Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yh_ytG1CoputW6oAHfMqIV6fbZw.roa
File: yh_ytG1CoputW6oAHfMqIV6fbZw.roa (raw, json)
Hash identifier: wAFspLH7fSWsCzK8lYJdqumTH++/t4fBH7JUDJFO7WU=
Subject key identifier: CA:1F:F2:B4:6D:42:A2:9B:AD:5B:AA:00:1D:F3:2A:21:5E:9F:6D:9C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186F42D7D222A581910582AC06343AD53C4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yh_ytG1CoputW6oAHfMqIV6fbZw.roa
Signing time: Sat 18 Mar 2023 10:04:27 +0000
ROA not before: Sat 18 Mar 2023 10:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:f42d:68ac/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f4:2d:7d:22:2a:58:19:10:58:2a:c0:63:43:ad:53:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 18 10:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca1ff2b46d42a29bad5baa001df32a215e9f6d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7a:5b:9e:52:97:c8:8c:f2:83:95:bf:6b:bb:
4f:48:1b:c2:3a:cb:b5:8c:b1:f5:63:91:39:36:11:
ac:0a:c9:0e:6e:63:b3:c9:90:9d:76:12:2a:91:57:
c7:29:eb:b9:8e:db:2f:0c:36:38:6d:5f:76:d7:8b:
4e:c7:08:96:48:2b:28:0c:77:99:e6:38:b7:a8:cb:
4d:9b:01:c2:79:8a:6e:21:e3:35:8b:89:62:ec:0b:
87:be:a7:66:cf:df:14:2a:20:73:c5:be:af:22:c5:
2b:27:7e:70:05:b3:8c:a4:93:10:e0:53:c7:93:6b:
11:78:e8:0b:a5:e7:11:95:6f:ca:a4:0b:61:2b:fd:
98:32:59:39:fa:53:38:f3:92:b3:43:a7:0a:58:f2:
96:f0:4b:52:e3:61:ab:42:08:12:6c:ed:fa:84:4e:
36:e7:87:78:fa:c4:34:90:5a:22:87:ae:73:81:97:
f2:91:18:92:5f:66:ad:50:85:31:54:97:1f:a8:8a:
a8:f8:61:08:5c:b0:31:ba:52:47:32:8f:2b:d7:af:
0e:34:e4:6b:b9:12:5f:bd:65:3b:c3:b0:f9:8e:98:
1e:bf:23:28:93:9c:02:41:0d:d7:1c:87:82:14:64:
45:e5:d3:e2:1e:91:8b:71:02:2b:26:72:ae:6d:8e:
76:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1F:F2:B4:6D:42:A2:9B:AD:5B:AA:00:1D:F3:2A:21:5E:9F:6D:9C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/yh_ytG1CoputW6oAHfMqIV6fbZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:fe:6f:ec:cc:1c:68:01:85:7b:88:f4:16:4c:3f:37:be:d7:
93:0f:d8:63:2a:a5:2d:1c:65:ba:49:bf:73:3a:aa:e7:53:ce:
fb:61:3b:13:64:ce:13:88:e1:6e:0c:39:f6:bd:95:d0:ce:01:
32:e1:7d:6b:e5:34:ad:3a:4d:27:81:2f:55:61:05:62:1f:04:
3d:09:aa:16:10:1f:6f:a6:cc:b6:21:2e:80:06:b1:89:b1:cb:
1f:87:fa:b9:30:de:81:28:9a:65:62:06:7f:0e:d4:0e:d5:ac:
4f:f1:14:42:0d:a6:15:3e:9a:27:be:53:f9:32:1c:33:04:6b:
ee:52:c6:8d:7c:8b:6c:54:c5:74:25:5c:96:ec:ed:14:20:b4:
2b:bb:58:d8:67:f0:ad:1b:cb:80:24:06:4d:ee:9e:84:e2:7e:
c0:c6:6e:62:16:bd:a4:a2:d2:50:dc:89:05:a2:53:47:13:b9:
8e:e7:d1:43:e3:50:3b:2b:cd:30:7e:3d:b9:eb:e1:14:30:0c:
11:80:b6:7a:b5:4c:55:d1:d7:10:80:4d:e4:5c:5f:9e:b6:73:
84:a3:af:46:f5:eb:94:96:2f:74:d2:fa:9a:d4:fa:05:14:c2:
28:dd:f6:d5:32:f5:18:7d:f9:9a:05:5e:2c:ac:ab:bf:08:80:
cc:f9:47:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb0LX0iKlgZEFgqwGNDrVPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE4MTAwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFmZjJiNDZkNDJhMjliYWQ1YmFhMDAxZGYzMmEyMTVlOWY2ZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHpbnlKXyIzyg5W/a7tPSBvCOsu1
jLH1Y5E5NhGsCskObmOzyZCddhIqkVfHKeu5jtsvDDY4bV9214tOxwiWSCsoDHeZ
5ji3qMtNmwHCeYpuIeM1i4li7AuHvqdmz98UKiBzxb6vIsUrJ35wBbOMpJMQ4FPH
k2sReOgLpecRlW/KpAthK/2YMlk5+lM485KzQ6cKWPKW8EtS42GrQggSbO36hE42
54d4+sQ0kFoih65zgZfykRiSX2atUIUxVJcfqIqo+GEIXLAxulJHMo8r168ONORr
uRJfvWU7w7D5jpgevyMok5wCQQ3XHIeCFGRF5dPiHpGLcQIrJnKubY52ewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMof8rRtQqKbrVuqAB3zKiFen22cMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveWhfeXRHMUNvcHV0VzZvQUhmTXFJVjZmYlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFP+b+zMHGgBhXuI9BZM
Pze+15MP2GMqpS0cZbpJv3M6qudTzvthOxNkzhOI4W4MOfa9ldDOATLhfWvlNK06
TSeBL1VhBWIfBD0JqhYQH2+mzLYhLoAGsYmxyx+H+rkw3oEommViBn8O1A7VrE/x
FEINphU+mie+U/kyHDMEa+5Sxo18i2xUxXQlXJbs7RQgtCu7WNhn8K0by4AkBk3u
noTifsDGbmIWvaSi0lDciQWiU0cTuY7n0UPjUDsrzTB+Pbnr4RQwDBGAtnq1TFXR
1xCATeRcX562c4Sjr0b165SWL3TS+prU+gUUwijd9tUy9Rh9+ZoFXiysq78IgMz5
R1k=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:13:08 2025 by rpki-client