Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/YRuSETFP6owtEJ7I6YuPTUZpW1s.roa
File: YRuSETFP6owtEJ7I6YuPTUZpW1s.roa (raw, json)
Hash identifier: pbd6XmxquLL5RKwZUQ9pAnQtkJ2eKIdtJZ3miRV93IU=
Subject key identifier: 61:1B:92:11:31:4F:EA:8C:2D:10:9E:C8:E9:8B:8F:4D:46:69:5B:5B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE1B9B9FBF5350BC739636BBC30DD3CFC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/YRuSETFP6owtEJ7I6YuPTUZpW1s.roa
Signing time: Fri 29 Sep 2023 16:15:59 +0000
ROA not before: Fri 29 Sep 2023 16:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:b9:b9:fb:f5:35:0b:c7:39:63:6b:bc:30:dd:3c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 16:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=611b9211314fea8c2d109ec8e98b8f4d46695b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fc:64:13:a3:07:e1:18:00:45:a4:60:34:56:
2b:56:35:8b:b7:94:0a:e9:65:2e:a7:dc:7c:f4:82:
f5:54:0a:83:1d:b9:38:df:8a:f1:d6:2c:c1:ea:cb:
74:69:bb:03:7f:ce:b3:1b:21:04:e9:9d:9c:1e:48:
18:83:f8:be:90:bd:66:a3:99:ee:c8:9f:0b:42:f6:
14:6f:c7:53:6d:65:ef:5f:5d:c7:34:96:8f:74:4a:
d8:86:29:4a:80:73:12:bf:91:da:75:ee:ff:e9:44:
ee:e6:69:64:20:4d:68:96:a3:53:12:fb:40:f7:8c:
e9:ea:3c:3a:9e:97:98:3d:1a:a7:c6:0a:c5:8e:ec:
64:5a:7e:72:4b:eb:09:52:f1:ab:83:df:68:e3:b0:
8e:d0:86:53:03:eb:43:53:3a:95:a1:07:5f:39:51:
a9:7a:dc:4d:7c:3c:7f:77:c6:71:e0:f2:d8:94:ea:
73:42:1f:54:1c:c8:ea:c6:cc:2c:f0:1b:f6:01:18:
14:64:6d:b3:64:c7:60:75:ea:6c:d6:bb:8a:03:4c:
b9:76:61:e3:0f:af:49:cc:d0:36:f9:b6:43:1c:ec:
df:02:b6:b7:45:69:7d:80:b2:57:21:35:13:1d:91:
4f:14:24:9e:e3:47:2b:66:a0:1a:3a:25:78:1d:07:
e4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1B:92:11:31:4F:EA:8C:2D:10:9E:C8:E9:8B:8F:4D:46:69:5B:5B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/YRuSETFP6owtEJ7I6YuPTUZpW1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:92:eb:41:8c:81:f6:14:f5:90:1d:9f:57:be:9b:9e:c9:9e:
e8:0c:45:d0:5d:e4:e7:94:69:5d:6c:4c:74:61:c3:90:c2:03:
d9:e5:5f:b7:8e:31:90:84:9e:91:66:48:8c:e2:72:cf:85:3a:
12:cd:e0:b4:56:14:af:2e:0b:61:5f:12:86:15:26:d2:e3:f9:
78:cd:65:f9:5c:33:79:1c:e8:c0:c5:a4:23:4d:64:5b:00:a0:
c8:95:d6:fd:ba:d8:6c:af:f0:ca:65:67:67:29:01:d3:65:91:
f3:1e:41:2c:ae:30:6e:1c:ac:1f:14:1d:06:97:aa:7a:d0:05:
1c:5e:68:fa:d1:02:5e:11:2a:4e:bc:8d:73:77:52:b0:36:71:
6a:6d:6f:8d:8a:bd:48:f3:b6:e4:3f:2e:dc:07:90:df:58:f0:
68:dd:14:1e:5e:44:79:82:d0:c4:7c:e3:cc:a8:4a:b6:e5:f5:
4a:80:07:be:4a:1f:ae:55:95:f5:6b:55:46:d7:04:e3:7c:1c:
88:48:05:25:6a:4b:ad:a8:8f:c7:96:3f:e7:28:c7:08:33:fe:
89:1c:c3:b1:d2:bd:fc:ce:18:df:4f:02:9c:69:c6:2f:ab:cd:
26:a8:26:34:eb:a3:b0:49:aa:c4:30:5f:bb:3e:32:28:30:f7:
8b:87:37:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrhubn79TULxzlja7ww3Tz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MTYxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFiOTIxMTMxNGZlYThjMmQxMDllYzhlOThiOGY0ZDQ2Njk1YjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivxkE6MH4RgARaRgNFYrVjWLt5QK
6WUup9x89IL1VAqDHbk434rx1izB6st0absDf86zGyEE6Z2cHkgYg/i+kL1mo5nu
yJ8LQvYUb8dTbWXvX13HNJaPdErYhilKgHMSv5Hade7/6UTu5mlkIE1olqNTEvtA
94zp6jw6npeYPRqnxgrFjuxkWn5yS+sJUvGrg99o47CO0IZTA+tDUzqVoQdfOVGp
etxNfDx/d8Zx4PLYlOpzQh9UHMjqxsws8Bv2ARgUZG2zZMdgdeps1ruKA0y5dmHj
D69JzNA2+bZDHOzfAra3RWl9gLJXITUTHZFPFCSe40crZqAaOiV4HQfk1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGEbkhExT+qMLRCeyOmLj01GaVtbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWVJ1U0VURlA2b3d0RUo3STZZdVBUVVpwVzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEqS60GMgfYU9ZAdn1e+
m57JnugMRdBd5OeUaV1sTHRhw5DCA9nlX7eOMZCEnpFmSIzics+FOhLN4LRWFK8u
C2FfEoYVJtLj+XjNZflcM3kc6MDFpCNNZFsAoMiV1v262Gyv8MplZ2cpAdNlkfMe
QSyuMG4crB8UHQaXqnrQBRxeaPrRAl4RKk68jXN3UrA2cWptb42KvUjztuQ/LtwH
kN9Y8GjdFB5eRHmC0MR848yoSrbl9UqAB75KH65VlfVrVUbXBON8HIhIBSVqS62o
j8eWP+coxwgz/okcw7HSvfzOGN9PApxpxi+rzSaoJjTro7BJqsQwX7s+Migw94uH
N2E=
-----END CERTIFICATE-----
Generated at Tue May 13 04:53:23 2025 by rpki-client