Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Py9NBOl-ZJalfJZimXXpOkUsCoE.roa
File: Py9NBOl-ZJalfJZimXXpOkUsCoE.roa (raw, json)
Hash identifier: 7ZVf8gUBGFB3NjzOluzSY3XEFaPw2ymfTHTeyXU1p4M=
Subject key identifier: 3F:2F:4D:04:E9:7E:64:96:A5:7C:96:62:99:75:E9:3A:45:2C:0A:81
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3223E1BD1ADFA9A2197C214CD2E69F3D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Py9NBOl-ZJalfJZimXXpOkUsCoE.roa
Signing time: Mon 04 Dec 2023 00:04:21 +0000
ROA not before: Mon 04 Dec 2023 00:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18c:3223:9548/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:32:23:e1:bd:1a:df:a9:a2:19:7c:21:4c:d2:e6:9f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 00:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f2f4d04e97e6496a57c96629975e93a452c0a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:72:58:c1:3f:41:ae:8a:5f:ed:34:82:17:
70:e0:b5:b2:71:db:96:2a:ba:30:91:89:77:a0:a8:
8e:79:7a:32:fc:0b:4a:b7:9c:69:4b:13:f6:46:c1:
d4:85:c2:ca:ea:ba:88:f9:93:99:be:6b:1d:74:79:
ea:0c:ff:86:ec:29:db:81:b3:da:3d:0a:54:f6:83:
7e:9d:02:21:ff:cd:89:e5:d0:0c:69:51:f8:3d:bc:
7d:2c:5a:86:eb:6d:9c:1f:5a:46:03:9d:80:da:ca:
ab:ad:e8:80:6a:6c:c5:ed:8c:8d:7a:ac:b3:e1:4c:
52:7b:9c:4f:75:5d:5e:72:46:21:99:59:ce:1b:b4:
c1:2e:97:c4:a4:ab:51:a1:5e:45:12:0a:0a:b8:c3:
73:3f:9d:06:fa:b6:13:4a:c4:2c:07:58:8f:dc:51:
e8:3b:3d:1b:16:71:2e:76:63:fc:76:b5:cb:0b:cc:
5a:04:3e:10:5c:1f:09:d4:b7:63:c5:ed:ae:fe:d8:
68:b6:7b:76:81:e3:8b:2a:cb:55:e6:69:94:86:b6:
a6:d8:a8:f2:e3:8d:14:4f:b1:9c:7d:d7:31:38:82:
23:2a:0d:39:de:0a:91:95:dd:8c:82:39:8c:7a:b5:
49:e0:00:8f:2d:45:cd:93:6a:53:8d:46:06:1a:13:
55:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2F:4D:04:E9:7E:64:96:A5:7C:96:62:99:75:E9:3A:45:2C:0A:81
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Py9NBOl-ZJalfJZimXXpOkUsCoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:ef:88:ea:32:b6:ba:63:e0:f1:8e:03:ca:f8:29:6c:39:f8:
96:c0:a8:a5:7e:4e:d2:4a:1f:e9:65:44:ca:3b:d0:c5:f7:6e:
37:72:a9:94:b8:b7:97:98:38:c5:56:b9:35:4f:17:69:a2:85:
37:45:bc:f2:0f:4a:70:ac:99:db:3d:cc:48:74:f3:3d:33:48:
38:15:bb:24:35:8d:82:aa:d5:48:41:9c:65:89:b6:dc:2f:57:
e4:de:39:ba:6f:86:48:8e:7a:6c:03:c1:6d:51:c3:a4:fb:31:
dc:30:b8:18:69:4f:96:33:7f:98:81:9f:55:ce:a0:c8:62:d8:
1e:29:11:e8:fc:42:23:ec:07:4e:86:4f:4d:c7:9a:85:1b:23:
6c:ce:ba:50:46:0c:bd:25:88:71:2e:0e:f2:a8:3d:66:1a:6d:
80:36:10:f1:18:ff:f4:80:61:61:47:d9:68:a2:47:7f:07:9d:
61:77:a2:55:f3:b2:4b:78:23:bc:55:58:49:ed:3f:27:0c:1a:
4b:53:9c:34:1b:53:ee:ac:91:48:08:cb:2c:5f:ea:11:f5:9a:
8d:33:9c:49:5a:5d:60:ff:4a:ba:99:d4:a9:e3:bc:8c:55:30:
35:ff:87:7e:27:4c:ea:bd:50:b8:3e:5e:fd:5c:22:13:31:50:
81:2e:4f:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwyI+G9Gt+pohl8IUzS5p89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MDAwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjJmNGQwNGU5N2U2NDk2YTU3Yzk2NjI5OTc1ZTkzYTQ1MmMwYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKByWME/Qa6KX+00ghdw4LWycduW
KrowkYl3oKiOeXoy/AtKt5xpSxP2RsHUhcLK6rqI+ZOZvmsddHnqDP+G7CnbgbPa
PQpU9oN+nQIh/82J5dAMaVH4Pbx9LFqG622cH1pGA52A2sqrreiAamzF7YyNeqyz
4UxSe5xPdV1eckYhmVnOG7TBLpfEpKtRoV5FEgoKuMNzP50G+rYTSsQsB1iP3FHo
Oz0bFnEudmP8drXLC8xaBD4QXB8J1Ldjxe2u/thotnt2geOLKstV5mmUhram2Kjy
440UT7GcfdcxOIIjKg053gqRld2MgjmMerVJ4ACPLUXNk2pTjUYGGhNVnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD8vTQTpfmSWpXyWYpl16TpFLAqBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUHk5TkJPbC1aSmFsZkpaaW1YWHBPa1VzQ29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKvviOoytrpj4PGOA8r4
KWw5+JbAqKV+TtJKH+llRMo70MX3bjdyqZS4t5eYOMVWuTVPF2mihTdFvPIPSnCs
mds9zEh08z0zSDgVuyQ1jYKq1UhBnGWJttwvV+TeObpvhkiOemwDwW1Rw6T7Mdww
uBhpT5Yzf5iBn1XOoMhi2B4pEej8QiPsB06GT03HmoUbI2zOulBGDL0liHEuDvKo
PWYabYA2EPEY//SAYWFH2WiiR38HnWF3olXzskt4I7xVWEntPycMGktTnDQbU+6s
kUgIyyxf6hH1mo0znElaXWD/SrqZ1KnjvIxVMDX/h34nTOq9ULg+Xv1cIhMxUIEu
T0E=
-----END CERTIFICATE-----
Generated at Sun May 11 04:10:31 2025 by rpki-client