Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ylbsn-Lded0C65oG9XJk_2_fqIo.roa
File: ylbsn-Lded0C65oG9XJk_2_fqIo.roa (raw, json)
Hash identifier: A5Qh4b1GBowVz4NtJFGQWFQynlVbJiullAPYnp8E2JA=
Subject key identifier: CA:56:EC:9F:E2:DD:79:DD:02:EB:9A:06:F5:72:64:FF:6F:DF:A8:8A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857E62CB884BCE82181A5B17BCC817C326
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ylbsn-Lded0C65oG9XJk_2_fqIo.roa
Signing time: Wed 04 Jan 2023 20:04:41 +0000
ROA not before: Wed 04 Jan 2023 20:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:7e62:4fb3/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7e:62:cb:88:4b:ce:82:18:1a:5b:17:bc:c8:17:c3:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 4 20:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca56ec9fe2dd79dd02eb9a06f57264ff6fdfa88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:86:42:aa:35:b6:aa:f7:57:2b:de:b2:dd:
12:74:9c:fb:6f:2a:0a:52:96:a9:5c:cc:4b:c6:53:
54:ff:26:b8:ba:08:33:53:f9:8d:d3:e5:a1:6d:08:
79:90:3a:c6:46:9a:90:ec:28:e5:ff:66:88:44:51:
20:15:f5:f8:0c:69:fa:9d:c1:a0:71:bf:c8:bf:2a:
d9:48:56:0f:00:3c:f4:75:7c:a4:99:b4:5a:79:0f:
fb:57:79:8b:e5:bd:d3:fe:4e:4b:d2:f9:f7:dc:9c:
cf:65:9a:b7:78:93:ef:cc:65:0c:b3:6b:2c:72:7e:
49:b1:c0:92:eb:f1:91:24:91:c7:97:3e:c4:6e:1a:
35:8a:c0:d4:05:34:f0:de:39:ee:24:5c:bd:e5:0a:
23:a1:d7:dc:a9:c7:20:55:1d:c4:8f:29:63:6f:42:
1c:10:dd:53:59:c8:81:2e:52:13:de:ea:dd:ba:67:
99:c7:eb:12:97:b6:99:64:2d:5c:57:d4:9c:11:f3:
d3:c6:b1:ce:63:97:cd:4f:73:ad:a7:52:e8:77:d9:
09:ce:1a:8f:56:d8:03:eb:f8:07:9b:14:8a:f8:f6:
c5:5f:05:9c:f4:11:12:6a:ff:72:8a:15:2c:6f:7c:
5b:ba:9a:8f:97:9c:98:a6:5b:b6:55:43:c0:b0:8a:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:56:EC:9F:E2:DD:79:DD:02:EB:9A:06:F5:72:64:FF:6F:DF:A8:8A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ylbsn-Lded0C65oG9XJk_2_fqIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:df:1e:ab:35:46:60:58:b3:0f:84:70:99:32:82:98:b1:f7:
c6:16:af:fe:a1:5f:2e:92:d1:02:0b:19:77:1a:39:fa:7a:74:
b4:28:ac:c2:c6:48:bf:6d:db:9a:0b:4f:63:e0:50:33:9e:36:
ea:2c:82:8a:a1:f0:f8:73:fe:b6:3f:6e:c1:e2:29:3b:c0:86:
51:45:8a:ad:ca:a6:61:b0:7f:30:56:93:55:ce:bf:63:61:ea:
1d:92:bf:f7:3b:ca:45:61:0c:c5:dc:d8:c1:14:b5:de:92:74:
fa:5e:ef:46:6c:50:b1:a7:fb:e3:a8:c6:db:7c:dd:b1:d0:c8:
ee:53:40:20:8f:55:62:32:9b:c2:f1:a1:e7:cf:f5:f5:69:9b:
99:16:2f:90:df:ac:bd:1a:57:8a:1b:68:f2:5f:17:b8:eb:d6:
c9:b7:fa:91:ca:2e:71:aa:68:d9:ea:3a:e1:96:9f:ba:81:88:
eb:a6:c3:50:5f:3f:e9:eb:73:a6:78:fa:43:6c:3a:87:ba:88:
28:9d:76:a9:87:ab:50:2c:d6:ad:38:7b:58:79:b1:a4:b9:91:
6c:50:6e:29:00:17:86:b1:30:71:ce:d7:f0:6a:bb:4a:fa:9b:
99:60:e4:95:43:7b:aa:97:8f:c4:bf:00:a8:62:52:a2:a3:73:
3f:97:69:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV+YsuIS86CGBpbF7zIF8MmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA0MjAwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTU2ZWM5ZmUyZGQ3OWRkMDJlYjlhMDZmNTcyNjRmZjZmZGZhODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthiGQqo1tqr3Vyvest0SdJz7byoK
UpapXMxLxlNU/ya4uggzU/mN0+WhbQh5kDrGRpqQ7Cjl/2aIRFEgFfX4DGn6ncGg
cb/IvyrZSFYPADz0dXykmbRaeQ/7V3mL5b3T/k5L0vn33JzPZZq3eJPvzGUMs2ss
cn5JscCS6/GRJJHHlz7Ebho1isDUBTTw3jnuJFy95QojodfcqccgVR3Ejyljb0Ic
EN1TWciBLlIT3urdumeZx+sSl7aZZC1cV9ScEfPTxrHOY5fNT3Otp1Lod9kJzhqP
VtgD6/gHmxSK+PbFXwWc9BESav9yihUsb3xbupqPl5yYplu2VUPAsIqh0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMpW7J/i3XndAuuaBvVyZP9v36iKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWxic24tTGRlZDBDNjVvRzlYSmtfMl9mcUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEPfHqs1RmBYsw+EcJky
gpix98YWr/6hXy6S0QILGXcaOfp6dLQorMLGSL9t25oLT2PgUDOeNuosgoqh8Phz
/rY/bsHiKTvAhlFFiq3KpmGwfzBWk1XOv2Nh6h2Sv/c7ykVhDMXc2MEUtd6SdPpe
70ZsULGn++Ooxtt83bHQyO5TQCCPVWIym8LxoefP9fVpm5kWL5DfrL0aV4obaPJf
F7jr1sm3+pHKLnGqaNnqOuGWn7qBiOumw1BfP+nrc6Z4+kNsOoe6iCiddqmHq1As
1q04e1h5saS5kWxQbikAF4axMHHO1/Bqu0r6m5lg5JVDe6qXj8S/AKhiUqKjcz+X
ad0=
-----END CERTIFICATE-----
Generated at Thu May 1 06:47:14 2025 by rpki-client