Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yJCacKjI5-maY2W2YD2x0yKpYVI.roa
File: yJCacKjI5-maY2W2YD2x0yKpYVI.roa (raw, json)
Hash identifier: IaZN3bGX5U6xvxWwKjYQOUoU9WhvLsXBd63BhiWThbk=
Subject key identifier: C8:90:9A:70:A8:C8:E7:E9:9A:63:65:B6:60:3D:B1:D3:22:A9:61:52
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB511B0C33F9D4670B3375C8570531476
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yJCacKjI5-maY2W2YD2x0yKpYVI.roa
Signing time: Thu 09 Nov 2023 17:11:57 +0000
ROA not before: Thu 09 Nov 2023 17:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:11:b0:c3:3f:9d:46:70:b3:37:5c:85:70:53:14:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 9 17:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8909a70a8c8e7e99a6365b6603db1d322a96152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ad:f4:42:11:93:bc:80:77:fe:32:7c:ce:32:
a8:fc:a0:e6:15:2f:7b:85:09:82:f7:ae:5d:58:dd:
25:ac:cd:6e:72:75:2f:6c:fe:d9:b9:ad:a7:14:ce:
cb:7d:3b:86:35:be:c1:50:25:7d:65:6b:6e:6c:ae:
55:97:98:5f:b1:ba:b9:e5:f6:7f:02:b0:f8:c2:af:
7a:ba:31:42:57:8e:6f:ff:e1:0c:60:e9:9a:ce:fc:
04:de:39:6c:47:64:36:f1:3b:10:02:07:d3:29:bb:
85:3f:e4:48:76:26:99:55:63:1e:d3:cb:33:2b:6c:
ea:2a:f9:77:b4:05:98:3b:45:d0:3f:bd:03:bf:f4:
e9:87:cf:23:a7:69:db:fe:5a:72:e8:43:f3:b2:70:
af:73:73:5b:d3:8b:14:14:e9:99:b1:2f:c2:44:c0:
51:34:13:f3:03:b3:79:39:2a:4c:1e:ff:47:48:ac:
b4:2a:56:c8:c2:ea:14:52:4d:72:ba:80:45:cc:28:
7b:a9:db:c1:4d:da:70:f9:a9:b9:73:1b:96:ab:4d:
e4:0b:7a:0b:12:99:bb:a3:e6:74:ed:4c:26:e9:fc:
71:7a:49:8d:7a:85:16:ea:25:a3:0b:de:06:f1:90:
a0:15:69:69:30:3d:4f:89:4f:e4:86:5d:06:e2:c1:
91:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:90:9A:70:A8:C8:E7:E9:9A:63:65:B6:60:3D:B1:D3:22:A9:61:52
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yJCacKjI5-maY2W2YD2x0yKpYVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:c4:e6:ed:6a:2b:c1:78:fa:47:96:39:bd:68:28:21:4a:90:
0b:7c:f5:b1:b2:b5:6e:29:34:76:aa:5f:49:fb:fd:08:88:ec:
48:25:57:92:34:64:4b:37:b8:ef:20:cc:a5:d4:79:55:42:f4:
80:a4:a1:c3:5f:ad:58:3e:58:01:b7:a9:78:92:84:28:e6:ef:
fb:67:02:14:ae:31:48:9b:a2:3f:f7:3b:5d:1b:bf:d5:17:26:
52:8d:96:f3:d4:8d:eb:2e:e3:5f:aa:ab:38:26:2d:e9:62:49:
17:f0:ac:b9:b8:b1:22:83:cc:d1:78:95:fd:bf:bd:bd:c8:6e:
83:92:6b:ff:49:e0:1a:39:79:68:4f:0a:e1:79:8e:2d:7a:75:
f9:32:45:b1:8e:5b:50:b7:84:96:da:b2:da:1f:a9:00:c5:9e:
59:26:04:86:75:16:0a:3a:08:f8:dd:fe:52:47:71:ba:61:d6:
c8:f2:5a:ac:d4:da:fb:b9:e8:4d:18:ee:56:07:9b:a0:7e:6b:
b1:bd:d2:5c:cc:2a:24:57:b9:2a:8a:68:7b:70:30:23:d6:9b:
fc:aa:fa:f1:c9:cb:11:b5:67:b9:58:af:48:11:8e:cf:c9:ba:
f9:dc:28:d9:55:4b:af:40:63:9c:c7:e0:04:34:eb:bf:51:88:
22:7a:d7:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu1EbDDP51GcLM3XIVwUxR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA5MTcxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODkwOWE3MGE4YzhlN2U5OWE2MzY1YjY2MDNkYjFkMzIyYTk2MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq30QhGTvIB3/jJ8zjKo/KDmFS97
hQmC965dWN0lrM1ucnUvbP7Zua2nFM7LfTuGNb7BUCV9ZWtubK5Vl5hfsbq55fZ/
ArD4wq96ujFCV45v/+EMYOmazvwE3jlsR2Q28TsQAgfTKbuFP+RIdiaZVWMe08sz
K2zqKvl3tAWYO0XQP70Dv/Tph88jp2nb/lpy6EPzsnCvc3Nb04sUFOmZsS/CRMBR
NBPzA7N5OSpMHv9HSKy0KlbIwuoUUk1yuoBFzCh7qdvBTdpw+am5cxuWq03kC3oL
Epm7o+Z07Uwm6fxxekmNeoUW6iWjC94G8ZCgFWlpMD1PiU/khl0G4sGRnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMiQmnCoyOfpmmNltmA9sdMiqWFSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveUpDYWNLakk1LW1hWTJXMllEMngweUtwWVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADfE5u1qK8F4+keWOb1o
KCFKkAt89bGytW4pNHaqX0n7/QiI7EglV5I0ZEs3uO8gzKXUeVVC9ICkocNfrVg+
WAG3qXiShCjm7/tnAhSuMUiboj/3O10bv9UXJlKNlvPUjesu41+qqzgmLeliSRfw
rLm4sSKDzNF4lf2/vb3IboOSa/9J4Bo5eWhPCuF5ji16dfkyRbGOW1C3hJbastof
qQDFnlkmBIZ1Fgo6CPjd/lJHcbph1sjyWqzU2vu56E0Y7lYHm6B+a7G90lzMKiRX
uSqKaHtwMCPWm/yq+vHJyxG1Z7lYr0gRjs/JuvncKNlVS69AY5zH4AQ0679RiCJ6
1zs=
-----END CERTIFICATE-----
Generated at Sun May 11 02:08:07 2025 by rpki-client