Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RYFbatmwrWKmr7pehdl0nRuKRoo.roa
File: RYFbatmwrWKmr7pehdl0nRuKRoo.roa (raw, json)
Hash identifier: syy5Ue6k61aQdZtN/hciI7Cov1W1jdeU3v9ElhJcUwY=
Subject key identifier: 45:81:5B:6A:D9:B0:AD:62:A6:AF:BA:5E:85:D9:74:9D:1B:8A:46:8A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0C3332D8EAEC955F6F25E14722E96426
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RYFbatmwrWKmr7pehdl0nRuKRoo.roa
Signing time: Sat 07 Oct 2023 22:12:43 +0000
ROA not before: Sat 07 Oct 2023 22:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0c:33:32:d8:ea:ec:95:5f:6f:25:e1:47:22:e9:64:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 22:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45815b6ad9b0ad62a6afba5e85d9749d1b8a468a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:31:e6:ca:c7:55:86:c4:05:20:89:3c:4b:db:
6a:58:3a:78:b4:5c:c9:6b:e4:99:98:ec:65:b6:ee:
27:29:3d:aa:f4:f1:42:68:26:04:bd:bf:6b:52:80:
f7:52:03:ed:68:bc:5a:ff:74:ff:42:12:6b:d6:63:
7a:4c:aa:bc:42:c6:63:7e:4b:46:10:5f:b3:21:d7:
20:47:7d:ed:e7:e2:a6:05:88:af:a0:a9:3b:cf:78:
a2:de:ac:62:74:5d:26:70:f7:5b:67:fb:f7:3e:f0:
41:fe:e6:7c:d7:dd:40:f0:b5:f0:53:0f:83:4c:69:
47:30:18:b6:a2:d4:42:1f:fc:61:66:d0:da:b5:30:
6d:b6:30:d1:6f:34:2e:c9:72:24:e0:f5:28:2b:ee:
66:b4:69:9e:22:41:80:1f:3e:5f:29:ed:37:05:f1:
d1:67:4c:5a:0b:a9:35:20:9e:24:6b:0b:a0:37:92:
3f:c4:63:5f:a2:20:9c:21:4f:91:31:3b:42:b7:33:
c6:98:6b:7b:fc:c1:0d:35:0e:62:f6:5f:f7:8a:4d:
f5:47:d7:05:1e:ce:91:ea:a6:39:22:9a:3f:f0:25:
38:5d:c8:ec:8c:fb:ed:23:0d:ec:73:74:21:fb:60:
f3:09:05:f5:46:0a:01:e5:a8:cf:e6:88:b4:86:ef:
9f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:81:5B:6A:D9:B0:AD:62:A6:AF:BA:5E:85:D9:74:9D:1B:8A:46:8A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RYFbatmwrWKmr7pehdl0nRuKRoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:a0:d5:19:de:ab:1e:4f:67:7e:9f:42:69:3b:e2:90:d0:ed:
bb:78:cf:78:e5:b9:69:ef:00:34:ad:8a:34:e6:16:f0:a2:e0:
0d:89:ee:d7:d3:e4:e6:9f:2a:a1:d1:4d:8f:14:94:cf:8b:d0:
1a:18:7a:38:f7:c9:f7:62:2d:ad:1a:eb:d6:65:0d:e3:4d:1d:
33:c5:f9:33:4c:c6:52:59:b1:4a:5a:af:a7:61:15:cc:22:82:
ec:7d:b5:67:5e:91:9a:a4:59:c0:51:78:a3:b9:46:6a:a3:cd:
85:4d:2c:f6:15:f4:d8:14:2a:e0:61:32:81:f3:c7:34:09:8b:
59:97:54:a8:d6:c5:ab:8e:ab:43:50:b7:d3:c8:3d:d8:0f:bb:
78:f1:61:67:55:72:fc:d6:32:6e:fa:37:6a:2e:54:7f:58:4f:
e2:d4:bc:5b:49:cf:17:cc:a1:6b:06:ee:69:5f:6b:95:8f:e1:
d6:44:5f:d0:42:98:9b:54:33:24:1a:79:bb:ac:7c:8c:01:c8:
42:0f:ba:09:f2:94:0c:96:06:c2:35:a3:22:47:57:06:10:c9:
2c:03:a8:49:a5:dc:08:6a:7d:24:39:b2:4f:43:e0:31:2c:04:
4c:c0:68:81:0f:53:9e:ed:35:a6:7a:06:26:ae:69:e2:66:72:
95:82:89:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsMMzLY6uyVX28l4Uci6WQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MjIxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTgxNWI2YWQ5YjBhZDYyYTZhZmJhNWU4NWQ5NzQ5ZDFiOGE0NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijHmysdVhsQFIIk8S9tqWDp4tFzJ
a+SZmOxltu4nKT2q9PFCaCYEvb9rUoD3UgPtaLxa/3T/QhJr1mN6TKq8QsZjfktG
EF+zIdcgR33t5+KmBYivoKk7z3ii3qxidF0mcPdbZ/v3PvBB/uZ8191A8LXwUw+D
TGlHMBi2otRCH/xhZtDatTBttjDRbzQuyXIk4PUoK+5mtGmeIkGAHz5fKe03BfHR
Z0xaC6k1IJ4kawugN5I/xGNfoiCcIU+RMTtCtzPGmGt7/MENNQ5i9l/3ik31R9cF
Hs6R6qY5Ipo/8CU4XcjsjPvtIw3sc3Qh+2DzCQX1RgoB5ajP5oi0hu+fCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEWBW2rZsK1ipq+6XoXZdJ0bikaKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUllGYmF0bXdyV0ttcjdwZWhkbDBuUnVLUm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEKg1Rneqx5PZ36fQmk7
4pDQ7bt4z3jluWnvADStijTmFvCi4A2J7tfT5OafKqHRTY8UlM+L0BoYejj3yfdi
La0a69ZlDeNNHTPF+TNMxlJZsUpar6dhFcwigux9tWdekZqkWcBReKO5RmqjzYVN
LPYV9NgUKuBhMoHzxzQJi1mXVKjWxauOq0NQt9PIPdgPu3jxYWdVcvzWMm76N2ou
VH9YT+LUvFtJzxfMoWsG7mlfa5WP4dZEX9BCmJtUMyQaebusfIwByEIPugnylAyW
BsI1oyJHVwYQySwDqEml3AhqfSQ5sk9D4DEsBEzAaIEPU57tNaZ6BiauaeJmcpWC
iTg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:46:52 2025 by rpki-client