Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cJYdsATo5wFlUEDxLbOSlDUbyTQ.roa
File: cJYdsATo5wFlUEDxLbOSlDUbyTQ.roa (raw, json)
Hash identifier: kL2ikJY8OhUBWlkIddXGSrJlLHWpcuBhxipknl+3PWI=
Subject key identifier: 70:96:1D:B0:04:E8:E7:01:65:50:40:F1:2D:B3:92:94:35:1B:C9:34
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD952C323E7304DFD6E59A0A0FBEE18DA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cJYdsATo5wFlUEDxLbOSlDUbyTQ.roa
Signing time: Thu 16 Nov 2023 18:09:21 +0000
ROA not before: Thu 16 Nov 2023 18:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d9:52:c3:23:e7:30:4d:fd:6e:59:a0:a0:fb:ee:18:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 18:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70961db004e8e701655040f12db39294351bc934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7a:31:bf:0e:4e:d0:d2:5d:e2:34:3e:b9:df:
1c:13:1f:2e:3f:5a:65:a9:81:38:f7:13:3b:33:0f:
d8:73:63:b6:cd:71:cb:4f:b7:f9:2d:ae:ab:ba:6a:
64:a9:90:25:15:fb:00:28:87:e9:89:4c:3c:a1:b6:
3d:62:0b:84:b3:4c:9d:5e:4c:b9:34:4a:1a:d3:c3:
1b:44:c6:8d:30:7f:9f:0b:04:00:38:09:a3:91:a1:
b6:71:74:7e:90:4c:fd:51:4d:63:8f:ef:89:18:36:
f3:42:53:44:3d:1c:05:7b:4f:80:41:c0:e5:22:0b:
6f:40:59:40:5d:61:77:03:ec:f3:2d:aa:c7:20:03:
9f:9c:d2:d8:4a:6c:09:a8:07:3a:af:25:38:d9:d1:
8d:14:d7:2c:1a:5e:42:11:6c:37:cf:df:f9:c4:d2:
79:2a:6c:91:49:0f:ce:e7:27:dd:09:d4:74:64:5f:
4e:ef:d8:5e:a6:2c:5d:b5:80:9f:e0:0d:e8:8c:38:
fd:d3:9b:8c:83:13:68:47:80:e5:7d:7e:5a:b2:2d:
b1:a6:55:36:b0:23:7a:3f:7b:ba:fc:5b:4d:69:24:
e3:c6:47:2f:67:93:07:a2:5f:1e:93:a3:b4:62:dc:
9d:d0:04:0c:20:14:2a:b0:e8:47:d6:d5:12:f2:1c:
ef:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:96:1D:B0:04:E8:E7:01:65:50:40:F1:2D:B3:92:94:35:1B:C9:34
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cJYdsATo5wFlUEDxLbOSlDUbyTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:28:65:07:3a:57:14:64:50:31:51:76:e4:52:40:d5:0e:27:
26:e9:50:33:d5:af:8c:0a:3d:47:ab:fc:b0:10:3b:9c:10:ce:
65:01:b1:4f:ed:45:02:ab:56:7d:a1:88:23:f5:5b:6e:88:59:
19:80:06:89:14:85:e6:b3:13:72:b7:ac:dc:7e:92:99:ce:2c:
f0:62:16:24:a3:a4:3e:74:99:b1:35:ca:6f:b0:53:89:4a:cc:
87:32:e0:69:5f:7e:d7:b3:8b:1c:c9:ed:97:d1:3a:97:d0:f3:
59:58:63:55:7e:09:7b:aa:ad:00:59:77:fb:3d:e9:e9:e0:6b:
c3:2c:03:a9:81:1e:1e:ab:0c:20:3b:08:74:4d:d4:cf:19:ce:
31:7b:b4:0a:22:dd:b9:8a:6b:1c:7f:af:fb:51:51:f1:71:14:
56:e3:f4:1b:76:a6:fa:9f:01:53:e1:18:5e:42:b9:67:0e:76:
29:8a:fc:35:ed:c9:1f:2d:7f:81:c5:ad:52:38:86:43:d2:cb:
27:c3:9b:67:61:e8:8f:7c:da:5c:7a:8c:c3:05:bf:cc:c3:5b:
51:7b:9d:6d:32:6b:63:56:34:2d:dd:9e:10:1b:af:7d:4f:11:
de:1f:95:bb:6e:6d:bb:cb:94:3b:5d:2c:9d:e2:7e:de:5c:b0:
a3:c4:ad:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvZUsMj5zBN/W5ZoKD77hjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MTgwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDk2MWRiMDA0ZThlNzAxNjU1MDQwZjEyZGIzOTI5NDM1MWJjOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnoxvw5O0NJd4jQ+ud8cEx8uP1pl
qYE49xM7Mw/Yc2O2zXHLT7f5La6rumpkqZAlFfsAKIfpiUw8obY9YguEs0ydXky5
NEoa08MbRMaNMH+fCwQAOAmjkaG2cXR+kEz9UU1jj++JGDbzQlNEPRwFe0+AQcDl
IgtvQFlAXWF3A+zzLarHIAOfnNLYSmwJqAc6ryU42dGNFNcsGl5CEWw3z9/5xNJ5
KmyRSQ/O5yfdCdR0ZF9O79hepixdtYCf4A3ojDj905uMgxNoR4DlfX5asi2xplU2
sCN6P3u6/FtNaSTjxkcvZ5MHol8ek6O0Ytyd0AQMIBQqsOhH1tUS8hzvEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHCWHbAE6OcBZVBA8S2zkpQ1G8k0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY0pZZHNBVG81d0ZsVUVEeExiT1NsRFVieVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgoZQc6VxRkUDFRduRS
QNUOJybpUDPVr4wKPUer/LAQO5wQzmUBsU/tRQKrVn2hiCP1W26IWRmABokUheaz
E3K3rNx+kpnOLPBiFiSjpD50mbE1ym+wU4lKzIcy4GlfftezixzJ7ZfROpfQ81lY
Y1V+CXuqrQBZd/s96enga8MsA6mBHh6rDCA7CHRN1M8ZzjF7tAoi3bmKaxx/r/tR
UfFxFFbj9Bt2pvqfAVPhGF5CuWcOdimK/DXtyR8tf4HFrVI4hkPSyyfDm2dh6I98
2lx6jMMFv8zDW1F7nW0ya2NWNC3dnhAbr31PEd4flbtubbvLlDtdLJ3ift5csKPE
rZk=
-----END CERTIFICATE-----
Generated at Tue May 13 02:17:28 2025 by rpki-client