Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bYAtnd026jKk2PYaMnnI2r2cUyY.roa
File: bYAtnd026jKk2PYaMnnI2r2cUyY.roa (raw, json)
Hash identifier: sHI4MpOvoiGFNuQQ4Yy7ilcLxb04G+JlM3GeHiUjQtU=
Subject key identifier: 6D:80:2D:9D:DD:36:EA:32:A4:D8:F6:1A:32:79:C8:DA:BD:9C:53:26
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B096BD5F39092B68A79E55C0C129C47CE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bYAtnd026jKk2PYaMnnI2r2cUyY.roa
Signing time: Sat 07 Oct 2023 09:15:43 +0000
ROA not before: Sat 07 Oct 2023 09:15:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:09:6b:d5:f3:90:92:b6:8a:79:e5:5c:0c:12:9c:47:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 09:15:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d802d9ddd36ea32a4d8f61a3279c8dabd9c5326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:cd:1d:ea:a4:2d:51:47:31:44:19:dc:cf:4d:
d7:56:0b:7e:7b:eb:21:5c:97:97:be:c3:ff:db:dc:
2b:2a:2d:d1:e2:07:f3:6a:34:4c:f1:19:f6:d5:e9:
fd:0e:ba:c7:6c:68:81:72:07:79:20:d7:75:1b:34:
a8:94:ea:0a:d0:48:a8:03:a3:d0:dd:33:b6:c2:d4:
2e:a3:28:d7:66:6b:89:69:28:02:5b:09:e2:af:e6:
12:d4:c1:3c:9f:97:66:a4:9e:a0:7f:d7:da:06:7b:
3c:d4:7a:9f:56:a6:dc:3d:7e:41:82:bc:b2:a8:9a:
b8:05:f7:d9:7c:97:bf:be:78:ca:a6:71:a7:9b:57:
96:1e:b0:38:dd:bf:2a:b7:a2:c7:ba:42:c5:9a:b9:
a9:90:29:02:2d:ce:03:ec:b3:87:35:bb:28:46:a9:
8c:71:dd:c9:b4:34:cc:a8:08:9c:28:aa:8d:ac:78:
9f:b6:40:06:41:4e:c6:e4:0c:c1:bf:2b:97:8e:43:
08:1b:d9:da:ed:b7:da:ff:ad:42:5c:90:41:70:ba:
3e:9e:9d:1a:00:99:0e:0b:8f:cd:ac:65:2c:2d:9f:
ad:00:a4:ca:4c:37:ac:35:a7:7e:05:39:a1:4e:f3:
2e:a5:46:0e:5e:3c:79:63:87:f5:2c:0f:3e:af:b4:
94:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:80:2D:9D:DD:36:EA:32:A4:D8:F6:1A:32:79:C8:DA:BD:9C:53:26
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bYAtnd026jKk2PYaMnnI2r2cUyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:71:37:f5:51:6b:90:8c:29:44:ca:2c:7a:cf:e2:ee:65:89:
25:c9:bd:d0:37:c7:60:6b:02:c1:b6:cd:3d:64:ee:b5:f9:98:
91:8e:11:27:03:49:2e:4c:b1:ce:60:39:fa:25:57:4b:bc:36:
bd:1d:b8:77:59:a1:c3:f9:63:cc:3c:d0:bb:30:17:07:d8:0b:
76:e3:eb:2d:06:2b:f3:e3:40:ec:54:69:72:17:0d:a6:07:51:
29:71:07:16:c9:2c:7c:4c:a3:c6:24:67:44:a0:68:b0:30:00:
30:ac:13:ef:84:f3:41:ad:b6:b6:96:c0:4f:46:e5:74:90:6d:
4e:d0:1a:6e:40:dc:6a:13:df:89:03:e9:76:9d:ea:ec:40:e0:
b7:82:23:c9:73:fb:10:01:87:47:97:24:7b:11:f8:30:0d:4c:
3e:36:0b:d7:d0:6a:d1:2c:bf:70:65:89:25:d6:45:62:73:a7:
7b:20:73:62:0a:94:8e:8b:7c:e2:7f:4b:3a:cc:06:48:a5:7d:
ca:7c:d8:8f:e1:f5:cc:7b:31:a5:6b:8a:85:ef:96:6e:ea:b3:
3e:db:8d:eb:76:35:8c:2a:00:dd:fd:8e:0e:c4:44:1c:79:1e:
5e:01:49:94:9a:96:68:76:90:f8:67:4d:9a:e2:9b:ec:80:50:
cf:91:6a:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsJa9XzkJK2innlXAwSnEfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDkxNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDgwMmQ5ZGRkMzZlYTMyYTRkOGY2MWEzMjc5YzhkYWJkOWM1MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA680d6qQtUUcxRBncz03XVgt+e+sh
XJeXvsP/29wrKi3R4gfzajRM8Rn21en9DrrHbGiBcgd5INd1GzSolOoK0EioA6PQ
3TO2wtQuoyjXZmuJaSgCWwnir+YS1ME8n5dmpJ6gf9faBns81HqfVqbcPX5Bgryy
qJq4BffZfJe/vnjKpnGnm1eWHrA43b8qt6LHukLFmrmpkCkCLc4D7LOHNbsoRqmM
cd3JtDTMqAicKKqNrHiftkAGQU7G5AzBvyuXjkMIG9na7bfa/61CXJBBcLo+np0a
AJkOC4/NrGUsLZ+tAKTKTDesNad+BTmhTvMupUYOXjx5Y4f1LA8+r7SUUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2ALZ3dNuoypNj2GjJ5yNq9nFMmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYllBdG5kMDI2aktrMlBZYU1ubkkycjJjVXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAElxN/VRa5CMKUTKLHrP
4u5liSXJvdA3x2BrAsG2zT1k7rX5mJGOEScDSS5Msc5gOfolV0u8Nr0duHdZocP5
Y8w80LswFwfYC3bj6y0GK/PjQOxUaXIXDaYHUSlxBxbJLHxMo8YkZ0SgaLAwADCs
E++E80GttraWwE9G5XSQbU7QGm5A3GoT34kD6Xad6uxA4LeCI8lz+xABh0eXJHsR
+DANTD42C9fQatEsv3BliSXWRWJzp3sgc2IKlI6LfOJ/SzrMBkilfcp82I/h9cx7
MaVrioXvlm7qsz7bjet2NYwqAN39jg7ERBx5Hl4BSZSalmh2kPhnTZrim+yAUM+R
avo=
-----END CERTIFICATE-----
Generated at Sat May 10 14:56:23 2025 by rpki-client