Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pYBigGNMMMfNkRqdDElV3mlCTGY.roa
File: pYBigGNMMMfNkRqdDElV3mlCTGY.roa (raw, json)
Hash identifier: vpP4R12pocFPhNLIky08SP2bl7q2KqaTv+xRXzXvjdg=
Subject key identifier: A5:80:62:80:63:4C:30:C7:CD:91:1A:9D:0C:49:55:DE:69:42:4C:66
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2CC782A66F69DD3A1741376A3DADAA80
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pYBigGNMMMfNkRqdDElV3mlCTGY.roa
Signing time: Sat 02 Dec 2023 23:05:21 +0000
ROA not before: Sat 02 Dec 2023 23:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:2cc6:da7c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:c7:82:a6:6f:69:dd:3a:17:41:37:6a:3d:ad:aa:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 23:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5806280634c30c7cd911a9d0c4955de69424c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:94:87:65:b2:9f:c5:13:83:b7:b0:e7:5a:b4:
29:dd:e6:0a:bb:16:9d:0f:90:83:da:41:b9:ae:07:
55:09:d9:8c:03:a8:62:bf:c6:7f:1b:77:67:c2:e4:
67:5d:42:90:15:75:51:15:89:87:6d:8e:bf:ed:d8:
91:b4:d2:21:00:99:48:1f:e3:9c:41:b0:b4:ad:4c:
90:4d:28:81:df:ad:22:d7:11:c6:1a:4a:fd:d7:f9:
32:3e:6b:41:91:e7:e4:4b:a0:45:4f:25:52:19:ff:
5a:b4:ae:2a:a9:be:26:20:90:b8:f2:69:d6:b5:fa:
b5:64:a1:fd:69:68:c8:68:6f:0d:d5:d2:a1:29:4b:
99:6a:04:78:60:74:3a:dc:3e:a2:21:68:5d:46:cf:
40:ad:9d:b9:50:2d:2e:f1:60:d7:76:64:e7:2f:bb:
45:53:22:3f:7a:24:33:d7:63:d4:99:9a:b8:9f:a8:
3d:05:99:88:e4:5e:3d:6e:44:3c:7e:89:c1:21:4a:
86:c2:b3:ad:c2:58:eb:58:2c:5f:85:4e:ca:ba:8f:
43:7f:81:88:f9:0b:6a:1d:0c:e5:c7:8b:0a:7d:9c:
60:23:8e:1b:fc:78:b8:94:19:c6:d5:17:2e:18:e0:
fc:df:e6:42:4d:b4:10:bb:d4:b5:90:3c:31:16:79:
e9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:80:62:80:63:4C:30:C7:CD:91:1A:9D:0C:49:55:DE:69:42:4C:66
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pYBigGNMMMfNkRqdDElV3mlCTGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:60:f5:23:42:79:32:a8:f7:dd:44:b8:f9:97:a8:ab:92:13:
df:d9:19:f2:b2:96:f3:67:dd:46:04:03:fe:c5:f5:81:5b:84:
bb:ba:9e:26:36:86:3f:cb:20:69:cb:ee:87:0f:4c:5b:47:de:
7f:f1:94:ac:7a:01:93:e8:c8:ef:8c:89:65:c9:79:6e:13:fa:
31:1e:31:b0:7c:31:59:c7:f9:2c:b7:31:57:6d:e8:da:da:34:
40:bc:78:5f:b8:2f:04:3d:75:49:4b:f3:50:0d:53:57:50:30:
81:4a:3f:55:14:00:af:13:f0:3c:1f:db:fd:d8:7d:32:6a:92:
94:4b:4b:48:5e:ca:65:6f:e7:7d:34:62:33:34:79:cc:b6:8e:
9c:2a:1d:6d:bb:8d:d0:8b:ae:6b:3f:3a:26:18:38:47:04:00:
73:2a:25:77:1e:d1:5e:fe:31:5b:81:1d:a2:09:21:00:f2:08:
f2:b6:97:7a:da:73:66:bf:a6:bf:ec:b7:35:ea:23:dd:11:59:
f7:08:0a:8a:c3:a8:f1:a5:ba:b2:ea:15:04:91:1e:eb:bd:09:
03:52:87:5c:e6:9a:15:e6:9a:d4:7b:62:b1:aa:95:70:d0:12:
ba:1c:a2:d0:d7:97:09:1f:a3:e9:01:e8:5a:1e:c9:d7:d4:46:
4c:6e:9e:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwsx4Kmb2ndOhdBN2o9raqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMjMwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTgwNjI4MDYzNGMzMGM3Y2Q5MTFhOWQwYzQ5NTVkZTY5NDI0YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5SHZbKfxRODt7DnWrQp3eYKuxad
D5CD2kG5rgdVCdmMA6hiv8Z/G3dnwuRnXUKQFXVRFYmHbY6/7diRtNIhAJlIH+Oc
QbC0rUyQTSiB360i1xHGGkr91/kyPmtBkefkS6BFTyVSGf9atK4qqb4mIJC48mnW
tfq1ZKH9aWjIaG8N1dKhKUuZagR4YHQ63D6iIWhdRs9ArZ25UC0u8WDXdmTnL7tF
UyI/eiQz12PUmZq4n6g9BZmI5F49bkQ8fonBIUqGwrOtwljrWCxfhU7Kuo9Df4GI
+QtqHQzlx4sKfZxgI44b/Hi4lBnG1RcuGOD83+ZCTbQQu9S1kDwxFnnp3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKWAYoBjTDDHzZEanQxJVd5pQkxmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcFlCaWdHTk1NTWZOa1JxZERFbFYzbWxDVEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI9g9SNCeTKo991EuPmX
qKuSE9/ZGfKylvNn3UYEA/7F9YFbhLu6niY2hj/LIGnL7ocPTFtH3n/xlKx6AZPo
yO+MiWXJeW4T+jEeMbB8MVnH+Sy3MVdt6NraNEC8eF+4LwQ9dUlL81ANU1dQMIFK
P1UUAK8T8Dwf2/3YfTJqkpRLS0heymVv5300YjM0ecy2jpwqHW27jdCLrms/OiYY
OEcEAHMqJXce0V7+MVuBHaIJIQDyCPK2l3rac2a/pr/stzXqI90RWfcICorDqPGl
urLqFQSRHuu9CQNSh1zmmhXmmtR7YrGqlXDQErocotDXlwkfo+kB6FoeydfURkxu
nt8=
-----END CERTIFICATE-----
Generated at Mon May 12 16:18:51 2025 by rpki-client