
69:0c:6c:d7:57:62:ff:fd:6d:d3:0a:d4:e8:f8:4c:
94:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:B1:54:BB:5B:BC:04:9C:3F:0B:F5:FB:20:05:5F:D2:B8:C3:11
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yjexVLtbvAScPwv1-yAFX9K4wxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:89:3a:f2:77:bc:16:1e:b3:ef:36:61:80:27:77:6f:95:f7:
b1:da:39:54:4f:fc:69:bf:ef:8e:66:2c:bc:91:67:ca:9d:b9:
ab:79:2a:fb:50:60:24:27:3d:e2:a8:c7:0d:05:1c:3c:3f:5d:
24:f6:c9:25:5d:92:c4:73:78:bf:5e:3d:86:b1:15:39:46:54:
61:95:66:08:cf:4a:29:b9:82:07:f0:53:08:a8:19:6b:bf:60:
c9:bc:cd:c2:04:05:85:d7:6f:f8:77:95:19:eb:05:d0:eb:c0:
80:cd:32:31:13:15:be:2d:8c:f1:4a:96:94:a3:35:9a:95:58:
88:d9:1b:e4:4e:66:d1:07:1f:26:a4:65:96:b3:db:db:92:95:
9b:18:03:5d:8f:b3:81:d3:bf:e9:b9:c6:21:ef:ef:d6:65:f9:
e1:d8:fb:4b:1c:6b:92:81:8e:9d:dd:fa:9c:28:41:43:b2:5d:
98:a9:a8:3f:97:2e:a5:89:1a:6a:e7:e3:6c:ee:53:68:a9:e0:
4b:a1:73:fc:de:31:5b:78:f8:4d:9e:a9:33:d7:bc:b6:6f:e7:
56:bd:26:33:af:b1:3d:ac:d2:e7:1f:7a:70:bd:f2:3b:62:e5:
aa:4a:47:46:a8:6c:ab:61:a0:e3:38:14:d1:63:23:0f:15:af:
7b:89:89:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYZjEoplbZQN1uCKTXu4mkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAzMjMxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM3YjE1NGJiNWJiYzA0OWMzZjBiZjVmYjIwMDU1ZmQyYjhjMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTuYKGVcd6OnXzYkqIah/FkCJi2g
nCdn1ivhcfjUe8fgzHsUAc24G2fz7XcogvBpkQdoxd0E8GBP8gZYrrdjatsWIzH6
PRj66+S6zd634zeIcAeQygz25SkobgnFq1fbE/wts6DnOjmMkrkZYM5FefJo6xN0
jMHpcsp4w8cZkRP7OwqKLNP2ewj/w/rpEwjARAvbG5PMShdx820ToXoj3dX8apam
qmU35Vh88mJY6hfWFhmRra/oWiby04s2nXpxKYX/RUZxSF3pLQGkBDKtUFRjqOo7
YI8D/tK4ew5SnaQoJFjZWxav+6lmIs90uYVpDGzXV2L//W3TCtTo+EyU2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMo3sVS7W7wEnD8L9fsgBV/SuMMRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWpleFZMdGJ2QVNjUHd2MS15QUZYOUs0d3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADGJOvJ3vBYes+82YYAn
d2+V97HaOVRP/Gm/745mLLyRZ8qduat5KvtQYCQnPeKoxw0FHDw/XST2ySVdksRz
eL9ePYaxFTlGVGGVZgjPSim5ggfwUwioGWu/YMm8zcIEBYXXb/h3lRnrBdDrwIDN
MjETFb4tjPFKlpSjNZqVWIjZG+ROZtEHHyakZZaz29uSlZsYA12Ps4HTv+m5xiHv
79Zl+eHY+0sca5KBjp3d+pwoQUOyXZipqD+XLqWJGmrn42zuU2ip4Euhc/zeMVt4
+E2eqTPXvLZv51a9JjOvsT2s0ucfenC98jti5apKR0aobKthoOM4FNFjIw8Vr3uJ
iUQ=
-----END CERTIFICATE-----
Generated at Thu May 1 08:29:13 2025 by rpki-client