Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SY3rVAYekgPn-iSCqboXVPv6onU.roa
File: SY3rVAYekgPn-iSCqboXVPv6onU.roa (raw, json)
Hash identifier: al3KAdyeHqceLisRhUj6Epf8NX2Ecqgk5FgYWK02e7M=
Subject key identifier: 49:8D:EB:54:06:1E:92:03:E7:FA:24:82:A9:BA:17:54:FB:FA:A2:75
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD9FDDB0CE7121AE1D4A7DB1DE152D822
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SY3rVAYekgPn-iSCqboXVPv6onU.roa
Signing time: Thu 28 Sep 2023 04:13:27 +0000
ROA not before: Thu 28 Sep 2023 04:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d9:fd:db:0c:e7:12:1a:e1:d4:a7:db:1d:e1:52:d8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 04:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=498deb54061e9203e7fa2482a9ba1754fbfaa275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3f:92:75:8a:6a:bd:21:c3:53:83:54:25:15:
00:8e:bb:66:56:34:6f:21:eb:77:8a:c7:06:f6:0b:
f3:0d:04:40:91:6e:52:b1:f7:11:e7:d4:68:ea:96:
53:c3:f2:e3:5c:c8:95:7a:a3:38:57:82:f4:63:61:
9c:50:73:8d:3e:a6:0b:53:3b:80:ec:ad:dd:c8:bc:
56:a9:1b:f3:9b:6f:ff:3d:e2:03:f3:9a:3e:74:ec:
36:16:73:39:60:34:b8:7b:ac:21:1e:f1:5f:2f:c0:
0a:ca:16:3c:9c:a2:57:39:a4:0f:8d:bb:0b:bd:03:
44:e0:c5:39:25:af:60:b4:17:7e:93:f1:4c:46:ef:
d6:1f:07:ad:60:90:21:ef:3f:cb:f9:31:c8:fa:31:
0e:ed:a2:64:56:b5:3e:89:a6:20:9b:1a:14:c2:d0:
51:f3:1a:ce:ae:b3:ef:77:e6:76:1c:c4:0e:0e:d2:
b9:6f:a7:1f:c1:93:08:70:f1:48:e1:51:a2:31:94:
98:37:d8:b4:0f:7c:43:86:59:16:1d:89:cb:a5:a8:
87:9d:7c:0f:e7:f7:ac:15:a8:15:61:8c:b5:76:1c:
06:2c:98:9c:3b:d2:df:81:48:01:05:f2:d8:d6:55:
56:e8:2b:54:85:ce:ef:6a:0f:01:e7:a7:70:56:66:
e8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:8D:EB:54:06:1E:92:03:E7:FA:24:82:A9:BA:17:54:FB:FA:A2:75
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SY3rVAYekgPn-iSCqboXVPv6onU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:65:14:6c:0c:94:25:59:62:5e:6e:41:6b:65:d4:39:7f:66:
3f:7e:d8:89:11:e6:af:e0:ed:b0:65:82:80:6e:74:bc:50:40:
65:c8:5c:cf:9e:2d:69:78:7f:d1:ff:63:8d:a3:ea:07:b7:70:
9b:a2:f6:45:f7:4b:dd:f5:15:b9:a5:f2:ce:1a:de:e5:10:3b:
70:d7:05:51:99:01:6d:7e:cd:0e:7c:e1:24:f3:66:05:dc:99:
c5:81:34:8b:98:7b:d3:04:30:c6:6c:7c:04:99:2c:c2:1b:0a:
8b:42:71:9d:3c:77:0e:25:d5:f9:95:70:fb:15:ad:99:22:02:
1e:95:97:c0:77:5e:ef:dd:70:79:1d:50:19:27:b3:09:89:66:
db:b8:ff:cd:3e:60:15:9e:06:1d:1f:18:dd:ae:2d:45:63:32:
d5:50:ef:1f:7a:6b:58:d4:96:48:1c:e5:59:24:ce:f1:16:92:
bd:75:d5:57:0b:0c:0f:e3:17:b6:a6:3f:54:c3:94:83:92:4f:
c1:8c:10:64:2c:82:fe:d5:d3:94:02:91:e3:a2:5b:c7:f8:84:
97:4a:c7:5d:15:be:1b:b2:0f:01:c6:0c:fb:8b:51:cd:2a:6f:
2f:6e:de:ea:86:9f:b3:f9:6d:97:9c:9c:46:45:98:08:0f:c9:
eb:c5:b5:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrZ/dsM5xIa4dSn2x3hUtgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MDQxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OThkZWI1NDA2MWU5MjAzZTdmYTI0ODJhOWJhMTc1NGZiZmFhMjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz+SdYpqvSHDU4NUJRUAjrtmVjRv
Iet3iscG9gvzDQRAkW5SsfcR59Ro6pZTw/LjXMiVeqM4V4L0Y2GcUHONPqYLUzuA
7K3dyLxWqRvzm2//PeID85o+dOw2FnM5YDS4e6whHvFfL8AKyhY8nKJXOaQPjbsL
vQNE4MU5Ja9gtBd+k/FMRu/WHwetYJAh7z/L+THI+jEO7aJkVrU+iaYgmxoUwtBR
8xrOrrPvd+Z2HMQODtK5b6cfwZMIcPFI4VGiMZSYN9i0D3xDhlkWHYnLpaiHnXwP
5/esFagVYYy1dhwGLJicO9LfgUgBBfLY1lVW6CtUhc7vag8B56dwVmboVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEmN61QGHpID5/okgqm6F1T7+qJ1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvU1kzclZBWWVrZ1BuLWlTQ3Fib1hWUHY2b25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEplFGwMlCVZYl5uQWtl
1Dl/Zj9+2IkR5q/g7bBlgoBudLxQQGXIXM+eLWl4f9H/Y42j6ge3cJui9kX3S931
Fbml8s4a3uUQO3DXBVGZAW1+zQ584STzZgXcmcWBNIuYe9MEMMZsfASZLMIbCotC
cZ08dw4l1fmVcPsVrZkiAh6Vl8B3Xu/dcHkdUBknswmJZtu4/80+YBWeBh0fGN2u
LUVjMtVQ7x96a1jUlkgc5VkkzvEWkr111VcLDA/jF7amP1TDlIOST8GMEGQsgv7V
05QCkeOiW8f4hJdKx10VvhuyDwHGDPuLUc0qby9u3uqGn7P5bZecnEZFmAgPyevF
tSQ=
-----END CERTIFICATE-----
Generated at Tue May 13 12:39:27 2025 by rpki-client