Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U4YandhtZraLjPPKKHftVstNGoc.roa
File: U4YandhtZraLjPPKKHftVstNGoc.roa (raw, json)
Hash identifier: o+5c/Q5PlVTFybwAVStpudGdapGbKoSSgRQ/d7dbgKM=
Subject key identifier: 53:86:1A:9D:D8:6D:66:B6:8B:8C:F3:CA:28:77:ED:56:CB:4D:1A:87
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADD9BF43033A9025EB760033A91C602C7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U4YandhtZraLjPPKKHftVstNGoc.roa
Signing time: Thu 28 Sep 2023 21:04:59 +0000
ROA not before: Thu 28 Sep 2023 21:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:dd9b:42a5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dd:9b:f4:30:33:a9:02:5e:b7:60:03:3a:91:c6:02:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 21:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53861a9dd86d66b68b8cf3ca2877ed56cb4d1a87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e8:c8:6b:36:f6:45:70:3e:99:21:fa:18:48:
36:9d:c0:ce:6d:30:8e:a9:2f:ac:ec:2a:8a:c6:82:
90:ea:67:a1:81:87:5e:2d:32:7a:93:45:a3:23:a7:
57:6b:26:04:89:1c:d0:e6:57:8d:fe:04:8c:6e:7a:
5d:3c:b2:1b:16:d8:83:47:b5:68:7e:cf:69:9f:17:
e8:14:de:1e:2b:a1:50:69:76:85:72:73:19:31:cc:
fa:c6:13:49:a8:0c:b7:b0:76:c3:15:39:ae:04:9b:
08:29:95:f7:f3:0b:a8:52:b8:7d:75:c1:2d:ee:48:
5c:42:c0:e4:29:00:49:33:35:c1:4a:89:16:0b:a3:
7e:f2:26:1a:ac:e2:a4:d7:a5:19:72:1d:ae:20:ab:
3d:58:f5:e5:6d:74:60:bb:55:9a:74:98:8b:32:25:
ad:f7:a8:80:66:50:2a:3b:07:bf:21:e1:7f:d7:1c:
23:d0:57:56:08:23:bb:a8:ae:9d:06:81:a0:47:a3:
fa:64:42:25:e6:bb:2f:4f:31:da:be:88:17:bc:3f:
74:0f:fa:de:a8:37:ce:f0:e4:90:a9:da:2e:ba:f0:
de:b0:d8:36:fe:6b:2a:5e:be:91:19:6c:e7:19:2d:
e8:2e:c5:bf:51:cd:22:ac:3e:4c:01:ad:0e:24:f9:
32:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:86:1A:9D:D8:6D:66:B6:8B:8C:F3:CA:28:77:ED:56:CB:4D:1A:87
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U4YandhtZraLjPPKKHftVstNGoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:ba:93:6c:af:fc:fa:1a:d7:56:a8:6a:f5:eb:d6:77:a1:45:
75:7b:91:94:02:4f:c7:67:31:34:86:5b:eb:b9:71:b9:72:b0:
ff:10:cc:63:05:3b:7a:c9:5f:b9:70:24:6b:00:8e:95:27:bd:
32:90:fc:32:e3:fb:e4:e5:07:f0:00:48:95:56:12:b7:6f:ad:
8d:d3:1f:12:f2:72:b4:5f:4b:5f:b6:e8:8c:4f:63:31:7e:8f:
32:a5:94:19:8c:ea:4d:41:25:31:39:60:26:79:d8:fe:78:68:
0b:19:fd:42:76:ce:73:97:93:fe:68:d0:8f:db:4d:fb:b5:22:
92:30:c6:8a:4a:08:bf:dc:e0:ff:be:ed:bc:88:83:ff:3d:d5:
97:8e:ab:65:d9:29:77:b5:e0:af:0e:16:21:e2:d4:de:93:7a:
08:e8:f5:a9:76:60:08:0d:5f:ab:b0:6a:f6:29:f2:d2:63:70:
2e:15:96:fc:26:87:38:4e:e0:d7:ee:34:a3:51:12:03:aa:15:
d2:3d:4c:8e:8c:ee:06:80:12:9b:d2:a1:98:45:b2:90:3c:8d:
c9:ba:af:d2:45:4a:b3:5f:28:37:99:fc:58:3d:3c:56:43:23:
29:c2:09:83:88:04:93:75:b1:73:fc:e4:dc:96:8d:08:08:a1:
0e:ee:ae:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrdm/QwM6kCXrdgAzqRxgLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MjEwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg2MWE5ZGQ4NmQ2NmI2OGI4Y2YzY2EyODc3ZWQ1NmNiNGQxYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsujIazb2RXA+mSH6GEg2ncDObTCO
qS+s7CqKxoKQ6mehgYdeLTJ6k0WjI6dXayYEiRzQ5leN/gSMbnpdPLIbFtiDR7Vo
fs9pnxfoFN4eK6FQaXaFcnMZMcz6xhNJqAy3sHbDFTmuBJsIKZX38wuoUrh9dcEt
7khcQsDkKQBJMzXBSokWC6N+8iYarOKk16UZch2uIKs9WPXlbXRgu1WadJiLMiWt
96iAZlAqOwe/IeF/1xwj0FdWCCO7qK6dBoGgR6P6ZEIl5rsvTzHavogXvD90D/re
qDfO8OSQqdouuvDesNg2/msqXr6RGWznGS3oLsW/Uc0irD5MAa0OJPkyrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFOGGp3YbWa2i4zzyih37VbLTRqHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVTRZYW5kaHRacmFMalBQS0tIZnRWc3ROR29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD66k2yv/Poa11aoavXr
1nehRXV7kZQCT8dnMTSGW+u5cblysP8QzGMFO3rJX7lwJGsAjpUnvTKQ/DLj++Tl
B/AASJVWErdvrY3THxLycrRfS1+26IxPYzF+jzKllBmM6k1BJTE5YCZ52P54aAsZ
/UJ2znOXk/5o0I/bTfu1IpIwxopKCL/c4P++7byIg/891ZeOq2XZKXe14K8OFiHi
1N6Tegjo9al2YAgNX6uwavYp8tJjcC4VlvwmhzhO4NfuNKNREgOqFdI9TI6M7gaA
EpvSoZhFspA8jcm6r9JFSrNfKDeZ/Fg9PFZDIynCCYOIBJN1sXP85NyWjQgIoQ7u
rps=
-----END CERTIFICATE-----
Generated at Sat May 10 11:40:13 2025 by rpki-client