Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ys2ra5Lfg7TlSfyyyzxL_FStn-I.roa
File: ys2ra5Lfg7TlSfyyyzxL_FStn-I.roa (raw, json)
Hash identifier: kmdzJwEq+f8QHdkIJ3qdBlPEFqIoO1JEqDynVqdqyXY=
Subject key identifier: CA:CD:AB:6B:92:DF:83:B4:E5:49:FC:B2:CB:3C:4B:FC:54:AD:9F:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189AA55588DF3C3E2A528B263DBE0C488A6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ys2ra5Lfg7TlSfyyyzxL_FStn-I.roa
Signing time: Mon 31 Jul 2023 05:04:27 +0000
ROA not before: Mon 31 Jul 2023 05:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:aa55:4c1b/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:aa:55:58:8d:f3:c3:e2:a5:28:b2:63:db:e0:c4:88:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 05:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cacdab6b92df83b4e549fcb2cb3c4bfc54ad9fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:21:3c:02:a1:28:8d:d9:00:b0:dd:78:4a:
c5:23:e3:32:63:b1:9d:ad:3c:56:fe:3a:04:f0:59:
8d:20:9f:f0:63:87:ff:c4:68:9e:17:51:cb:5d:4b:
3c:2a:13:6f:e3:ce:0c:e1:7b:cd:ff:8f:26:b0:c4:
1d:a8:63:76:29:64:d1:f0:85:52:de:67:bd:11:07:
56:50:29:bf:65:2c:68:92:28:ab:3e:2c:fc:30:b7:
21:a6:2e:1c:b7:bb:43:a5:68:22:a3:64:3f:a8:68:
b2:dd:3f:0d:81:53:7c:ca:6e:23:c7:fa:d6:93:3d:
64:14:93:2b:55:b4:b3:29:aa:b6:f6:03:c8:23:90:
88:21:8b:ef:09:49:11:ec:d4:2d:0a:c7:7a:39:82:
37:6c:5b:98:3a:c7:82:a2:7e:9b:e6:b4:96:b6:76:
db:90:d3:89:d0:e5:ba:5d:83:55:53:63:59:de:87:
24:b1:8b:e7:13:83:8c:f5:9e:e9:57:66:93:b2:c3:
10:de:e4:2a:a8:c1:14:9e:67:f6:2f:04:05:9c:33:
4a:bc:53:6e:50:d3:6b:35:06:6e:ad:04:3d:eb:a5:
40:d3:1f:9e:d7:97:37:d6:6f:4f:9e:73:9b:f7:a6:
b5:eb:f6:52:c8:a6:1c:f3:40:37:f6:1e:e4:3f:34:
67:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CD:AB:6B:92:DF:83:B4:E5:49:FC:B2:CB:3C:4B:FC:54:AD:9F:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ys2ra5Lfg7TlSfyyyzxL_FStn-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:a9:3d:c3:8f:bf:bb:90:05:34:05:89:f2:ed:e9:7b:ba:de:
c9:84:33:5c:ce:5d:53:4f:b3:85:84:b9:31:76:2a:50:32:f2:
df:4f:18:96:35:50:a7:e6:78:a2:9a:18:6f:54:2b:f9:34:e2:
32:5f:dc:33:66:b7:cb:59:df:dc:3c:f7:de:af:57:30:0f:26:
0e:f2:b8:1a:5e:f4:0a:40:e7:a9:d6:eb:4a:c0:a6:fd:93:ee:
c6:38:79:59:c3:6f:09:8d:ad:63:08:58:8b:ea:fa:ec:c8:99:
39:bc:c2:4a:ba:84:96:b0:e3:03:f5:e8:27:5f:a8:e7:66:03:
20:5b:66:45:17:c5:0e:30:84:4a:12:5c:48:02:50:3a:71:8c:
68:c8:ba:54:c1:fe:f8:ee:6d:1d:db:23:ce:fe:4f:f8:bd:80:
25:53:93:b0:2f:39:48:15:77:3d:15:c9:4c:38:f4:eb:b3:a8:
49:97:14:54:e7:7a:a3:62:e1:c1:f6:1b:6e:8d:f5:30:7d:e8:
96:2a:27:2b:62:8f:b2:d2:3b:e1:e5:59:d8:2b:c1:67:26:04:
9f:e4:80:f0:ca:2a:05:1a:3e:73:13:85:5d:5d:0a:3c:26:2d:
c0:39:b3:e3:a8:53:8f:72:87:7b:a0:de:23:22:05:9b:4d:92:
77:07:e9:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmqVViN88PipSiyY9vgxIimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMDUwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNkYWI2YjkyZGY4M2I0ZTU0OWZjYjJjYjNjNGJmYzU0YWQ5ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufkhPAKhKI3ZALDdeErFI+MyY7Gd
rTxW/joE8FmNIJ/wY4f/xGieF1HLXUs8KhNv484M4XvN/48msMQdqGN2KWTR8IVS
3me9EQdWUCm/ZSxokiirPiz8MLchpi4ct7tDpWgio2Q/qGiy3T8NgVN8ym4jx/rW
kz1kFJMrVbSzKaq29gPII5CIIYvvCUkR7NQtCsd6OYI3bFuYOseCon6b5rSWtnbb
kNOJ0OW6XYNVU2NZ3ocksYvnE4OM9Z7pV2aTssMQ3uQqqMEUnmf2LwQFnDNKvFNu
UNNrNQZurQQ966VA0x+e15c31m9PnnOb96a16/ZSyKYc80A39h7kPzRn4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMrNq2uS34O05Un8sss8S/xUrZ/iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveXMycmE1TGZnN1RsU2Z5eXl6eExfRlN0bi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ6pPcOPv7uQBTQFifLt
6Xu63smEM1zOXVNPs4WEuTF2KlAy8t9PGJY1UKfmeKKaGG9UK/k04jJf3DNmt8tZ
39w8996vVzAPJg7yuBpe9ApA56nW60rApv2T7sY4eVnDbwmNrWMIWIvq+uzImTm8
wkq6hJaw4wP16CdfqOdmAyBbZkUXxQ4whEoSXEgCUDpxjGjIulTB/vjubR3bI87+
T/i9gCVTk7AvOUgVdz0VyUw49OuzqEmXFFTneqNi4cH2G26N9TB96JYqJytij7LS
O+HlWdgrwWcmBJ/kgPDKKgUaPnMThV1dCjwmLcA5s+OoU49yh3ug3iMiBZtNkncH
6ZQ=
-----END CERTIFICATE-----
Generated at Thu May 1 12:52:45 2025 by rpki-client