Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vymzL9sawUeS7kHqpypVNzm7I7s.roa
File: vymzL9sawUeS7kHqpypVNzm7I7s.roa (raw, json)
Hash identifier: QDf11M04ELRDroR47N3GLuRx/pBiijTx0Dmuqp7TjGI=
Subject key identifier: BF:29:B3:2F:DB:1A:C1:47:92:EE:41:EA:A7:2A:55:37:39:BB:23:BB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851768134CF2E26FF7520DB8CC5F5CF47B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vymzL9sawUeS7kHqpypVNzm7I7s.roa
Signing time: Thu 15 Dec 2022 20:09:34 +0000
ROA not before: Thu 15 Dec 2022 20:09:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:17:68:13:4c:f2:e2:6f:f7:52:0d:b8:cc:5f:5c:f4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 15 20:09:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf29b32fdb1ac14792ee41eaa72a553739bb23bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:fc:c7:06:33:2d:42:71:07:0a:9e:9e:ef:
be:64:2e:6c:fe:33:0e:8d:41:a8:70:ea:f0:bf:0f:
8c:dc:6f:67:4b:31:7c:90:fd:ac:73:20:fe:38:26:
83:aa:38:f6:84:15:71:1c:66:9b:19:da:23:02:20:
e1:b8:0d:8d:e3:3b:1d:c6:4c:87:d6:85:a0:b2:f2:
e5:12:e0:b0:3a:6b:ec:4e:ba:06:ae:8d:35:1d:3a:
3d:2d:13:3e:a2:81:be:31:2f:10:64:44:7a:b4:71:
30:14:43:a5:21:ea:b1:4f:10:1b:9d:15:2f:ca:94:
88:41:99:fa:87:86:ef:36:81:a3:86:85:70:f0:61:
42:98:b4:8a:c1:39:51:72:be:41:65:e4:83:c7:ad:
b6:e2:02:7a:b7:90:e5:11:41:11:2d:d1:f2:2d:1d:
f5:ab:81:6c:04:e1:0b:ca:40:ee:a3:88:1d:c0:31:
82:a6:82:8d:1f:1c:86:6d:5d:c2:0b:3a:30:b8:27:
f5:8a:3e:06:9c:4e:bd:ac:8c:1f:aa:fc:dc:5c:d7:
3d:04:5a:5c:ef:20:c6:a2:da:34:12:09:ff:67:b3:
d9:0d:cc:23:bc:5b:28:52:21:a9:1b:a4:16:78:fe:
6b:a6:55:37:ee:0d:1f:36:73:ac:99:42:7f:08:1a:
b8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:29:B3:2F:DB:1A:C1:47:92:EE:41:EA:A7:2A:55:37:39:BB:23:BB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vymzL9sawUeS7kHqpypVNzm7I7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:56:ab:c2:f6:ff:50:53:4a:bb:0f:6c:91:4b:32:dc:ba:e8:
ae:2b:62:33:99:55:77:45:9b:be:24:ee:97:f5:25:7a:45:d2:
ea:6b:1f:42:8b:a8:22:f5:56:1d:da:fe:ef:d9:3b:47:3a:25:
3f:4b:45:d1:09:87:c1:8e:56:d0:f2:3c:73:c0:a8:3d:83:bb:
71:2f:7e:bc:07:de:a7:bc:95:8b:6b:be:65:bf:60:5b:d7:bf:
58:b0:dd:fd:0f:a2:4e:ce:ae:6a:24:76:8e:d6:67:b8:a6:b4:
f9:1e:dd:1b:62:5e:8b:d9:68:d9:84:58:2c:42:ba:9d:6e:4b:
86:23:1e:e2:f0:9c:b4:b3:5e:8c:d9:f8:25:95:c0:10:54:45:
fa:b6:3f:c6:65:a4:f7:a3:73:6b:50:f9:a1:9d:f9:ad:51:9c:
e6:8b:e2:d4:94:c9:84:21:85:f3:0e:f8:bf:ca:16:96:4c:51:
29:6c:bc:bf:2f:7a:11:e6:03:02:49:36:8a:3b:32:db:3b:7e:
cc:f4:a0:b0:9e:c6:af:59:bb:62:2c:2c:bf:f6:f8:b2:75:e7:
f1:da:0e:71:8e:5d:50:0e:76:99:99:f2:44:a7:1e:ad:5f:57:
70:6d:0e:ed:28:b1:bb:86:69:04:d6:81:15:17:2c:07:2c:78:
62:61:62:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUXaBNM8uJv91INuMxfXPR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE1MjAwOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjI5YjMyZmRiMWFjMTQ3OTJlZTQxZWFhNzJhNTUzNzM5YmIyM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSz8xwYzLUJxBwqenu++ZC5s/jMO
jUGocOrwvw+M3G9nSzF8kP2scyD+OCaDqjj2hBVxHGabGdojAiDhuA2N4zsdxkyH
1oWgsvLlEuCwOmvsTroGro01HTo9LRM+ooG+MS8QZER6tHEwFEOlIeqxTxAbnRUv
ypSIQZn6h4bvNoGjhoVw8GFCmLSKwTlRcr5BZeSDx6224gJ6t5DlEUERLdHyLR31
q4FsBOELykDuo4gdwDGCpoKNHxyGbV3CCzowuCf1ij4GnE69rIwfqvzcXNc9BFpc
7yDGoto0Egn/Z7PZDcwjvFsoUiGpG6QWeP5rplU37g0fNnOsmUJ/CBq4PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL8psy/bGsFHku5B6qcqVTc5uyO7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdnltekw5c2F3VWVTN2tIcXB5cFZOem03STdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFZWq8L2/1BTSrsPbJFL
Mty66K4rYjOZVXdFm74k7pf1JXpF0uprH0KLqCL1Vh3a/u/ZO0c6JT9LRdEJh8GO
VtDyPHPAqD2Du3EvfrwH3qe8lYtrvmW/YFvXv1iw3f0Pok7Ormokdo7WZ7imtPke
3RtiXovZaNmEWCxCup1uS4YjHuLwnLSzXozZ+CWVwBBURfq2P8ZlpPejc2tQ+aGd
+a1RnOaL4tSUyYQhhfMO+L/KFpZMUSlsvL8vehHmAwJJNoo7Mts7fsz0oLCexq9Z
u2IsLL/2+LJ15/HaDnGOXVAOdpmZ8kSnHq1fV3BtDu0osbuGaQTWgRUXLAcseGJh
Yt8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:15:45 2025 by rpki-client