Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Y5q11QNewYotQoOwEh3ViInipV8.roa
File: Y5q11QNewYotQoOwEh3ViInipV8.roa (raw, json)
Hash identifier: 91TX3KY7E5KM/UT7bcjCg/Xd7rPs9EgQ3cPInUSONik=
Subject key identifier: 63:9A:B5:D5:03:5E:C1:8A:2D:42:83:B0:12:1D:D5:88:89:E2:A5:5F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB8F4192D48544C71FCCF4F88FDD67A9B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Y5q11QNewYotQoOwEh3ViInipV8.roa
Signing time: Thu 21 Sep 2023 18:15:19 +0000
ROA not before: Thu 21 Sep 2023 18:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b8:f4:19:2d:48:54:4c:71:fc:cf:4f:88:fd:d6:7a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 21 18:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=639ab5d5035ec18a2d4283b0121dd58889e2a55f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:29:8c:83:37:71:75:f4:16:02:64:1f:ea:18:
28:bb:ff:c0:b1:ec:12:af:a6:01:8e:05:4f:b0:64:
e4:46:b3:f1:90:f5:4b:13:3f:ae:a6:43:ab:2a:fd:
b8:f9:0b:c9:9a:48:19:9f:7c:18:f6:b3:d5:bb:be:
3a:ec:95:ad:e9:2a:0c:50:ff:05:00:d3:11:f9:32:
49:69:c7:63:37:cb:be:10:e3:e6:55:98:8c:d7:0f:
c6:97:c8:e4:d5:87:b1:85:ab:6a:47:ad:80:8f:51:
2f:ed:56:0f:0c:c9:e2:8a:64:3a:7f:a2:b8:d5:62:
74:18:ee:df:72:e4:c7:0c:87:a3:fc:6a:eb:96:fe:
6b:b7:f9:21:be:73:79:ab:61:a1:6e:49:2f:ba:24:
c7:7c:46:3d:3b:7b:c6:f2:db:bf:34:99:1d:29:b4:
3b:f1:63:26:a1:ce:00:64:b4:6e:07:43:fa:6f:6c:
8d:00:c1:a6:02:1d:d1:d0:75:35:23:21:e6:12:e4:
5b:ba:ef:0c:24:1c:bd:44:7d:44:7d:c5:c5:5b:7a:
ff:ca:92:ed:65:66:6b:e5:f5:c6:ef:97:cf:86:53:
7b:d3:2f:57:ac:74:ee:b3:3b:be:60:af:87:68:ae:
cc:3c:e0:d2:7e:d5:0a:4f:5c:9b:2c:b9:46:2a:9f:
bf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9A:B5:D5:03:5E:C1:8A:2D:42:83:B0:12:1D:D5:88:89:E2:A5:5F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Y5q11QNewYotQoOwEh3ViInipV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:ab:4e:e0:eb:39:0f:e8:1c:dc:67:5e:0e:be:b1:01:54:2f:
a3:af:22:dc:bf:81:cf:11:ea:66:5d:a9:60:f3:5e:0e:fd:eb:
e5:8f:51:28:09:fd:b5:0f:10:25:3b:6c:d5:31:45:86:fa:84:
61:86:dc:b8:c6:ba:e6:fd:a0:fe:92:aa:6b:45:c6:bc:f9:df:
6a:14:4a:bf:cf:6a:9c:8e:1e:05:a0:4c:aa:a4:f4:fa:36:54:
cb:e0:3d:bb:10:57:89:6a:fa:a3:0d:9b:fc:8a:e6:0d:fd:af:
16:d9:92:e7:4e:fd:5c:93:10:fa:95:fa:02:10:fa:c1:43:b3:
c6:ec:66:82:47:c3:01:bd:63:d8:07:d1:1e:67:50:fb:67:d6:
e1:df:96:1d:37:2d:9b:f6:d9:40:0a:ed:1b:08:28:65:9e:71:
8d:a4:24:33:47:8d:00:c7:d8:c0:30:9e:54:cf:ff:19:34:9f:
0f:0a:6d:aa:81:a3:ba:36:4b:37:3f:a4:d2:38:65:57:43:0d:
60:0e:47:9e:1c:16:9d:36:3d:dc:4e:85:9e:d3:74:d2:6d:ca:
c8:80:cb:75:d1:3b:8a:07:a6:ae:b7:7d:c6:08:9a:4f:2e:11:
b0:e0:23:cd:b1:b3:f4:a7:d7:b0:ac:b0:10:3b:a0:ea:ae:97:
68:5c:90:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq49BktSFRMcfzPT4j91nqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIxMTgxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzlhYjVkNTAzNWVjMThhMmQ0MjgzYjAxMjFkZDU4ODg5ZTJhNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCmMgzdxdfQWAmQf6hgou//AsewS
r6YBjgVPsGTkRrPxkPVLEz+upkOrKv24+QvJmkgZn3wY9rPVu7467JWt6SoMUP8F
ANMR+TJJacdjN8u+EOPmVZiM1w/Gl8jk1YexhatqR62Aj1Ev7VYPDMniimQ6f6K4
1WJ0GO7fcuTHDIej/Grrlv5rt/khvnN5q2GhbkkvuiTHfEY9O3vG8tu/NJkdKbQ7
8WMmoc4AZLRuB0P6b2yNAMGmAh3R0HU1IyHmEuRbuu8MJBy9RH1EfcXFW3r/ypLt
ZWZr5fXG75fPhlN70y9XrHTuszu+YK+HaK7MPODSftUKT1ybLLlGKp+/OQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGOatdUDXsGKLUKDsBId1YiJ4qVfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWTVxMTFRTmV3WW90UW9Pd0VoM1ZpSW5pcFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKSrTuDrOQ/oHNxnXg6+
sQFUL6OvIty/gc8R6mZdqWDzXg796+WPUSgJ/bUPECU7bNUxRYb6hGGG3LjGuub9
oP6SqmtFxrz532oUSr/PapyOHgWgTKqk9Po2VMvgPbsQV4lq+qMNm/yK5g39rxbZ
kudO/VyTEPqV+gIQ+sFDs8bsZoJHwwG9Y9gH0R5nUPtn1uHflh03LZv22UAK7RsI
KGWecY2kJDNHjQDH2MAwnlTP/xk0nw8KbaqBo7o2Szc/pNI4ZVdDDWAOR54cFp02
PdxOhZ7TdNJtysiAy3XRO4oHpq63fcYImk8uEbDgI82xs/Sn17CssBA7oOqul2hc
kCc=
-----END CERTIFICATE-----
Generated at Tue May 13 15:02:41 2025 by rpki-client