Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ilY89zyLflpkiisVvfknqr8tx1I.roa
File: ilY89zyLflpkiisVvfknqr8tx1I.roa (raw, json)
Hash identifier: OSxzbak0wGbywVbdUft5bPdz2ucWdKrxyB4vU09ql3A=
Subject key identifier: 8A:56:3C:F7:3C:8B:7E:5A:64:8A:2B:15:BD:F9:27:AA:BF:2D:C7:52
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C100F0CB820F5CAC33EBF68304B33BD38
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ilY89zyLflpkiisVvfknqr8tx1I.roa
Signing time: Mon 27 Nov 2023 09:14:30 +0000
ROA not before: Mon 27 Nov 2023 09:14:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:0f:0c:b8:20:f5:ca:c3:3e:bf:68:30:4b:33:bd:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 09:14:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a563cf73c8b7e5a648a2b15bdf927aabf2dc752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:70:a3:9e:c7:ed:27:48:a4:ca:94:10:1e:
4d:d7:ba:2c:4d:88:c3:24:c0:64:f9:45:72:5d:42:
30:ae:d5:64:0e:f4:66:1d:49:89:ce:09:1e:e0:c1:
c2:fe:fb:d7:7e:36:bf:f8:7d:c7:17:4a:2f:17:93:
15:ff:92:08:c3:b6:35:29:10:06:14:ee:cf:39:95:
85:0f:d6:c7:89:15:45:7c:35:5f:9b:b2:77:a1:a1:
17:78:76:e7:9d:16:1d:51:c9:f6:d4:03:53:85:f1:
e4:bb:9d:f8:fc:e2:d0:a8:34:1c:21:61:42:48:fc:
5b:8d:b9:ac:36:eb:43:ba:a2:72:68:77:28:38:9a:
ef:8d:0e:e9:8a:c6:56:68:1f:d3:83:f5:05:c8:f1:
3d:17:81:1a:0f:64:70:8a:a9:fe:5c:cf:3e:45:28:
49:c3:b5:5c:31:fe:3c:c7:8f:ec:33:03:16:ce:8d:
e7:8e:e6:65:ec:d1:db:5f:22:ce:85:93:0e:01:0a:
5a:96:e6:0d:68:19:79:ae:43:d5:ed:9d:9d:02:df:
ae:62:d8:6e:46:60:52:3d:67:0f:29:eb:c5:b3:fc:
a8:7d:fa:f5:f9:01:eb:9d:ee:2d:c1:30:56:d5:60:
12:60:db:90:95:ec:d8:aa:ee:f6:b9:89:23:3e:48:
eb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:56:3C:F7:3C:8B:7E:5A:64:8A:2B:15:BD:F9:27:AA:BF:2D:C7:52
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ilY89zyLflpkiisVvfknqr8tx1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:cc:7c:40:75:0c:03:2a:c8:a0:0a:45:91:60:41:a4:5b:43:
20:ba:bf:b3:47:53:1f:05:4e:9b:c7:77:2d:11:56:36:74:47:
be:d6:8f:23:c4:d8:00:92:70:9c:3c:4c:d7:a3:53:32:ca:3c:
7e:fb:a9:49:cc:75:cf:7d:54:1f:8a:39:a4:a4:44:ed:de:60:
c2:86:25:35:22:9e:38:07:df:49:81:8c:ab:3e:0b:10:65:fb:
a1:29:72:bb:a2:c1:b5:6e:8b:d0:03:7f:54:3b:09:cb:34:ac:
7b:a1:33:b7:55:6b:85:87:20:61:9b:aa:a6:cf:76:15:ac:b6:
73:c9:05:1c:f9:8f:2e:6d:db:75:aa:04:fa:88:7d:2c:45:e2:
ca:96:67:06:57:b4:1d:82:81:66:e1:8d:68:68:d7:f9:82:5c:
e2:ee:32:42:d1:82:ce:1a:aa:19:b3:d3:4c:bb:75:b2:4f:2a:
ae:f2:6e:12:8c:6e:73:0b:12:78:6a:23:6d:98:10:50:78:c0:
29:66:3c:62:d0:2e:ce:d9:58:21:30:d5:e7:25:62:ab:4e:15:
51:64:35:ad:c8:78:14:79:67:5a:dd:31:14:d8:01:5a:99:67:
cc:de:78:8c:4b:84:71:47:78:4d:53:12:d3:18:13:f1:50:cb:
90:e7:bf:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwQDwy4IPXKwz6/aDBLM704MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MDkxNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTU2M2NmNzNjOGI3ZTVhNjQ4YTJiMTViZGY5MjdhYWJmMmRjNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq85wo57H7SdIpMqUEB5N17osTYjD
JMBk+UVyXUIwrtVkDvRmHUmJzgke4MHC/vvXfja/+H3HF0ovF5MV/5IIw7Y1KRAG
FO7POZWFD9bHiRVFfDVfm7J3oaEXeHbnnRYdUcn21ANThfHku534/OLQqDQcIWFC
SPxbjbmsNutDuqJyaHcoOJrvjQ7pisZWaB/Tg/UFyPE9F4EaD2Rwiqn+XM8+RShJ
w7VcMf48x4/sMwMWzo3njuZl7NHbXyLOhZMOAQpaluYNaBl5rkPV7Z2dAt+uYthu
RmBSPWcPKevFs/yoffr1+QHrne4twTBW1WASYNuQlezYqu72uYkjPkjrGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIpWPPc8i35aZIorFb35J6q/LcdSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaWxZODl6eUxmbHBraWlzVnZma25xcjh0eDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAALMfEB1DAMqyKAKRZFg
QaRbQyC6v7NHUx8FTpvHdy0RVjZ0R77WjyPE2ACScJw8TNejUzLKPH77qUnMdc99
VB+KOaSkRO3eYMKGJTUinjgH30mBjKs+CxBl+6EpcruiwbVui9ADf1Q7Ccs0rHuh
M7dVa4WHIGGbqqbPdhWstnPJBRz5jy5t23WqBPqIfSxF4sqWZwZXtB2CgWbhjWho
1/mCXOLuMkLRgs4aqhmz00y7dbJPKq7ybhKMbnMLEnhqI22YEFB4wClmPGLQLs7Z
WCEw1eclYqtOFVFkNa3IeBR5Z1rdMRTYAVqZZ8zeeIxLhHFHeE1TEtMYE/FQy5Dn
v7Q=
-----END CERTIFICATE-----
Generated at Wed May 14 14:49:11 2025 by rpki-client