Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yToPKNVZQ-xSPj3_tnZWeDv5tZY.roa
File: yToPKNVZQ-xSPj3_tnZWeDv5tZY.roa (raw, json)
Hash identifier: cuAVOyxxPeY9noPQFWyOiBkWfnUwzBOwzFfZroVtaE4=
Subject key identifier: C9:3A:0F:28:D5:59:43:EC:52:3E:3D:FF:B6:76:56:78:3B:F9:B5:96
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AED0F0A8B3F8DE424FEEFF2377E110E0A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yToPKNVZQ-xSPj3_tnZWeDv5tZY.roa
Signing time: Sun 01 Oct 2023 21:05:00 +0000
ROA not before: Sun 01 Oct 2023 21:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:ed0e:43a2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ed:0f:0a:8b:3f:8d:e4:24:fe:ef:f2:37:7e:11:0e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 21:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c93a0f28d55943ec523e3dffb67656783bf9b596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f9:0d:78:28:71:2c:8f:5c:39:1c:62:ed:49:
18:b1:73:3c:cf:3a:4a:3a:67:bd:1c:cf:23:76:77:
bc:ad:11:0f:74:6f:7c:25:6d:7a:94:51:68:ce:1d:
82:16:79:e3:42:25:cf:c3:4a:27:a2:24:44:6d:ff:
e7:6e:9c:e4:93:08:76:12:7a:bb:e8:70:1f:83:7d:
c8:e2:b1:c2:e8:07:5b:90:83:23:6e:26:98:da:c8:
3e:44:6f:9f:23:89:0d:f6:8d:fd:27:cb:b2:f5:cb:
66:62:66:51:d9:ff:10:ae:d2:b6:73:c0:2f:69:b2:
99:4f:55:a2:75:47:20:44:f3:13:a4:d0:0f:45:b6:
fc:d6:a5:cf:ac:86:fb:75:80:d0:32:bd:ba:36:e0:
ff:15:55:6c:fd:5e:79:70:44:45:14:db:62:10:55:
e3:1b:fe:62:2f:1e:04:6a:f0:b7:a1:06:f4:a3:2d:
70:d4:d9:0c:c1:ad:a2:8a:f1:f3:56:3e:62:1f:1c:
11:a4:73:9f:bb:8b:23:d4:4a:99:54:31:b9:b8:50:
2e:84:e3:2b:fa:38:1b:4c:51:84:31:71:a3:52:e9:
a0:74:26:da:d7:1e:2c:18:f0:d8:47:b4:ef:9f:60:
3b:5c:86:89:ce:75:08:78:13:99:04:23:5f:63:ef:
a1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3A:0F:28:D5:59:43:EC:52:3E:3D:FF:B6:76:56:78:3B:F9:B5:96
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yToPKNVZQ-xSPj3_tnZWeDv5tZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:d2:e2:a7:b6:d0:3a:60:87:9b:c2:8c:23:64:e6:32:a8:ca:
f9:7c:df:08:05:95:8c:f3:f5:ed:65:0c:a2:9b:fe:6d:50:e7:
3b:f7:eb:91:ce:de:33:38:89:08:fe:c1:fa:20:da:b7:e9:6d:
db:16:3b:55:69:c1:2a:f8:5e:04:88:06:9c:b7:22:a5:28:9d:
06:c3:4b:45:16:41:b4:a9:73:a3:80:c1:0c:b0:ae:8a:4e:5d:
9f:4f:94:8e:ab:0b:2b:aa:2d:7a:3b:8e:99:ca:9a:d9:ca:66:
f2:d6:96:97:fa:09:a7:6d:aa:73:4c:07:fa:9b:2c:07:ea:2f:
5e:86:e9:7f:d4:a7:d0:05:c4:53:28:72:07:0e:8c:d1:6e:00:
bf:09:c9:c8:c3:75:90:75:be:67:64:ae:08:27:99:22:7d:58:
7b:83:3d:20:cc:ff:75:72:d5:bd:35:b6:d1:31:f1:62:c3:18:
8d:0b:18:3a:3b:e3:b4:5a:07:37:80:31:57:c3:77:fd:6a:34:
e7:43:45:16:68:03:53:24:d2:69:d1:94:f7:f8:29:19:4b:35:
8d:f4:4f:0d:d8:47:30:63:f5:61:19:c1:29:d1:8c:40:8a:32:
d8:04:f9:c1:f5:6c:33:76:3c:f5:1c:51:16:8b:5a:23:01:da:
1d:e2:8b:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrtDwqLP43kJP7v8jd+EQ4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMjEwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNhMGYyOGQ1NTk0M2VjNTIzZTNkZmZiNjc2NTY3ODNiZjliNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPkNeChxLI9cORxi7UkYsXM8zzpK
Ome9HM8jdne8rREPdG98JW16lFFozh2CFnnjQiXPw0onoiREbf/nbpzkkwh2Enq7
6HAfg33I4rHC6AdbkIMjbiaY2sg+RG+fI4kN9o39J8uy9ctmYmZR2f8QrtK2c8Av
abKZT1WidUcgRPMTpNAPRbb81qXPrIb7dYDQMr26NuD/FVVs/V55cERFFNtiEFXj
G/5iLx4EavC3oQb0oy1w1NkMwa2iivHzVj5iHxwRpHOfu4sj1EqZVDG5uFAuhOMr
+jgbTFGEMXGjUumgdCba1x4sGPDYR7Tvn2A7XIaJznUIeBOZBCNfY++hJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMk6DyjVWUPsUj49/7Z2Vng7+bWWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveVRvUEtOVlpRLXhTUGozX3RuWldlRHY1dFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIDS4qe20Dpgh5vCjCNk
5jKoyvl83wgFlYzz9e1lDKKb/m1Q5zv365HO3jM4iQj+wfog2rfpbdsWO1VpwSr4
XgSIBpy3IqUonQbDS0UWQbSpc6OAwQywropOXZ9PlI6rCyuqLXo7jpnKmtnKZvLW
lpf6CadtqnNMB/qbLAfqL16G6X/Up9AFxFMocgcOjNFuAL8JycjDdZB1vmdkrggn
mSJ9WHuDPSDM/3Vy1b01ttEx8WLDGI0LGDo747RaBzeAMVfDd/1qNOdDRRZoA1Mk
0mnRlPf4KRlLNY30Tw3YRzBj9WEZwSnRjECKMtgE+cH1bDN2PPUcURaLWiMB2h3i
i6Y=
-----END CERTIFICATE-----
Generated at Tue May 13 15:00:34 2025 by rpki-client