Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AYLFwnkS3oYKkhEjn8TchKGVdEQ.roa
File: AYLFwnkS3oYKkhEjn8TchKGVdEQ.roa (raw, json)
Hash identifier: N/gTdHCBxNiEuP5/eNBePsxhySjfQfPke9pDa3Tb8gE=
Subject key identifier: 01:82:C5:C2:79:12:DE:86:0A:92:11:23:9F:C4:DC:84:A1:95:74:44
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4C8BDB5433E8EECFFC4B25D2B3DE8868
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AYLFwnkS3oYKkhEjn8TchKGVdEQ.roa
Signing time: Fri 20 Oct 2023 10:05:15 +0000
ROA not before: Fri 20 Oct 2023 10:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:4c8b:b19/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:8b:db:54:33:e8:ee:cf:fc:4b:25:d2:b3:de:88:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 10:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0182c5c27912de860a9211239fc4dc84a1957444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fb:d0:bb:c8:9a:fa:98:12:24:8d:fe:92:c1:
11:1b:7a:a3:d5:ed:72:ce:f6:75:60:1c:ec:81:c0:
17:48:3b:4a:c2:7c:bb:44:42:77:4e:2e:70:dc:f1:
11:74:4e:a6:82:0d:4c:12:2f:d9:cd:af:c9:eb:d0:
b2:c1:1b:66:a5:d2:5a:5b:ef:cf:ad:11:48:a4:3e:
c9:96:a1:37:c1:4b:e4:33:f9:22:98:01:c8:2d:4d:
50:31:88:fe:27:d4:6a:4f:3e:fa:24:76:02:e1:72:
20:c7:a7:45:c9:ce:1f:d0:c1:3b:38:ae:9c:20:62:
02:87:69:9e:ef:82:e3:fd:66:55:c1:e8:99:2d:96:
68:24:07:6d:fc:c3:f5:af:3d:37:6f:99:63:19:0d:
94:af:80:a9:8f:43:b1:ce:45:d7:b3:d9:2e:b4:bb:
0b:80:60:8f:1f:ec:93:6e:dc:c5:0c:d2:c6:6c:8e:
52:c0:82:ee:04:21:90:2f:48:95:20:11:cd:0a:23:
7f:f6:31:e1:a8:ec:ca:02:31:7f:52:d4:a7:72:ba:
18:8b:47:7a:16:c8:5b:b6:1e:c8:b8:33:42:a3:c9:
5e:9b:0a:99:7b:04:ff:d6:06:de:49:80:d9:7e:04:
12:fa:a2:6e:b7:3e:17:5c:6e:00:17:65:0e:cb:8f:
40:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:82:C5:C2:79:12:DE:86:0A:92:11:23:9F:C4:DC:84:A1:95:74:44
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/AYLFwnkS3oYKkhEjn8TchKGVdEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c6:51:a0:53:51:f6:cb:0e:c4:3d:c8:70:dd:75:26:6e:d1:5f:
32:99:7f:c4:10:8f:8c:8e:16:c6:08:f4:66:39:21:91:b0:64:
3a:6a:31:b4:10:e7:60:72:94:d0:7b:78:47:a1:01:db:ef:d0:
67:9a:13:83:d1:35:a5:26:4d:01:0f:d0:0c:4c:34:5c:8b:49:
e9:78:7f:00:36:33:4b:80:9c:1a:d2:9c:1c:28:ed:63:8d:92:
a3:ce:80:56:90:00:e9:7b:5d:03:f9:6d:81:9f:df:ee:79:dc:
35:eb:69:3d:33:6b:32:ec:6d:90:96:7c:14:65:9d:88:83:36:
d9:4c:ef:b4:12:6a:bf:8b:79:bf:70:0e:14:c1:bd:74:cd:69:
30:43:f2:58:fd:f2:e2:bf:af:9f:e2:a4:78:65:1c:a7:e5:0d:
33:ec:4e:f8:cd:97:03:75:d8:51:eb:0f:c0:85:8e:1d:ad:dc:
81:da:41:41:e0:aa:80:a9:53:6d:c2:2f:5d:49:d2:13:aa:72:
b0:95:b3:c4:6d:20:db:fc:8b:57:bf:28:66:32:c4:9a:01:39:
42:81:2d:de:c5:72:34:5d:70:80:d0:dc:a6:95:c2:eb:91:73:
3c:c3:73:42:ed:f5:be:d2:d2:e4:8f:eb:68:8a:d4:19:94:52:
90:76:f3:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtMi9tUM+juz/xLJdKz3ohoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMTAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTgyYzVjMjc5MTJkZTg2MGE5MjExMjM5ZmM0ZGM4NGExOTU3NDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fvQu8ia+pgSJI3+ksERG3qj1e1y
zvZ1YBzsgcAXSDtKwny7REJ3Ti5w3PERdE6mgg1MEi/Zza/J69CywRtmpdJaW+/P
rRFIpD7JlqE3wUvkM/kimAHILU1QMYj+J9RqTz76JHYC4XIgx6dFyc4f0ME7OK6c
IGICh2me74Lj/WZVweiZLZZoJAdt/MP1rz03b5ljGQ2Ur4Cpj0OxzkXXs9kutLsL
gGCPH+yTbtzFDNLGbI5SwILuBCGQL0iVIBHNCiN/9jHhqOzKAjF/UtSncroYi0d6
Fshbth7IuDNCo8lemwqZewT/1gbeSYDZfgQS+qJutz4XXG4AF2UOy49AbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAGCxcJ5Et6GCpIRI5/E3IShlXREMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQVlMRndua1Mzb1lLa2hFam44VGNoS0dWZEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMZRoFNR9ssOxD3IcN11
Jm7RXzKZf8QQj4yOFsYI9GY5IZGwZDpqMbQQ52BylNB7eEehAdvv0GeaE4PRNaUm
TQEP0AxMNFyLSel4fwA2M0uAnBrSnBwo7WONkqPOgFaQAOl7XQP5bYGf3+553DXr
aT0zazLsbZCWfBRlnYiDNtlM77QSar+Leb9wDhTBvXTNaTBD8lj98uK/r5/ipHhl
HKflDTPsTvjNlwN12FHrD8CFjh2t3IHaQUHgqoCpU23CL11J0hOqcrCVs8RtINv8
i1e/KGYyxJoBOUKBLd7FcjRdcIDQ3KaVwuuRczzDc0Lt9b7S0uSP62iK1BmUUpB2
894=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:40:22 2025 by rpki-client