Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yyKCHOE_oTysf38jKe0BsEBLt1c.roa
File: yyKCHOE_oTysf38jKe0BsEBLt1c.roa (raw, json)
Hash identifier: JxSkMLHVUenyfOUOAKhsBQH7kIJkbccCwI5U7XGUJCg=
Subject key identifier: CB:22:82:1C:E1:3F:A1:3C:AC:7F:7F:23:29:ED:01:B0:40:4B:B7:57
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3AC67511F212A804AE3598A2276E6198
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yyKCHOE_oTysf38jKe0BsEBLt1c.roa
Signing time: Mon 16 Oct 2023 23:16:06 +0000
ROA not before: Mon 16 Oct 2023 23:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3a:c6:75:11:f2:12:a8:04:ae:35:98:a2:27:6e:61:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 23:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb22821ce13fa13cac7f7f2329ed01b0404bb757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6d:09:db:b3:78:3e:22:c3:12:20:55:c1:b5:
10:07:00:e2:e5:a3:f1:ec:f4:5d:f1:97:91:68:da:
27:a6:dd:3e:91:2a:27:cc:c5:fb:cd:c2:b8:5f:5b:
bf:ea:88:fe:09:eb:16:0c:c6:82:ac:94:98:3e:71:
40:db:4b:df:73:c9:5c:0e:b6:49:dd:24:57:fc:e6:
59:bc:cd:58:cb:38:d1:1a:8d:9d:23:40:21:b1:d0:
d6:29:5d:f2:73:0c:0f:81:74:9b:05:b5:9b:be:ac:
80:32:be:ba:69:27:98:b1:7a:d6:de:0e:6f:72:9d:
9c:dd:4a:0c:34:6b:08:87:85:61:ca:b0:67:42:ac:
51:08:b4:07:e2:b0:f7:8d:9d:8b:a8:e1:94:0c:27:
05:17:b4:04:96:22:66:3b:94:3e:d6:a2:6c:78:ce:
07:3e:b4:22:5b:36:66:ee:ae:a9:9b:06:fc:79:2d:
fc:af:a5:9d:c6:f7:a1:ac:5b:8c:f5:81:ec:ea:ab:
83:e0:63:94:f7:45:d3:94:99:ad:6a:3d:06:30:12:
d6:94:ba:b2:51:4e:e6:bd:45:b2:ba:07:0e:74:03:
5f:86:51:da:78:88:d1:fe:3b:82:54:90:14:a2:ca:
76:32:ff:6c:24:49:ef:c8:a6:ea:2a:d5:8e:a8:b2:
2f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:22:82:1C:E1:3F:A1:3C:AC:7F:7F:23:29:ED:01:B0:40:4B:B7:57
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yyKCHOE_oTysf38jKe0BsEBLt1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:76:4a:7e:b9:88:be:b7:68:5a:f9:63:71:35:3a:f5:29:37:
8b:bc:57:4e:d4:2b:9f:e7:51:b4:45:a8:2f:42:b3:5d:d3:27:
f1:29:41:75:99:26:d2:8a:65:33:62:1e:b7:c2:6a:93:d5:54:
08:1d:ee:5e:34:61:f5:47:2c:5a:c4:24:f8:b0:c9:cd:9e:87:
26:14:d4:db:b3:d2:00:ad:32:e0:3b:d6:81:ef:26:62:05:bc:
bb:65:a2:ed:50:23:66:a9:93:c3:5e:6f:3c:66:e4:d3:c6:0c:
fa:1c:08:9e:6b:cf:5c:01:36:a6:79:54:b8:04:b0:4c:80:1b:
43:f6:27:5d:1a:65:e2:0d:e7:73:95:3b:53:2d:99:1c:0c:56:
3a:fe:1e:4d:7d:86:b4:d6:c6:56:80:d9:15:83:54:6a:95:39:
52:cd:85:89:7f:cc:e8:3b:3c:c4:ad:47:82:f2:db:6e:67:62:
e0:61:bd:8a:3c:a6:c8:55:c2:17:d4:a8:46:7e:16:92:ab:80:
43:83:ed:6a:45:07:1e:d2:c9:b8:ac:7a:45:93:4a:65:99:c4:
b2:eb:3b:41:62:80:d0:fe:85:ea:ad:54:d6:84:e6:63:70:4d:
53:93:12:c4:8e:ee:27:cb:d8:1a:ef:37:3b:6b:aa:84:06:38:
f1:36:61:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs6xnUR8hKoBK41mKInbmGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MjMxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjIyODIxY2UxM2ZhMTNjYWM3ZjdmMjMyOWVkMDFiMDQwNGJiNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW0J27N4PiLDEiBVwbUQBwDi5aPx
7PRd8ZeRaNonpt0+kSonzMX7zcK4X1u/6oj+CesWDMaCrJSYPnFA20vfc8lcDrZJ
3SRX/OZZvM1YyzjRGo2dI0AhsdDWKV3ycwwPgXSbBbWbvqyAMr66aSeYsXrW3g5v
cp2c3UoMNGsIh4VhyrBnQqxRCLQH4rD3jZ2LqOGUDCcFF7QEliJmO5Q+1qJseM4H
PrQiWzZm7q6pmwb8eS38r6WdxvehrFuM9YHs6quD4GOU90XTlJmtaj0GMBLWlLqy
UU7mvUWyugcOdANfhlHaeIjR/juCVJAUosp2Mv9sJEnvyKbqKtWOqLIvgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMsighzhP6E8rH9/IyntAbBAS7dXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveXlLQ0hPRV9vVHlzZjM4aktlMEJzRUJMdDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHp2Sn65iL63aFr5Y3E1
OvUpN4u8V07UK5/nUbRFqC9Cs13TJ/EpQXWZJtKKZTNiHrfCapPVVAgd7l40YfVH
LFrEJPiwyc2ehyYU1Nuz0gCtMuA71oHvJmIFvLtlou1QI2apk8Nebzxm5NPGDPoc
CJ5rz1wBNqZ5VLgEsEyAG0P2J10aZeIN53OVO1MtmRwMVjr+Hk19hrTWxlaA2RWD
VGqVOVLNhYl/zOg7PMStR4Ly225nYuBhvYo8pshVwhfUqEZ+FpKrgEOD7WpFBx7S
ybisekWTSmWZxLLrO0FigND+heqtVNaE5mNwTVOTEsSO7ifL2BrvNztrqoQGOPE2
YR4=
-----END CERTIFICATE-----
Generated at Sun May 11 20:05:16 2025 by rpki-client