Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ypxfOPSkYVMenf154x3yLQrzunE.roa
File: ypxfOPSkYVMenf154x3yLQrzunE.roa (raw, json)
Hash identifier: nXtnwfvXzHHQ+gXiAyZQTpFfQ3ME8qXPYgFuFIyvZ4A=
Subject key identifier: CA:9C:5F:38:F4:A4:61:53:1E:9D:FD:79:E3:1D:F2:2D:0A:F3:BA:71
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8CBD9251B509268ADEF7160E58295DE0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ypxfOPSkYVMenf154x3yLQrzunE.roa
Signing time: Wed 01 Nov 2023 21:15:15 +0000
ROA not before: Wed 01 Nov 2023 21:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:bd:92:51:b5:09:26:8a:de:f7:16:0e:58:29:5d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 21:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca9c5f38f4a461531e9dfd79e31df22d0af3ba71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a8:5e:57:88:cd:d8:cd:c3:17:57:36:b3:d2:
40:2c:40:b9:0f:37:48:f1:41:d2:43:a7:39:e2:41:
79:88:33:83:ce:4e:11:6d:9b:86:24:8d:52:e1:04:
7b:2a:59:c0:4b:86:2e:e1:fb:86:87:a2:e7:d5:bf:
6b:2c:66:01:9e:e5:c0:81:4a:50:65:81:3c:80:3b:
57:12:88:16:8b:3a:15:40:a3:c7:01:7c:67:82:10:
d2:68:d2:d6:76:4a:00:6f:9f:13:50:b4:2d:3f:43:
b0:8e:62:14:6c:c5:38:6b:ac:9f:3f:bb:49:fb:c6:
5b:34:28:00:f1:dd:ef:80:c4:11:73:73:c7:2b:97:
9c:39:79:64:c2:3a:df:57:9b:04:b9:87:36:ca:02:
16:dc:34:90:df:dc:c2:d1:d8:49:2e:89:0b:1c:e8:
e8:44:52:d5:b3:c6:27:d9:f1:9b:32:41:88:49:84:
69:44:de:66:0a:47:29:6e:5d:1f:03:5d:45:88:f1:
e9:a4:7b:86:76:b1:3d:98:fb:bc:71:c6:1a:95:3f:
62:a4:3d:af:e3:68:c9:63:f7:03:ff:c8:1e:9e:e8:
e8:ea:37:b9:bf:9e:1a:db:4f:53:da:35:b0:b4:19:
de:4d:47:c2:34:df:24:4a:9b:ef:ef:af:c8:0a:10:
e2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:9C:5F:38:F4:A4:61:53:1E:9D:FD:79:E3:1D:F2:2D:0A:F3:BA:71
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ypxfOPSkYVMenf154x3yLQrzunE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:50:bb:25:9a:d8:d8:52:8f:33:bf:3f:e5:79:19:5c:78:dc:
05:5b:90:6e:41:6b:cc:2f:5b:10:ba:3a:43:47:3d:db:83:77:
2b:2b:f7:42:74:80:ba:d2:fe:6b:6b:4b:22:d8:67:bb:c4:09:
66:73:3e:a1:0f:35:37:3f:68:50:07:d3:ee:8e:b7:6a:ac:ec:
3c:6a:e4:7a:47:5b:27:f2:97:d8:53:a8:40:b9:e1:fc:54:6d:
d8:89:d8:40:35:29:15:59:e0:7a:a0:a5:c5:fd:b2:ab:d9:38:
36:01:31:37:9a:c1:4f:c1:3e:31:12:ac:70:7a:2d:ac:94:a1:
bc:28:5b:a4:c9:86:f2:54:bf:08:0d:fb:cd:cd:c8:c2:a7:6a:
9a:eb:06:24:64:2a:1a:69:48:44:a5:92:ff:63:19:77:56:fa:
aa:4e:53:95:1e:ac:9f:ce:ce:57:12:25:d4:c8:39:b5:83:3a:
53:64:22:e3:a5:ca:c5:83:85:3f:00:12:5a:c0:11:71:ba:0f:
f6:2c:70:a1:21:95:ba:5f:27:0a:22:d1:58:99:bf:f9:92:ac:
df:a4:52:86:8f:e6:e6:65:ba:9b:60:7d:90:9c:9b:31:01:9c:
97:aa:46:02:e7:75:7a:45:53:cc:08:03:1e:1e:b3:fc:fc:1c:
f4:5d:9e:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuMvZJRtQkmit73Fg5YKV3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMjExNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTljNWYzOGY0YTQ2MTUzMWU5ZGZkNzllMzFkZjIyZDBhZjNiYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaheV4jN2M3DF1c2s9JALEC5DzdI
8UHSQ6c54kF5iDODzk4RbZuGJI1S4QR7KlnAS4Yu4fuGh6Ln1b9rLGYBnuXAgUpQ
ZYE8gDtXEogWizoVQKPHAXxnghDSaNLWdkoAb58TULQtP0OwjmIUbMU4a6yfP7tJ
+8ZbNCgA8d3vgMQRc3PHK5ecOXlkwjrfV5sEuYc2ygIW3DSQ39zC0dhJLokLHOjo
RFLVs8Yn2fGbMkGISYRpRN5mCkcpbl0fA11FiPHppHuGdrE9mPu8ccYalT9ipD2v
42jJY/cD/8genujo6je5v54a209T2jWwtBneTUfCNN8kSpvv76/IChDiBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMqcXzj0pGFTHp39eeMd8i0K87pxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveXB4Zk9QU2tZVk1lbmYxNTR4M3lMUXJ6dW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE1QuyWa2NhSjzO/P+V5
GVx43AVbkG5Ba8wvWxC6OkNHPduDdysr90J0gLrS/mtrSyLYZ7vECWZzPqEPNTc/
aFAH0+6Ot2qs7Dxq5HpHWyfyl9hTqEC54fxUbdiJ2EA1KRVZ4HqgpcX9sqvZODYB
MTeawU/BPjESrHB6LayUobwoW6TJhvJUvwgN+83NyMKnaprrBiRkKhppSESlkv9j
GXdW+qpOU5UerJ/OzlcSJdTIObWDOlNkIuOlysWDhT8AElrAEXG6D/YscKEhlbpf
Jwoi0ViZv/mSrN+kUoaP5uZluptgfZCcmzEBnJeqRgLndXpFU8wIAx4es/z8HPRd
njQ=
-----END CERTIFICATE-----
Generated at Wed May 14 07:58:28 2025 by rpki-client