
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/y4fZcuXu9qATFf84Z-M92z5HBf4.roa
File: y4fZcuXu9qATFf84Z-M92z5HBf4.roa (raw, json)
Hash identifier: HVfDOA2Du319u9MjvsCMqnQScoVgzKncU+DbtD8VnK0=
Subject key identifier: CB:87:D9:72:E5:EE:F6:A0:13:15:FF:38:67:E3:3D:DB:3E:47:05:FE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01872E28F7093052003B00313E62BAFFF566
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/y4fZcuXu9qATFf84Z-M92z5HBf4.roa
Signing time: Wed 29 Mar 2023 16:17:29 +0000
ROA not before: Wed 29 Mar 2023 16:17:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2e:28:f7:09:30:52:00:3b:00:31:3e:62:ba:ff:f5:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 29 16:17:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb87d972e5eef6a01315ff3867e33ddb3e4705fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:51:79:b5:b8:58:14:bc:ff:4a:14:e8:5b:
c2:a0:a6:84:99:06:41:17:96:1b:b5:a3:26:1f:f8:
2c:45:8e:42:5e:d1:c9:5f:2c:6f:c2:c1:52:35:ea:
01:aa:d2:9f:5e:0f:36:41:b9:98:d8:3b:aa:8c:ba:
41:21:57:dd:f8:fb:c1:63:af:5f:76:a8:bb:5e:c3:
af:b9:af:cd:e0:ae:2e:8f:6a:2d:70:c6:fb:e4:69:
46:2d:68:c9:b3:ba:9f:cd:24:6c:0b:9f:5e:d8:91:
0c:57:30:ae:db:ad:5f:55:fa:e7:f5:e8:1c:35:70:
c8:f7:f6:26:3b:a5:5c:dd:a2:a4:d2:55:8b:e2:0f:
a4:a1:c3:81:3f:3c:39:97:75:bd:d0:30:d8:09:6a:
a4:fe:79:f4:b3:7b:ad:29:33:95:9d:17:51:bf:4d:
db:70:66:20:4e:91:87:1e:bf:99:40:4a:5f:77:d8:
55:3d:62:c7:69:45:8a:08:c1:0d:0d:cf:f1:2a:4d:
0b:20:e3:91:c0:9f:0a:80:99:8d:12:eb:03:fa:08:
35:c4:3b:78:89:41:95:60:5d:c9:b1:53:e3:84:c2:
59:d3:10:08:d5:55:d1:08:a0:4f:e4:56:ed:42:0d:
96:60:2e:27:94:1d:99:6d:5f:61:90:4b:23:4b:4e:
d9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:87:D9:72:E5:EE:F6:A0:13:15:FF:38:67:E3:3D:DB:3E:47:05:FE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/y4fZcuXu9qATFf84Z-M92z5HBf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:27:72:e9:57:79:2b:df:7d:84:a2:0e:a7:0f:cd:07:a6:fd:
79:6c:25:82:73:d7:1d:0a:55:d6:a2:9f:e7:59:d4:cd:72:17:
aa:96:97:4c:96:eb:9e:6b:13:f9:01:02:d7:e7:d8:a9:d2:8b:
ac:cb:c8:e9:9f:18:1c:cb:28:b0:48:49:7b:5e:05:80:3a:e7:
b4:74:f7:2b:19:a2:9a:cd:15:42:20:09:25:d7:9d:b9:75:a2:
b1:d5:6d:fb:50:6e:e7:90:a8:2f:f0:da:66:42:07:6e:79:0f:
1e:ea:90:e0:43:84:aa:b6:5b:21:91:51:12:45:41:c2:63:60:
3b:f8:d9:e2:df:fc:3f:7f:3b:cf:26:34:34:85:9d:f4:5e:9d:
c6:04:9a:84:dd:7a:8e:ad:04:62:f9:68:df:08:b0:bc:b3:d5:
d2:f6:dd:44:7e:e6:59:0e:b7:2d:d5:0d:ae:a8:e7:c8:3d:60:
aa:d2:ff:72:e9:46:3d:ca:07:de:c1:5d:b5:67:d3:93:88:6b:
b8:a6:82:d9:bd:12:c5:fa:e0:41:d6:71:49:78:02:05:3b:d6:
c0:10:c2:d6:60:16:0c:65:b3:50:10:ce:db:ef:0c:04:0f:8b:
31:08:da:31:10:84:80:08:c7:70:70:36:cb:fa:a3:57:be:e6:
54:3e:0b:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcuKPcJMFIAOwAxPmK6//VmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI5MTYxNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjg3ZDk3MmU1ZWVmNmEwMTMxNWZmMzg2N2UzM2RkYjNlNDcwNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ5RebW4WBS8/0oU6FvCoKaEmQZB
F5YbtaMmH/gsRY5CXtHJXyxvwsFSNeoBqtKfXg82QbmY2DuqjLpBIVfd+PvBY69f
dqi7XsOvua/N4K4uj2otcMb75GlGLWjJs7qfzSRsC59e2JEMVzCu261fVfrn9egc
NXDI9/YmO6Vc3aKk0lWL4g+kocOBPzw5l3W90DDYCWqk/nn0s3utKTOVnRdRv03b
cGYgTpGHHr+ZQEpfd9hVPWLHaUWKCMENDc/xKk0LIOORwJ8KgJmNEusD+gg1xDt4
iUGVYF3JsVPjhMJZ0xAI1VXRCKBP5FbtQg2WYC4nlB2ZbV9hkEsjS07Z8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMuH2XLl7vagExX/OGfjPds+RwX+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveTRmWmN1WHU5cUFURmY4NFotTTkyejVIQmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ8nculXeSvffYSiDqcP
zQem/XlsJYJz1x0KVdain+dZ1M1yF6qWl0yW655rE/kBAtfn2KnSi6zLyOmfGBzL
KLBISXteBYA657R09ysZoprNFUIgCSXXnbl1orHVbftQbueQqC/w2mZCB255Dx7q
kOBDhKq2WyGRURJFQcJjYDv42eLf/D9/O88mNDSFnfRencYEmoTdeo6tBGL5aN8I
sLyz1dL23UR+5lkOty3VDa6o58g9YKrS/3LpRj3KB97BXbVn05OIa7imgtm9EsX6
4EHWcUl4AgU71sAQwtZgFgxls1AQztvvDAQPizEI2jEQhIAIx3BwNsv6o1e+5lQ+
C28=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:31:42 2025 by rpki-client