Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U-ysDHgL9ZX62HPEXnveafo1ADo.roa
File: U-ysDHgL9ZX62HPEXnveafo1ADo.roa (raw, json)
Hash identifier: bZ9Z1t3T25LAK/FeY6Y72bBU7+4wrefs5Lqy5Oz1INU=
Subject key identifier: 53:EC:AC:0C:78:0B:F5:95:FA:D8:73:C4:5E:7B:DE:69:FA:35:00:3A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B634F301FC1BEF70ED720EFAE295C2A1D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U-ysDHgL9ZX62HPEXnveafo1ADo.roa
Signing time: Tue 24 Oct 2023 20:10:15 +0000
ROA not before: Tue 24 Oct 2023 20:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:63:4f:30:1f:c1:be:f7:0e:d7:20:ef:ae:29:5c:2a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 20:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53ecac0c780bf595fad873c45e7bde69fa35003a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:69:89:42:c0:15:f8:98:0c:3b:6b:9b:62:e5:
02:93:53:29:dd:41:b2:c6:df:26:ce:67:db:90:80:
51:67:72:36:cc:8a:ab:1e:39:2e:14:6e:1e:07:e9:
c6:c1:24:0a:35:27:62:a8:6c:f5:a5:f9:ad:83:69:
9b:06:bc:4b:ff:cf:63:b6:d2:5c:b6:30:53:44:da:
bb:5c:b4:0f:32:b9:ea:f4:49:5a:82:48:56:a0:1a:
1a:04:3a:e6:0b:62:7e:f6:4f:50:39:18:c8:61:70:
db:a0:cf:98:cd:16:35:2c:7d:f4:6a:39:20:f0:eb:
09:74:58:e9:1e:19:0c:4c:47:9e:3f:41:6a:21:8d:
4e:51:7f:d3:b7:ed:1e:96:ca:18:8b:df:69:cc:e3:
1a:fb:44:ad:b8:cb:b7:49:2a:8d:7b:3c:21:ca:2a:
59:dc:da:29:71:35:62:ab:12:b2:95:ad:9c:01:0c:
ad:31:1b:e3:c5:45:db:b4:83:45:b1:ae:54:da:fc:
48:89:0c:6d:20:0d:b0:b8:ec:13:2e:fc:14:fb:16:
b9:17:2a:02:f7:86:3f:a6:5d:8b:56:82:03:ff:2a:
5a:e8:49:6b:b6:8b:8d:5a:db:a4:80:24:65:ed:ce:
f6:c6:a3:75:3d:2c:f3:61:76:03:eb:6a:69:6b:b4:
d6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EC:AC:0C:78:0B:F5:95:FA:D8:73:C4:5E:7B:DE:69:FA:35:00:3A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U-ysDHgL9ZX62HPEXnveafo1ADo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:08:f1:46:44:cc:59:f4:8c:fa:82:20:ce:ef:99:8c:e2:be:
6c:c8:07:eb:99:77:42:76:95:8d:d1:d7:37:f3:8d:14:d1:ae:
c1:ce:c6:0e:eb:6f:3a:7b:4c:5e:62:20:b5:e4:e2:7f:c4:73:
ea:d9:39:aa:f4:7f:14:21:87:a3:46:a7:c5:85:53:7e:3d:87:
89:36:4a:d1:38:30:68:b0:8e:15:63:43:71:df:b1:21:74:5f:
de:d3:40:54:f9:0a:4e:d1:a7:a5:e7:3f:64:21:dd:fa:8a:71:
91:66:03:c6:8e:cd:73:fd:b5:32:b3:c8:e5:8a:03:9d:d2:36:
2f:21:a8:e4:a7:7c:a9:c9:c7:86:43:0d:e2:d2:6b:3d:31:95:
c7:5e:23:54:65:9c:6a:c7:72:f0:6d:55:bf:4b:18:aa:1e:de:
6e:9f:5d:d8:13:e4:19:f2:aa:4b:d3:ce:3e:cf:30:6e:da:9d:
52:bf:12:5f:d5:55:02:a5:0c:8c:df:eb:e7:9f:e1:07:d9:81:
33:6a:91:5a:8b:bb:84:81:8f:c7:2f:20:19:ce:d4:81:be:b8:
18:1b:04:74:8e:a2:81:b5:6a:c5:93:57:55:25:8b:ed:f8:49:
9c:73:41:97:00:92:d8:06:d7:8c:9c:08:9d:12:01:65:dd:0d:
f7:c7:e0:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtjTzAfwb73Dtcg764pXCodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MjAxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VjYWMwYzc4MGJmNTk1ZmFkODczYzQ1ZTdiZGU2OWZhMzUwMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWmJQsAV+JgMO2ubYuUCk1Mp3UGy
xt8mzmfbkIBRZ3I2zIqrHjkuFG4eB+nGwSQKNSdiqGz1pfmtg2mbBrxL/89jttJc
tjBTRNq7XLQPMrnq9ElagkhWoBoaBDrmC2J+9k9QORjIYXDboM+YzRY1LH30ajkg
8OsJdFjpHhkMTEeeP0FqIY1OUX/Tt+0elsoYi99pzOMa+0StuMu3SSqNezwhyipZ
3NopcTViqxKyla2cAQytMRvjxUXbtINFsa5U2vxIiQxtIA2wuOwTLvwU+xa5FyoC
94Y/pl2LVoID/ypa6ElrtouNWtukgCRl7c72xqN1PSzzYXYD62ppa7TWjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFPsrAx4C/WV+thzxF573mn6NQA6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVS15c0RIZ0w5Wlg2MkhQRVhudmVhZm8xQURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK0I8UZEzFn0jPqCIM7v
mYzivmzIB+uZd0J2lY3R1zfzjRTRrsHOxg7rbzp7TF5iILXk4n/Ec+rZOar0fxQh
h6NGp8WFU349h4k2StE4MGiwjhVjQ3HfsSF0X97TQFT5Ck7Rp6XnP2Qh3fqKcZFm
A8aOzXP9tTKzyOWKA53SNi8hqOSnfKnJx4ZDDeLSaz0xlcdeI1RlnGrHcvBtVb9L
GKoe3m6fXdgT5BnyqkvTzj7PMG7anVK/El/VVQKlDIzf6+ef4QfZgTNqkVqLu4SB
j8cvIBnO1IG+uBgbBHSOooG1asWTV1Uli+34SZxzQZcAktgG14ycCJ0SAWXdDffH
4Dg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:58:18 2025 by rpki-client