Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y2mkJ7UJE7cfJNvQ0zDQIJZvQZc.roa
File: y2mkJ7UJE7cfJNvQ0zDQIJZvQZc.roa (raw, json)
Hash identifier: X0BL50WvP8ymEGa6TWAB26jH7o+yw+bgenU22e4Anyk=
Subject key identifier: CB:69:A4:27:B5:09:13:B7:1F:24:DB:D0:D3:30:D0:20:96:6F:41:97
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5B5771E9B218FAFD5766DEF6D3A9EA45
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y2mkJ7UJE7cfJNvQ0zDQIJZvQZc.roa
Signing time: Tue 12 Dec 2023 00:05:06 +0000
ROA not before: Tue 12 Dec 2023 00:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:5b56:b20b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5b:57:71:e9:b2:18:fa:fd:57:66:de:f6:d3:a9:ea:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 00:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb69a427b50913b71f24dbd0d330d020966f4197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:88:d6:85:ca:2d:99:6a:71:37:f9:60:42:
ff:48:dc:d8:ac:c5:93:e9:af:0e:ab:2a:d4:ec:f0:
7c:bf:64:70:ce:38:9a:8c:41:bf:b6:11:53:09:35:
8f:e9:a9:9a:86:14:0c:c5:f3:6b:61:e5:42:1c:ba:
ab:3e:80:bb:a7:09:f8:e0:52:46:a3:79:d6:5f:53:
2d:cd:09:d0:23:87:3f:ec:66:37:ae:2f:04:c9:bf:
85:5a:78:a3:63:cd:27:2a:6c:52:a7:ab:1b:e8:81:
2c:59:66:85:da:cd:0d:91:01:02:37:68:3c:b9:c2:
07:89:3e:5c:9c:d2:a8:df:51:a2:02:2c:b4:26:d4:
5e:c2:a9:6d:3e:95:70:e8:f9:0b:e1:42:e2:c7:0f:
1d:8d:38:b7:08:e1:89:f7:ec:62:43:66:4b:de:d6:
23:b6:d9:57:12:73:90:74:9b:b3:b9:2e:6a:df:96:
e9:42:b4:4b:83:0f:93:ae:33:b8:a6:f8:0a:3d:5e:
c4:31:eb:ff:3d:25:61:f6:f4:c8:5f:c4:96:b1:21:
ba:a2:5d:68:00:98:45:39:59:27:f0:4a:91:e0:08:
0b:17:5d:28:69:20:1d:53:4e:28:0c:0e:73:d0:2e:
92:79:4f:1c:92:bd:68:62:c9:23:df:a7:0a:c4:ed:
31:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:69:A4:27:B5:09:13:B7:1F:24:DB:D0:D3:30:D0:20:96:6F:41:97
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y2mkJ7UJE7cfJNvQ0zDQIJZvQZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:42:9a:12:d1:68:9c:1e:7f:3e:d4:48:11:ee:fc:0d:64:2d:
17:72:2a:be:49:01:71:bc:d5:38:52:c5:f5:f4:5f:9c:4c:44:
cf:b0:35:d0:3e:02:52:15:2d:6d:12:7f:9c:f5:19:30:83:2f:
91:29:dc:19:b4:e6:bf:45:1e:17:4d:b9:85:55:77:00:04:b2:
25:74:8b:a2:3c:ec:1a:b2:88:ea:b8:fb:ff:b9:7e:3e:1e:4c:
f7:19:06:63:13:ef:13:20:d5:f5:1e:3d:5e:a9:af:bb:c5:89:
80:af:97:5e:68:ca:6e:04:94:d1:c3:4c:02:cf:ae:e0:d8:ec:
26:bf:20:76:ab:9f:68:91:7f:db:9b:f2:d8:ed:04:65:34:1e:
55:a2:32:b4:f1:db:3f:b1:09:b4:3a:29:e8:22:c5:78:aa:2c:
e5:50:13:9a:8c:8d:8e:63:49:ec:ee:be:a2:d2:f5:c8:6b:9b:
28:0a:44:79:d5:fd:70:d0:f2:59:32:4b:00:33:b6:43:e8:a8:
27:64:92:f3:b1:c1:cf:3f:4a:39:fb:4d:e7:db:16:18:f1:e3:
88:a8:33:51:41:ee:f0:e3:ba:48:c7:26:20:55:e4:8b:9d:5c:
fb:ab:8b:0d:f7:b2:20:f5:e3:3c:c3:49:ca:8b:6a:04:df:5c:
3d:ce:e3:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxbV3Hpshj6/Vdm3vbTqepFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMDAwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY5YTQyN2I1MDkxM2I3MWYyNGRiZDBkMzMwZDAyMDk2NmY0MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphmI1oXKLZlqcTf5YEL/SNzYrMWT
6a8OqyrU7PB8v2RwzjiajEG/thFTCTWP6amahhQMxfNrYeVCHLqrPoC7pwn44FJG
o3nWX1MtzQnQI4c/7GY3ri8Eyb+FWnijY80nKmxSp6sb6IEsWWaF2s0NkQECN2g8
ucIHiT5cnNKo31GiAiy0JtRewqltPpVw6PkL4ULixw8djTi3COGJ9+xiQ2ZL3tYj
ttlXEnOQdJuzuS5q35bpQrRLgw+TrjO4pvgKPV7EMev/PSVh9vTIX8SWsSG6ol1o
AJhFOVkn8EqR4AgLF10oaSAdU04oDA5z0C6SeU8ckr1oYskj36cKxO0xwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMtppCe1CRO3HyTb0NMw0CCWb0GXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveTJta0o3VUpFN2NmSk52UTB6RFFJSlp2UVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1CmhLRaJwefz7USBHu
/A1kLRdyKr5JAXG81ThSxfX0X5xMRM+wNdA+AlIVLW0Sf5z1GTCDL5Ep3Bm05r9F
HhdNuYVVdwAEsiV0i6I87BqyiOq4+/+5fj4eTPcZBmMT7xMg1fUePV6pr7vFiYCv
l15oym4ElNHDTALPruDY7Ca/IHarn2iRf9ub8tjtBGU0HlWiMrTx2z+xCbQ6Kegi
xXiqLOVQE5qMjY5jSezuvqLS9chrmygKRHnV/XDQ8lkySwAztkPoqCdkkvOxwc8/
Sjn7TefbFhjx44ioM1FB7vDjukjHJiBV5IudXPuriw33siD14zzDScqLagTfXD3O
4yE=
-----END CERTIFICATE-----
Generated at Sun May 11 16:43:29 2025 by rpki-client