Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yl5V1GOU7sKeLM3yg1ggOttDorc.roa
File: yl5V1GOU7sKeLM3yg1ggOttDorc.roa (raw, json)
Hash identifier: arnb5FmARTbGcAwvuc50qgyTqHV0aiLlsinupY3d/xo=
Subject key identifier: CA:5E:55:D4:63:94:EE:C2:9E:2C:CD:F2:83:58:20:3A:DB:43:A2:B7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869A451C54299F9A2D06FB94DB78AAD4DC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yl5V1GOU7sKeLM3yg1ggOttDorc.roa
Signing time: Tue 28 Feb 2023 23:04:25 +0000
ROA not before: Tue 28 Feb 2023 23:04:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:9a44:e8d1/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9a:45:1c:54:29:9f:9a:2d:06:fb:94:db:78:aa:d4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 23:04:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca5e55d46394eec29e2ccdf28358203adb43a2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:74:36:2a:d2:da:92:ce:14:dc:e7:65:24:9e:
92:ee:be:a1:a2:5c:11:56:df:1a:5b:12:1b:ea:11:
6c:bd:4e:ab:76:c0:01:cd:61:85:f2:30:14:06:b9:
90:ee:57:19:3e:3f:d5:7e:da:ac:80:e8:e5:3b:88:
f3:87:2c:15:4f:51:cc:db:59:9f:89:7c:d0:57:b9:
79:56:b1:e4:03:f8:67:0d:1b:24:2a:0a:94:a9:f3:
38:ad:01:56:14:2d:4c:14:b6:82:29:6c:9e:ef:d9:
56:35:a8:2b:25:39:69:a5:c7:7c:aa:29:3e:b1:1a:
4a:14:22:ec:bb:9a:42:85:13:de:35:31:bd:60:ec:
87:98:de:eb:35:f0:e2:48:1f:4f:da:6d:f9:92:84:
0e:67:82:d5:46:e2:c4:57:00:85:45:9e:34:7a:5c:
d4:40:24:62:ef:04:c1:4d:2e:02:1a:cd:55:ae:67:
c4:c4:ad:2d:3d:cc:07:40:53:95:7f:bf:b8:d0:10:
05:21:fc:ae:d2:d8:23:cd:df:2e:9d:af:7f:9c:76:
58:a7:fa:25:1a:c4:89:d0:4a:a0:d9:6a:2d:1b:99:
3b:7c:ca:20:b2:97:9b:4f:a3:d0:4a:7e:1e:43:bc:
c3:59:d8:47:99:ba:b4:cf:cb:9e:39:31:38:7d:ef:
fd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:5E:55:D4:63:94:EE:C2:9E:2C:CD:F2:83:58:20:3A:DB:43:A2:B7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yl5V1GOU7sKeLM3yg1ggOttDorc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:21:6d:51:4b:58:4a:5a:96:67:3a:f9:d7:9f:19:e7:ad:b8:
9f:57:3c:7f:a8:f3:d6:36:2e:13:8e:08:b1:d6:ba:f2:8d:46:
d0:b5:fb:50:a1:6d:c2:3c:eb:01:c8:f0:ab:8d:1e:15:47:06:
f5:61:b6:97:38:c2:3d:ca:d1:31:ee:c5:1e:e3:b1:7c:99:e1:
43:6b:7f:8a:2c:8e:13:7e:68:e1:de:c1:c8:ab:ee:cc:5c:35:
c1:5c:dd:99:2f:b3:7b:94:47:a7:41:07:06:64:38:cb:9e:27:
92:0e:c5:5d:9d:6f:de:8d:8f:d4:6e:e4:a5:9f:eb:01:40:87:
4f:e3:6e:fd:4f:c8:bf:ae:e8:d1:d9:51:68:60:9c:50:b8:af:
fb:b0:d7:34:50:d2:58:20:07:a9:fe:2a:ea:2e:0a:42:52:65:
3d:de:c9:43:95:74:4f:bc:47:79:18:8f:9a:56:ff:ff:b1:81:
42:40:55:17:76:ab:79:6d:0a:a5:cd:a3:af:6e:0d:70:e8:8a:
5a:07:40:f4:41:c1:82:5a:4d:e7:d1:57:bd:40:80:0d:c7:38:
ed:96:14:d3:a3:a1:93:aa:e2:15:e8:33:20:54:65:6d:96:fc:
59:df:7a:ec:05:33:95:16:87:bc:18:a6:32:79:03:4b:48:92:
fe:95:e7:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaaRRxUKZ+aLQb7lNt4qtTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MjMwNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTVlNTVkNDYzOTRlZWMyOWUyY2NkZjI4MzU4MjAzYWRiNDNhMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3Q2KtLaks4U3OdlJJ6S7r6holwR
Vt8aWxIb6hFsvU6rdsABzWGF8jAUBrmQ7lcZPj/VftqsgOjlO4jzhywVT1HM21mf
iXzQV7l5VrHkA/hnDRskKgqUqfM4rQFWFC1MFLaCKWye79lWNagrJTlppcd8qik+
sRpKFCLsu5pChRPeNTG9YOyHmN7rNfDiSB9P2m35koQOZ4LVRuLEVwCFRZ40elzU
QCRi7wTBTS4CGs1VrmfExK0tPcwHQFOVf7+40BAFIfyu0tgjzd8una9/nHZYp/ol
GsSJ0Eqg2WotG5k7fMogspebT6PQSn4eQ7zDWdhHmbq0z8ueOTE4fe/9TQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMpeVdRjlO7CnizN8oNYIDrbQ6K3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWw1VjFHT1U3c0tlTE0zeWcxZ2dPdHREb3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFohbVFLWEpalmc6+def
GeetuJ9XPH+o89Y2LhOOCLHWuvKNRtC1+1ChbcI86wHI8KuNHhVHBvVhtpc4wj3K
0THuxR7jsXyZ4UNrf4osjhN+aOHewcir7sxcNcFc3Zkvs3uUR6dBBwZkOMueJ5IO
xV2db96Nj9Ru5KWf6wFAh0/jbv1PyL+u6NHZUWhgnFC4r/uw1zRQ0lggB6n+Kuou
CkJSZT3eyUOVdE+8R3kYj5pW//+xgUJAVRd2q3ltCqXNo69uDXDoiloHQPRBwYJa
TefRV71AgA3HOO2WFNOjoZOq4hXoMyBUZW2W/FnfeuwFM5UWh7wYpjJ5A0tIkv6V
558=
-----END CERTIFICATE-----
Generated at Sat May 3 00:21:27 2025 by rpki-client