Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JYO5V6aALtV185LWMCQwVFZwmbY.roa
File: JYO5V6aALtV185LWMCQwVFZwmbY.roa (raw, json)
Hash identifier: j+pM4i8NIq4YpIzwuFr1g3MMXwxSQmHeGIS0Zp5YxuY=
Subject key identifier: 25:83:B9:57:A6:80:2E:D5:75:F3:92:D6:30:24:30:54:56:70:99:B6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD05117BD41614A2A6A9FAB276EE3D82A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JYO5V6aALtV185LWMCQwVFZwmbY.roa
Signing time: Wed 15 Nov 2023 00:10:57 +0000
ROA not before: Wed 15 Nov 2023 00:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:51:17:bd:41:61:4a:2a:6a:9f:ab:27:6e:e3:d8:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 00:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2583b957a6802ed575f392d630243054567099b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:df:94:52:1d:e2:44:71:e8:0e:ec:42:6c:80:
40:91:e8:a0:5c:9a:59:1e:aa:27:2f:65:04:ba:9b:
87:4e:bf:52:63:83:f6:9e:ac:68:3a:c4:0c:ff:33:
2f:52:80:a2:23:00:92:f0:81:b6:34:ad:b4:8e:bc:
37:a3:87:b6:22:0e:a7:d4:49:46:19:9e:f2:7d:f3:
f6:e2:66:5a:bc:fd:8c:0e:fe:76:89:f8:92:f8:13:
8b:2f:7b:bb:0e:19:96:83:8b:b1:01:b7:42:6b:d6:
c6:0a:94:45:23:23:03:6a:71:d2:4d:5b:41:8e:fc:
09:1c:3f:33:75:a5:8a:a6:6c:f4:a9:a9:ee:89:b7:
8b:7e:b9:f6:62:a0:b2:d2:bd:88:0b:df:82:74:d9:
69:84:eb:1b:06:ab:ea:0e:2c:bd:15:ac:63:76:a6:
59:15:9c:a8:58:c5:6b:98:f0:69:de:7f:e5:b3:58:
f1:2b:f7:fb:5b:f8:c8:a5:ce:91:7c:6e:09:9a:15:
61:7a:2f:66:b1:cb:2b:9d:9a:d5:7e:69:2e:4b:22:
20:2d:28:91:87:98:0b:6e:ec:1d:71:22:65:15:f6:
68:2c:58:ee:55:16:9d:21:18:d7:7e:d0:93:80:9a:
8a:97:e5:66:59:80:7f:b1:68:00:94:c2:7a:39:e2:
aa:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:83:B9:57:A6:80:2E:D5:75:F3:92:D6:30:24:30:54:56:70:99:B6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JYO5V6aALtV185LWMCQwVFZwmbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c2:d9:e9:c8:df:23:f8:6f:f0:e9:c5:b6:b3:31:83:f0:63:b9:
82:23:11:71:63:b2:71:3e:c1:d5:58:c5:63:1a:6f:6e:7a:a3:
91:9b:6a:c6:97:42:e4:6d:36:3b:86:a0:42:ad:ca:78:09:3d:
0c:01:1b:04:af:68:4a:8f:c2:03:bc:71:c9:5d:bd:f2:bc:cf:
ca:48:6b:fd:37:d8:30:ca:eb:d4:43:40:45:6c:c1:06:b3:40:
13:21:6b:d4:41:ea:f3:90:5e:29:75:7e:70:54:49:3e:39:11:
e9:65:4e:cf:f2:e6:87:d1:2a:42:02:3a:9c:c1:95:5b:4b:bc:
c9:ae:11:f4:f5:58:e0:b9:87:78:05:7a:a8:cb:bb:31:4d:78:
6d:e2:bd:2d:e8:30:e8:14:6e:58:52:f3:75:f2:03:f3:ed:45:
22:c9:a5:6e:cd:55:c0:af:ff:32:69:59:ba:9c:9a:ff:e9:00:
55:31:f2:0c:4d:a4:5a:bd:be:73:62:e1:cf:d2:f2:9d:9f:8d:
61:4f:a6:57:ba:16:db:54:7c:7b:01:95:ea:d0:cc:63:b8:5b:
e1:85:9e:b5:c2:39:d9:23:78:b9:65:f5:b0:c8:5e:d0:9f:21:
cd:9c:fc:d0:14:43:f3:72:63:3c:e7:48:ae:71:21:8c:e9:da:
3d:91:85:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvQURe9QWFKKmqfqydu49gqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MDAxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTgzYjk1N2E2ODAyZWQ1NzVmMzkyZDYzMDI0MzA1NDU2NzA5OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN+UUh3iRHHoDuxCbIBAkeigXJpZ
HqonL2UEupuHTr9SY4P2nqxoOsQM/zMvUoCiIwCS8IG2NK20jrw3o4e2Ig6n1ElG
GZ7yffP24mZavP2MDv52ifiS+BOLL3u7DhmWg4uxAbdCa9bGCpRFIyMDanHSTVtB
jvwJHD8zdaWKpmz0qanuibeLfrn2YqCy0r2IC9+CdNlphOsbBqvqDiy9FaxjdqZZ
FZyoWMVrmPBp3n/ls1jxK/f7W/jIpc6RfG4JmhVhei9mscsrnZrVfmkuSyIgLSiR
h5gLbuwdcSJlFfZoLFjuVRadIRjXftCTgJqKl+VmWYB/sWgAlMJ6OeKqCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCWDuVemgC7VdfOS1jAkMFRWcJm2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSllPNVY2YUFMdFYxODVMV01DUXdWRlp3bWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMLZ6cjfI/hv8OnFtrMx
g/BjuYIjEXFjsnE+wdVYxWMab256o5GbasaXQuRtNjuGoEKtyngJPQwBGwSvaEqP
wgO8ccldvfK8z8pIa/032DDK69RDQEVswQazQBMha9RB6vOQXil1fnBUST45Eell
Ts/y5ofRKkICOpzBlVtLvMmuEfT1WOC5h3gFeqjLuzFNeG3ivS3oMOgUblhS83Xy
A/PtRSLJpW7NVcCv/zJpWbqcmv/pAFUx8gxNpFq9vnNi4c/S8p2fjWFPple6FttU
fHsBlerQzGO4W+GFnrXCOdkjeLll9bDIXtCfIc2c/NAUQ/NyYzznSK5xIYzp2j2R
hXg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:47:19 2025 by rpki-client