Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yf0yhgHJoYaAKWNFKTVnJHzF-uU.roa
File: yf0yhgHJoYaAKWNFKTVnJHzF-uU.roa (raw, json)
Hash identifier: dfzLplReDUZ7VYUFVK3V6OVCn5040OcXpUpGrnPOv9g=
Subject key identifier: C9:FD:32:86:01:C9:A1:86:80:29:63:45:29:35:67:24:7C:C5:FA:E5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C68DC22A2970B03A99E98B6F2E3F8F194
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yf0yhgHJoYaAKWNFKTVnJHzF-uU.roa
Signing time: Thu 14 Dec 2023 15:05:06 +0000
ROA not before: Thu 14 Dec 2023 15:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:68db:812a/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:dc:22:a2:97:0b:03:a9:9e:98:b6:f2:e3:f8:f1:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 15:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9fd328601c9a18680296345293567247cc5fae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:00:20:75:b2:43:72:3c:b7:7e:e7:17:af:18:
9f:8f:94:66:fa:c2:a9:fa:3a:fe:a3:3a:6c:77:c7:
1d:c0:9f:e4:76:22:e9:0c:2e:7b:dc:25:ab:78:e6:
ed:fa:c4:b3:41:fb:10:00:de:3f:8f:ff:fe:dd:cc:
98:4a:bd:79:f8:cb:d5:83:de:d2:42:80:af:db:74:
20:19:19:d5:19:7a:39:26:0f:3d:b8:4c:4e:3d:f2:
c9:e0:f0:47:75:af:40:36:44:2f:24:e4:2e:04:ca:
7e:6e:38:2c:e1:ca:c2:31:48:7e:4c:ba:e0:ad:c8:
d3:3f:db:c7:20:f1:41:2c:05:67:60:1b:1b:80:1d:
8c:2c:d8:57:0c:07:d3:a1:23:70:e0:20:05:f8:0c:
85:cf:03:67:d1:23:51:36:d3:65:34:02:d3:cc:26:
92:cc:a0:0b:f4:da:2b:7d:82:0b:53:ee:ee:30:e0:
29:8c:1c:8e:09:c5:eb:e3:59:62:4e:7c:c5:14:fb:
3a:e5:df:22:0e:e3:f3:47:12:fa:29:4e:7b:83:39:
f4:26:37:82:cb:11:73:a2:62:3a:a0:17:94:ba:8d:
b7:c9:36:af:a3:4c:55:77:6c:1a:48:80:f5:df:b2:
a5:fd:f4:f8:45:0d:a7:48:8e:30:c8:29:85:80:17:
6e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FD:32:86:01:C9:A1:86:80:29:63:45:29:35:67:24:7C:C5:FA:E5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yf0yhgHJoYaAKWNFKTVnJHzF-uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:9c:97:59:c0:cb:4e:27:75:c6:95:2f:11:66:e1:d0:74:08:
23:a2:8a:ff:fb:5a:ec:06:ab:6f:f2:17:17:51:61:f9:de:a6:
9c:f3:ed:5f:d1:c6:b8:58:09:88:9c:0a:41:af:2e:cd:c6:da:
4e:fd:70:37:96:e1:be:c0:49:d7:70:fa:62:4f:f5:0b:85:d6:
61:14:02:48:0a:f7:35:f6:b5:7d:a6:eb:f2:27:4d:ef:78:a1:
94:92:09:86:d6:65:18:f7:e7:a6:83:e4:ea:53:5b:e4:fb:ec:
1f:0f:d5:c5:ac:ea:98:3f:e4:0a:49:db:73:c3:ba:73:8f:be:
38:da:2f:63:68:15:b3:98:92:4c:52:6f:ec:d2:22:91:66:13:
69:9b:e1:bb:5a:bc:42:96:f4:e3:09:5c:33:ec:94:53:97:6b:
d4:51:f2:84:65:9e:d6:b6:c3:88:73:60:3e:a9:03:16:72:df:
12:59:28:1a:e7:f5:9a:26:46:d9:f5:3e:4b:8d:55:ea:17:36:
f3:74:56:d7:13:af:87:e6:77:91:9c:9a:3f:bf:1c:0c:e8:ae:
63:ca:1a:d5:ed:7e:8c:da:46:8f:90:5b:45:44:41:0c:9a:d8:
08:d0:77:e8:77:6f:20:a8:60:de:91:ac:65:c8:e7:e3:9d:ae:
68:17:50:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxo3CKilwsDqZ6YtvLj+PGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MTUwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWZkMzI4NjAxYzlhMTg2ODAyOTYzNDUyOTM1NjcyNDdjYzVmYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQAgdbJDcjy3fucXrxifj5Rm+sKp
+jr+ozpsd8cdwJ/kdiLpDC573CWreObt+sSzQfsQAN4/j//+3cyYSr15+MvVg97S
QoCv23QgGRnVGXo5Jg89uExOPfLJ4PBHda9ANkQvJOQuBMp+bjgs4crCMUh+TLrg
rcjTP9vHIPFBLAVnYBsbgB2MLNhXDAfToSNw4CAF+AyFzwNn0SNRNtNlNALTzCaS
zKAL9NorfYILU+7uMOApjByOCcXr41liTnzFFPs65d8iDuPzRxL6KU57gzn0JjeC
yxFzomI6oBeUuo23yTavo0xVd2waSID137Kl/fT4RQ2nSI4wyCmFgBduHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMn9MoYByaGGgCljRSk1ZyR8xfrlMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveWYweWhnSEpvWWFBS1dORktUVm5KSHpGLXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA+cl1nAy04ndcaVLxFm
4dB0CCOiiv/7WuwGq2/yFxdRYfneppzz7V/RxrhYCYicCkGvLs3G2k79cDeW4b7A
Sddw+mJP9QuF1mEUAkgK9zX2tX2m6/InTe94oZSSCYbWZRj356aD5OpTW+T77B8P
1cWs6pg/5ApJ23PDunOPvjjaL2NoFbOYkkxSb+zSIpFmE2mb4btavEKW9OMJXDPs
lFOXa9RR8oRlnta2w4hzYD6pAxZy3xJZKBrn9ZomRtn1PkuNVeoXNvN0VtcTr4fm
d5Gcmj+/HAzormPKGtXtfozaRo+QW0VEQQya2AjQd+h3byCoYN6RrGXI5+OdrmgX
UA8=
-----END CERTIFICATE-----
Generated at Sat May 10 12:25:09 2025 by rpki-client