Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CZYJri8eNFYORtybIYPaQXWrP68.roa
File: CZYJri8eNFYORtybIYPaQXWrP68.roa (raw, json)
Hash identifier: N8Qe6R5ShJAA4NKgbdGgekPxvENPo3UrE3x6vc6d0ac=
Subject key identifier: 09:96:09:AE:2F:1E:34:56:0E:46:DC:9B:21:83:DA:41:75:AB:3F:AF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018606DFFEEACFF483AA245A88E9D93BDD99
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CZYJri8eNFYORtybIYPaQXWrP68.roa
Signing time: Tue 31 Jan 2023 08:09:48 +0000
ROA not before: Tue 31 Jan 2023 08:09:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:06:df:fe:ea:cf:f4:83:aa:24:5a:88:e9:d9:3b:dd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 31 08:09:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=099609ae2f1e34560e46dc9b2183da4175ab3faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e3:62:5e:12:c4:1f:04:3c:db:d3:c9:fc:27:
6c:02:b1:36:e2:f2:2e:f8:54:83:da:b0:a3:3f:8c:
62:f0:b4:06:13:93:4a:6c:b3:ec:24:6e:73:1d:79:
bb:b6:5d:5d:25:1c:84:03:0e:18:41:61:61:9b:ab:
fe:d7:09:42:79:db:d8:13:cb:7c:59:c3:28:22:37:
58:46:21:fe:db:58:b8:e5:73:41:42:a7:da:51:4c:
f9:ff:8c:81:0d:1d:49:41:4f:90:c9:f9:e3:3b:91:
bc:7e:29:c4:a6:c3:49:3a:6c:c4:2f:ac:a8:10:77:
c9:6f:b5:3b:ba:d1:d4:ba:bf:9f:07:9b:2f:01:c1:
65:fc:13:1a:3f:d0:df:28:30:87:77:4e:ef:1d:e2:
59:09:be:16:80:60:56:40:40:f5:95:1f:c5:30:63:
de:08:36:73:ad:48:f6:0f:ea:0d:1c:57:a8:18:6a:
ef:49:4b:db:67:a6:69:77:5c:f8:79:89:71:62:c7:
20:d1:c3:84:01:54:b3:de:00:d0:e5:05:85:95:c3:
ea:29:a7:27:c3:ed:5f:6a:26:c8:78:b7:35:d4:85:
52:68:4a:34:08:96:bc:57:a7:2e:41:83:7f:b5:cf:
07:65:12:2d:d4:c6:5b:42:3e:ad:94:bb:8a:72:cd:
9e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:96:09:AE:2F:1E:34:56:0E:46:DC:9B:21:83:DA:41:75:AB:3F:AF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CZYJri8eNFYORtybIYPaQXWrP68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:a7:4f:75:11:1b:2c:fd:dc:1f:90:68:5a:8f:f3:ee:5b:d6:
5d:4f:32:71:7d:cc:55:c2:12:e6:15:99:80:05:b3:3b:d6:e9:
00:7a:34:e4:4e:37:f7:12:67:39:c7:36:03:75:bc:90:53:c8:
88:b7:f1:1a:fd:79:bc:a1:e3:31:e2:16:ff:28:df:58:7e:4f:
d6:74:74:38:30:0e:16:be:2f:72:94:35:07:c3:99:16:28:b4:
7f:9d:87:69:d8:0b:aa:d6:0c:5d:ce:6c:a6:80:4c:8c:1e:a2:
a9:1a:dd:3b:fe:8e:c5:27:0c:e1:fc:c3:ca:02:87:6d:39:50:
bb:1c:ca:1d:23:a9:f0:2b:8b:fa:54:ac:ac:6b:a9:05:ae:f9:
b4:ed:aa:f0:64:0c:b5:a6:ad:cd:c3:89:cb:1b:ac:d2:f0:d8:
79:20:aa:dd:2c:0d:f0:df:7c:df:99:cd:85:4a:d5:c5:ad:e7:
58:6a:61:b0:53:bf:53:b8:18:6e:f2:7c:11:5e:8c:cd:1d:f5:
32:a8:ee:b7:45:53:08:b6:1d:37:60:40:cd:d9:c2:7c:52:d3:
33:70:ca:78:6c:45:5e:4f:63:b3:dd:eb:d3:28:32:8b:f9:30:
28:b8:0b:b0:57:bb:9a:dd:30:33:09:b0:7b:cf:c1:ee:dc:18:
7b:bb:87:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYG3/7qz/SDqiRaiOnZO92ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTMxMDgwOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk2MDlhZTJmMWUzNDU2MGU0NmRjOWIyMTgzZGE0MTc1YWIzZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouNiXhLEHwQ829PJ/CdsArE24vIu
+FSD2rCjP4xi8LQGE5NKbLPsJG5zHXm7tl1dJRyEAw4YQWFhm6v+1wlCedvYE8t8
WcMoIjdYRiH+21i45XNBQqfaUUz5/4yBDR1JQU+QyfnjO5G8finEpsNJOmzEL6yo
EHfJb7U7utHUur+fB5svAcFl/BMaP9DfKDCHd07vHeJZCb4WgGBWQED1lR/FMGPe
CDZzrUj2D+oNHFeoGGrvSUvbZ6Zpd1z4eYlxYscg0cOEAVSz3gDQ5QWFlcPqKacn
w+1faibIeLc11IVSaEo0CJa8V6cuQYN/tc8HZRIt1MZbQj6tlLuKcs2e2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAmWCa4vHjRWDkbcmyGD2kF1qz+vMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQ1pZSnJpOGVORllPUnR5YklZUGFRWFdyUDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEGnT3URGyz93B+QaFqP
8+5b1l1PMnF9zFXCEuYVmYAFszvW6QB6NORON/cSZznHNgN1vJBTyIi38Rr9ebyh
4zHiFv8o31h+T9Z0dDgwDha+L3KUNQfDmRYotH+dh2nYC6rWDF3ObKaATIweoqka
3Tv+jsUnDOH8w8oCh205ULscyh0jqfAri/pUrKxrqQWu+bTtqvBkDLWmrc3Dicsb
rNLw2Hkgqt0sDfDffN+ZzYVK1cWt51hqYbBTv1O4GG7yfBFejM0d9TKo7rdFUwi2
HTdgQM3ZwnxS0zNwynhsRV5PY7Pd69MoMov5MCi4C7BXu5rdMDMJsHvPwe7cGHu7
h6U=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:16:23 2025 by rpki-client