Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Y8d23nG2ouplRHtp5Tg_D_hjCAw.roa
File: Y8d23nG2ouplRHtp5Tg_D_hjCAw.roa (raw, json)
Hash identifier: lz9arDQCtjXGU0S4MRKlALWZEo10zVxV7bgf5Sa7Egc=
Subject key identifier: 63:C7:76:DE:71:B6:A2:EA:65:44:7B:69:E5:38:3F:0F:F8:63:08:0C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE2C4AB77C662A0BB2F6F1B029AC1D24E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Y8d23nG2ouplRHtp5Tg_D_hjCAw.roa
Signing time: Sat 18 Nov 2023 14:10:21 +0000
ROA not before: Sat 18 Nov 2023 14:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e2:c4:ab:77:c6:62:a0:bb:2f:6f:1b:02:9a:c1:d2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 18 14:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63c776de71b6a2ea65447b69e5383f0ff863080c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:00:2d:ac:ee:53:3e:6f:93:aa:bd:bf:3b:3b:
9f:d9:0c:18:03:f8:85:9d:f1:2b:82:4b:85:09:21:
4f:9c:ab:e0:43:53:9c:da:44:f0:ba:00:34:19:b3:
b7:d9:a7:02:ce:ea:4c:89:dd:02:13:3e:16:74:c0:
1c:43:71:91:f8:f6:48:89:f3:24:9e:6c:e4:ff:c4:
c7:6c:63:f7:f3:0c:70:e2:0b:ed:4f:17:72:24:98:
4a:93:38:45:cb:31:d1:13:91:b6:64:33:1e:53:9b:
ab:c0:43:3a:10:dd:1a:45:e3:0d:7f:51:fd:d2:f8:
5d:70:c6:23:78:3d:40:a0:1b:a2:ef:23:29:47:84:
57:08:ce:de:d5:d1:e2:ed:96:2f:b4:17:40:1b:e2:
fd:4f:f8:ef:5c:5e:20:db:52:c3:18:82:92:03:61:
e2:3e:9a:cd:ea:45:82:06:3a:90:41:aa:be:3f:b3:
44:13:e4:db:25:cc:4b:b6:9d:56:7d:36:4d:cb:2c:
6e:46:03:3b:3e:86:a0:d2:b4:fe:b2:01:a2:b6:cb:
26:bb:af:27:9c:a9:7a:7c:4c:21:0d:7e:4f:73:d4:
fc:20:2c:a7:f1:05:af:ff:e6:21:19:59:35:a4:bc:
3e:e5:7d:db:d4:ee:bd:e9:e0:1c:b6:63:7d:76:58:
b9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C7:76:DE:71:B6:A2:EA:65:44:7B:69:E5:38:3F:0F:F8:63:08:0C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Y8d23nG2ouplRHtp5Tg_D_hjCAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:f5:f0:5c:ce:79:f3:27:1e:64:ad:30:0f:fb:37:c3:36:bd:
9a:d4:01:29:eb:fb:89:9d:0d:b1:a1:1f:6a:4b:62:55:be:0c:
e2:4c:72:f0:71:10:6b:91:d5:87:53:30:58:50:f0:af:3f:30:
dc:b5:a4:15:06:2f:e0:0b:fd:cf:1e:97:d5:c9:35:56:57:d5:
1a:11:5d:fa:6d:d4:d6:1a:21:ea:81:24:7e:df:92:05:ee:ee:
ff:69:c3:3b:18:9d:2b:0c:71:25:ea:56:65:17:ab:e2:4e:92:
c8:94:4b:cf:cd:ef:64:51:3e:a5:9c:a2:3d:09:e3:df:0a:37:
bc:d6:cb:b2:7e:a1:ba:f5:49:50:2d:47:fc:4a:5a:a5:5d:4a:
b8:78:6a:d7:8b:ea:0e:64:5a:17:63:33:ed:4e:b2:2e:87:ce:
12:fb:ce:9b:b5:21:b9:81:9b:a9:ab:af:6d:48:f6:17:03:d2:
29:41:e6:24:a5:f8:0c:5e:ff:af:f3:64:59:9c:53:1c:96:9e:
0b:03:cb:ec:3b:1e:c1:26:2a:91:ef:65:e9:e4:a4:91:d1:1e:
fa:98:d1:70:bf:ec:32:c7:58:ca:fd:1a:19:59:8b:77:70:77:
0f:47:1d:40:1c:c7:de:d3:4f:f1:00:bf:10:ae:87:24:9f:0f:
3f:1c:d9:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvixKt3xmKguy9vGwKawdJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE4MTQxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M3NzZkZTcxYjZhMmVhNjU0NDdiNjllNTM4M2YwZmY4NjMwODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAAtrO5TPm+Tqr2/Ozuf2QwYA/iF
nfErgkuFCSFPnKvgQ1Oc2kTwugA0GbO32acCzupMid0CEz4WdMAcQ3GR+PZIifMk
nmzk/8THbGP38wxw4gvtTxdyJJhKkzhFyzHRE5G2ZDMeU5urwEM6EN0aReMNf1H9
0vhdcMYjeD1AoBui7yMpR4RXCM7e1dHi7ZYvtBdAG+L9T/jvXF4g21LDGIKSA2Hi
PprN6kWCBjqQQaq+P7NEE+TbJcxLtp1WfTZNyyxuRgM7Poag0rT+sgGitssmu68n
nKl6fEwhDX5Pc9T8ICyn8QWv/+YhGVk1pLw+5X3b1O696eActmN9dli5CwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGPHdt5xtqLqZUR7aeU4Pw/4YwgMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWThkMjNuRzJvdXBsUkh0cDVUZ19EX2hqQ0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD318FzOefMnHmStMA/7
N8M2vZrUASnr+4mdDbGhH2pLYlW+DOJMcvBxEGuR1YdTMFhQ8K8/MNy1pBUGL+AL
/c8el9XJNVZX1RoRXfpt1NYaIeqBJH7fkgXu7v9pwzsYnSsMcSXqVmUXq+JOksiU
S8/N72RRPqWcoj0J498KN7zWy7J+obr1SVAtR/xKWqVdSrh4ateL6g5kWhdjM+1O
si6HzhL7zpu1IbmBm6mrr21I9hcD0ilB5iSl+Axe/6/zZFmcUxyWngsDy+w7HsEm
KpHvZenkpJHRHvqY0XC/7DLHWMr9GhlZi3dwdw9HHUAcx97TT/EAvxCuhySfDz8c
2T4=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:51:27 2025 by rpki-client