Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3-y5n5VnToROHrIqeBIN-jxZSxg.roa
File: 3-y5n5VnToROHrIqeBIN-jxZSxg.roa (raw, json)
Hash identifier: 5CMzhooOWYk/7HWS4Xn8TBXYl56s6/BWVESXOSAPCUU=
Subject key identifier: DF:EC:B9:9F:95:67:4E:84:4E:1E:B2:2A:78:12:0D:FA:3C:59:4B:18
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01879CDC98E238F4330CE6AE801318A45CEA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3-y5n5VnToROHrIqeBIN-jxZSxg.roa
Signing time: Thu 20 Apr 2023 04:11:55 +0000
ROA not before: Thu 20 Apr 2023 04:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9c:dc:98:e2:38:f4:33:0c:e6:ae:80:13:18:a4:5c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 20 04:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfecb99f95674e844e1eb22a78120dfa3c594b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b1:28:93:37:de:17:32:16:db:08:ed:87:7c:
b4:c4:88:d5:09:1e:6e:73:18:6e:22:a1:ce:63:d6:
f7:4b:73:e8:c5:70:41:b4:77:11:e4:11:4a:25:b4:
f1:18:3b:97:67:fe:f3:05:a7:d6:d2:b9:14:00:cf:
47:d1:a7:dd:e1:b8:38:09:2f:8c:4e:37:29:69:23:
76:2f:21:44:1c:62:b3:35:bb:fb:5f:27:34:dc:b8:
c7:cf:ca:00:3b:95:ec:c3:d2:af:6f:15:9e:ec:78:
94:cf:65:46:1a:dc:c8:8a:79:3c:ea:bd:9f:ae:8a:
30:4c:9e:63:80:78:d4:46:64:4f:ba:86:77:ce:7d:
bf:f3:17:95:b8:19:70:a5:a8:64:31:c1:7d:8b:d6:
c1:57:1e:e6:ae:98:eb:c4:c0:36:95:88:09:94:d7:
01:11:22:de:f1:9f:9e:87:e9:c2:78:76:e6:f8:e4:
6c:04:fc:8c:31:0a:39:42:a2:f1:d4:c5:e9:31:f5:
17:86:b2:56:35:6a:40:0c:d8:7a:cd:51:49:5f:7e:
a4:bf:96:de:16:1b:49:f3:21:d6:e2:09:40:d9:45:
c6:44:ad:18:c8:40:33:1b:74:f2:4a:da:75:37:e7:
a0:46:9a:c7:2f:1b:5d:27:aa:ea:e9:7f:5f:f0:47:
3c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EC:B9:9F:95:67:4E:84:4E:1E:B2:2A:78:12:0D:FA:3C:59:4B:18
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3-y5n5VnToROHrIqeBIN-jxZSxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:17:29:08:08:20:c7:dd:19:c7:36:80:57:55:4e:91:b9:0c:
39:2d:44:6b:6a:eb:d0:b4:dd:36:8d:3a:07:ed:ae:ec:a8:bd:
c3:1c:d9:58:e7:fa:11:f9:ec:d0:55:df:2a:c6:20:c0:85:06:
e0:45:e1:bd:e2:4b:dc:6a:f5:6f:3f:57:8d:93:22:87:c2:1f:
44:8c:18:17:8a:c7:fe:4f:f9:9d:9e:ce:3a:c8:b5:36:02:83:
fd:69:ed:36:4f:40:33:c2:59:9e:57:5a:ae:64:ee:90:ff:f5:
49:d8:12:87:18:2d:e2:98:47:4d:cd:cb:41:91:3b:43:28:30:
0c:af:84:19:3b:6a:ff:0f:8d:d2:ec:6f:4b:9b:f5:57:a4:4b:
9a:07:91:dc:26:93:ac:dd:3d:bc:dd:56:0b:59:1b:79:57:a9:
fa:04:13:b4:33:e5:8e:61:31:aa:aa:63:20:95:8c:b5:fb:d8:
8a:11:c2:ef:ad:0e:d5:b4:11:52:7b:24:73:93:f4:b9:32:5d:
0d:3c:f0:02:ad:d7:92:cc:09:de:b9:5c:33:94:a9:c3:a7:7d:
5b:06:5d:25:f5:15:a7:45:7a:96:33:ec:1f:ad:be:99:92:da:
aa:76:78:31:c2:d0:1c:25:c9:ca:7a:88:80:ce:59:23:3d:b9:
ab:58:11:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYec3JjiOPQzDOaugBMYpFzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDIwMDQxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVjYjk5Zjk1Njc0ZTg0NGUxZWIyMmE3ODEyMGRmYTNjNTk0YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbEokzfeFzIW2wjth3y0xIjVCR5u
cxhuIqHOY9b3S3PoxXBBtHcR5BFKJbTxGDuXZ/7zBafW0rkUAM9H0afd4bg4CS+M
TjcpaSN2LyFEHGKzNbv7Xyc03LjHz8oAO5Xsw9KvbxWe7HiUz2VGGtzIink86r2f
roowTJ5jgHjURmRPuoZ3zn2/8xeVuBlwpahkMcF9i9bBVx7mrpjrxMA2lYgJlNcB
ESLe8Z+eh+nCeHbm+ORsBPyMMQo5QqLx1MXpMfUXhrJWNWpADNh6zVFJX36kv5be
FhtJ8yHW4glA2UXGRK0YyEAzG3TyStp1N+egRprHLxtdJ6rq6X9f8Ec8BQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN/suZ+VZ06ETh6yKngSDfo8WUsYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMy15NW41Vm5Ub1JPSHJJcWVCSU4tanhaU3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABwXKQgIIMfdGcc2gFdV
TpG5DDktRGtq69C03TaNOgftruyovcMc2Vjn+hH57NBV3yrGIMCFBuBF4b3iS9xq
9W8/V42TIofCH0SMGBeKx/5P+Z2ezjrItTYCg/1p7TZPQDPCWZ5XWq5k7pD/9UnY
EocYLeKYR03Ny0GRO0MoMAyvhBk7av8PjdLsb0ub9VekS5oHkdwmk6zdPbzdVgtZ
G3lXqfoEE7Qz5Y5hMaqqYyCVjLX72IoRwu+tDtW0EVJ7JHOT9LkyXQ088AKt15LM
Cd65XDOUqcOnfVsGXSX1FadFepYz7B+tvpmS2qp2eDHC0Bwlycp6iIDOWSM9uatY
EcQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:19:34 2025 by rpki-client