Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yWco--FEBJy067ZPwNc6Bf7jSTY.roa
File: yWco--FEBJy067ZPwNc6Bf7jSTY.roa (raw, json)
Hash identifier: dUD8qCkaD4Rq8JjfGJrza7gpuK+wAOlZJJr6PCRRd50=
Subject key identifier: C9:67:28:FB:E1:44:04:9C:B4:EB:B6:4F:C0:D7:3A:05:FE:E3:49:36
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7F6D1BEE5FC4945A5BF7D292CE9C61DE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yWco--FEBJy067ZPwNc6Bf7jSTY.roa
Signing time: Tue 19 Dec 2023 00:15:06 +0000
ROA not before: Tue 19 Dec 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7f:6d:1b:ee:5f:c4:94:5a:5b:f7:d2:92:ce:9c:61:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c96728fbe144049cb4ebb64fc0d73a05fee34936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:73:bc:b5:f3:11:9d:f6:aa:56:30:2c:09:ff:
f0:04:c8:8e:cd:d6:04:35:10:9b:4e:ec:a6:fc:f1:
ef:32:a2:37:95:8d:84:b6:69:65:35:73:71:3d:fd:
da:d8:c2:0c:23:f3:ce:5c:0a:70:4c:3b:aa:68:ae:
16:b2:23:21:25:88:11:6d:8a:b2:0a:c4:8c:9a:d5:
b0:e2:71:dc:25:e9:75:8f:f0:fe:13:a3:bb:23:5d:
f9:65:0c:5b:de:48:85:31:a2:bd:08:04:0c:4e:8f:
b6:c3:b4:50:c5:7a:16:46:75:a5:be:c7:a6:6d:67:
3e:3c:0d:7b:84:9f:29:0a:a5:e7:3f:cd:70:df:95:
32:5a:8c:93:9f:d4:2b:dd:32:2a:31:57:0c:cd:a9:
2b:ec:f1:b5:72:0f:fa:74:c3:cd:4e:dd:f2:fd:16:
2d:f2:97:61:d5:49:9d:70:6e:3b:98:be:3b:c6:46:
a2:64:92:66:dd:38:a3:17:6b:83:ba:b2:b9:e7:0f:
54:fc:f7:0c:8a:67:6d:84:3b:6a:70:8c:24:e2:0e:
d4:de:de:19:8d:b3:20:d7:28:c4:82:04:aa:d2:56:
ba:e5:44:f3:21:4f:16:d3:22:ab:8b:5b:98:cd:6d:
67:ec:c8:1b:0c:55:e6:8c:dc:cc:82:76:82:99:fe:
32:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:67:28:FB:E1:44:04:9C:B4:EB:B6:4F:C0:D7:3A:05:FE:E3:49:36
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yWco--FEBJy067ZPwNc6Bf7jSTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b7:1f:3c:e7:c2:6d:d5:34:10:6e:6c:71:a1:7a:c1:80:7d:87:
2e:96:e9:ec:d3:94:a3:c3:92:f6:2e:d6:f2:30:47:da:83:f1:
7c:86:ef:d3:e1:ea:a5:da:62:c0:53:46:24:88:a4:31:84:94:
24:3f:19:4a:ba:bc:46:12:41:86:d9:15:22:3c:51:ae:bd:7a:
3a:7b:d1:19:1d:c6:37:9c:c8:a7:4c:31:d1:ec:7d:dd:88:2c:
28:86:9d:9c:15:25:42:f3:42:67:ee:4e:bc:1d:87:2d:6f:5d:
53:52:60:ff:28:5a:25:73:52:48:fd:a9:3c:db:0c:bd:26:fb:
52:05:0f:71:8c:26:02:75:9b:e9:e7:88:e7:d2:86:8b:44:0b:
a5:ad:ec:0e:a4:0b:55:37:86:9c:9e:60:4e:eb:15:a8:77:5c:
ed:e8:e2:c1:49:50:bf:04:58:24:dc:6c:ed:aa:fe:bc:f6:13:
76:4b:f1:de:e0:a4:38:84:35:cd:77:3a:9a:7e:79:44:51:04:
58:45:50:87:bb:4b:77:c2:31:83:dc:de:e3:cf:cd:56:fa:be:
5d:3e:e3:1d:0a:00:5e:99:ff:1e:48:5f:d3:1a:35:69:de:70:
99:98:15:86:26:e5:cf:3b:72:af:be:f4:53:fb:71:ea:0d:a0:
68:fa:a0:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx/bRvuX8SUWlv30pLOnGHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY3MjhmYmUxNDQwNDljYjRlYmI2NGZjMGQ3M2EwNWZlZTM0OTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XO8tfMRnfaqVjAsCf/wBMiOzdYE
NRCbTuym/PHvMqI3lY2EtmllNXNxPf3a2MIMI/POXApwTDuqaK4WsiMhJYgRbYqy
CsSMmtWw4nHcJel1j/D+E6O7I135ZQxb3kiFMaK9CAQMTo+2w7RQxXoWRnWlvsem
bWc+PA17hJ8pCqXnP81w35UyWoyTn9Qr3TIqMVcMzakr7PG1cg/6dMPNTt3y/RYt
8pdh1UmdcG47mL47xkaiZJJm3TijF2uDurK55w9U/PcMimdthDtqcIwk4g7U3t4Z
jbMg1yjEggSq0la65UTzIU8W0yKri1uYzW1n7MgbDFXmjNzMgnaCmf4yZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMlnKPvhRASctOu2T8DXOgX+40k2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveVdjby0tRkVCSnkwNjdaUHdOYzZCZjdqU1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALcfPOfCbdU0EG5scaF6
wYB9hy6W6ezTlKPDkvYu1vIwR9qD8XyG79Ph6qXaYsBTRiSIpDGElCQ/GUq6vEYS
QYbZFSI8Ua69ejp70RkdxjecyKdMMdHsfd2ILCiGnZwVJULzQmfuTrwdhy1vXVNS
YP8oWiVzUkj9qTzbDL0m+1IFD3GMJgJ1m+nniOfShotEC6Wt7A6kC1U3hpyeYE7r
Fah3XO3o4sFJUL8EWCTcbO2q/rz2E3ZL8d7gpDiENc13Opp+eURRBFhFUIe7S3fC
MYPc3uPPzVb6vl0+4x0KAF6Z/x5IX9MaNWnecJmYFYYm5c87cq++9FP7ceoNoGj6
oAA=
-----END CERTIFICATE-----
Generated at Sun May 11 15:04:46 2025 by rpki-client