Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DY5NC5nJN30JGA5yt_wR15Dyolo.roa
File: DY5NC5nJN30JGA5yt_wR15Dyolo.roa (raw, json)
Hash identifier: wi+gaEy3wsSsIKsL0R/0bK1DueaeCMzswRroQrMvpOg=
Subject key identifier: 0D:8E:4D:0B:99:C9:37:7D:09:18:0E:72:B7:FC:11:D7:90:F2:A2:5A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF50972E6EA953DA20EAEC00F365FD1D1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DY5NC5nJN30JGA5yt_wR15Dyolo.roa
Signing time: Tue 03 Oct 2023 10:15:51 +0000
ROA not before: Tue 03 Oct 2023 10:15:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:09:72:e6:ea:95:3d:a2:0e:ae:c0:0f:36:5f:d1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 10:15:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d8e4d0b99c9377d09180e72b7fc11d790f2a25a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7d:4b:92:f9:98:aa:18:bd:e0:1b:59:cd:cf:
86:32:20:a0:f5:b6:f1:09:c5:ea:10:8a:68:98:c9:
6e:d9:3f:4c:c7:9a:f0:39:db:ec:4a:0f:a6:4a:72:
1c:d5:f8:fe:c2:cc:55:b5:12:a5:bf:f9:de:c9:58:
00:91:a0:5e:91:0f:c5:2b:bc:76:af:34:7a:04:40:
16:7c:51:07:1a:a7:ef:a3:c6:f7:b0:6b:bc:06:d7:
38:ff:14:dd:83:4b:16:0d:d7:96:ac:4b:66:c5:7b:
56:e2:33:a4:2b:cc:dc:b6:71:f3:ce:39:38:2c:ce:
3e:21:2e:05:5d:84:03:bd:99:3a:45:51:81:b1:38:
13:e8:e6:d4:90:b0:05:60:cb:4f:ae:88:2a:35:07:
e2:7a:a9:4b:18:7e:11:ed:42:9e:e7:97:6c:25:49:
9c:e6:45:a7:24:c6:ef:e0:ae:97:0a:3b:1e:75:26:
4c:ed:86:b1:a9:48:b0:a3:d4:9c:ed:74:5a:cf:1c:
ba:45:50:85:35:d4:05:b5:d0:3c:1c:97:7e:ae:b1:
41:5f:69:40:cb:99:d6:f1:9b:63:6a:cc:ed:00:ac:
f0:42:19:c9:4b:d8:89:8c:16:98:c7:09:39:7e:ad:
f8:15:3f:57:a2:a1:44:a8:c5:e3:51:e7:b4:8e:2f:
d3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8E:4D:0B:99:C9:37:7D:09:18:0E:72:B7:FC:11:D7:90:F2:A2:5A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DY5NC5nJN30JGA5yt_wR15Dyolo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:07:9a:83:dc:25:b6:84:a2:ca:25:bb:3e:87:ec:7e:5f:97:
96:e8:87:8d:52:4e:3e:ec:84:55:55:18:dc:08:21:17:d5:f2:
a7:75:ac:b0:2e:c8:46:dd:f7:95:6d:b0:57:78:0b:00:d2:42:
d2:d8:e7:b0:12:9a:d8:37:7e:09:7a:42:0e:74:dc:55:f2:9d:
60:e2:19:29:bf:68:5f:bd:8d:47:70:3d:0c:43:93:05:29:39:
81:a7:cb:d5:f0:00:ab:82:08:be:cd:99:f1:ce:73:ce:28:b8:
c8:a6:18:17:46:d8:6a:e6:aa:61:0b:ee:dd:4d:8a:a4:cd:d9:
50:d0:8c:fe:71:09:c5:34:04:aa:c5:e7:8e:4f:35:1f:e6:6e:
e3:de:3a:a2:a5:90:9b:95:b0:6e:19:ec:81:d0:e0:f6:6b:94:
62:c1:45:82:0c:a2:b3:16:c3:d7:e8:39:49:96:5e:52:84:99:
50:7f:bf:20:02:52:b4:85:a7:15:7a:c9:eb:42:50:ce:7b:27:
8e:98:b5:2c:9f:ff:7c:49:85:06:11:34:ed:43:b9:41:5c:e7:
97:04:87:ed:0f:08:05:70:4d:bc:1b:cb:51:5d:fd:2a:03:b1:
3a:94:59:c2:53:88:87:e3:91:7d:4d:50:b4:b1:c7:a3:68:d0:
65:57:ac:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr1CXLm6pU9og6uwA82X9HRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMTAxNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhlNGQwYjk5YzkzNzdkMDkxODBlNzJiN2ZjMTFkNzkwZjJhMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn1LkvmYqhi94BtZzc+GMiCg9bbx
CcXqEIpomMlu2T9Mx5rwOdvsSg+mSnIc1fj+wsxVtRKlv/neyVgAkaBekQ/FK7x2
rzR6BEAWfFEHGqfvo8b3sGu8Btc4/xTdg0sWDdeWrEtmxXtW4jOkK8zctnHzzjk4
LM4+IS4FXYQDvZk6RVGBsTgT6ObUkLAFYMtProgqNQfieqlLGH4R7UKe55dsJUmc
5kWnJMbv4K6XCjsedSZM7YaxqUiwo9Sc7XRazxy6RVCFNdQFtdA8HJd+rrFBX2lA
y5nW8ZtjasztAKzwQhnJS9iJjBaYxwk5fq34FT9XoqFEqMXjUee0ji/T8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA2OTQuZyTd9CRgOcrf8EdeQ8qJaMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRFk1TkM1bkpOMzBKR0E1eXRfd1IxNUR5b2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAMHmoPcJbaEosoluz6H
7H5fl5boh41STj7shFVVGNwIIRfV8qd1rLAuyEbd95VtsFd4CwDSQtLY57ASmtg3
fgl6Qg503FXynWDiGSm/aF+9jUdwPQxDkwUpOYGny9XwAKuCCL7NmfHOc84ouMim
GBdG2GrmqmEL7t1NiqTN2VDQjP5xCcU0BKrF545PNR/mbuPeOqKlkJuVsG4Z7IHQ
4PZrlGLBRYIMorMWw9foOUmWXlKEmVB/vyACUrSFpxV6yetCUM57J46YtSyf/3xJ
hQYRNO1DuUFc55cEh+0PCAVwTbwby1Fd/SoDsTqUWcJTiIfjkX1NULSxx6No0GVX
rHc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:08:46 2025 by rpki-client