Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Yw1kNlnPRn1cLJMBqAnVDIXqfGY.roa
File: Yw1kNlnPRn1cLJMBqAnVDIXqfGY.roa (raw, json)
Hash identifier: usJTgXWHxrJR5A++xSxpfjeXUPADXkJj5ZOJHWY2inE=
Subject key identifier: 63:0D:64:36:59:CF:46:7D:5C:2C:93:01:A8:09:D5:0C:85:EA:7C:66
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB2B8C6ECEA969FE9363A663DC6234C20
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Yw1kNlnPRn1cLJMBqAnVDIXqfGY.roa
Signing time: Wed 20 Sep 2023 13:12:48 +0000
ROA not before: Wed 20 Sep 2023 13:12:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:b8:c6:ec:ea:96:9f:e9:36:3a:66:3d:c6:23:4c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 13:12:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=630d643659cf467d5c2c9301a809d50c85ea7c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1a:4e:e1:56:76:7d:e7:70:91:f5:e5:79:a6:
26:c2:58:97:fe:7f:00:ef:7b:73:b5:d9:49:c4:04:
95:9a:7f:e7:b1:f2:98:5c:c1:5d:f6:6d:34:8c:9e:
6c:ce:23:4c:12:fa:82:96:d8:40:67:05:68:09:13:
ff:fe:30:eb:27:5c:d5:f1:ee:73:0d:6b:06:5a:dc:
c6:05:66:ad:f1:96:ed:11:98:dc:7f:8e:b4:6e:85:
1a:88:8f:1a:9d:fa:8d:f5:d8:73:d3:97:51:1a:2a:
db:e0:b5:71:08:51:12:12:c7:93:18:9f:8e:d4:27:
2d:f4:c1:7c:05:45:66:5c:26:dd:a1:de:12:c7:fd:
c9:6c:47:5b:38:2d:40:f1:96:56:7f:68:7d:a6:7c:
a8:c8:13:11:c5:ea:5c:71:4c:a9:5e:37:8b:92:2c:
37:55:10:11:81:65:94:3b:0d:4f:59:fb:87:d1:b3:
69:5f:f0:a1:56:07:d6:26:1f:85:ac:cf:bd:b5:e9:
75:f4:6c:75:80:41:8f:8a:8b:49:d8:4d:77:e0:79:
7e:3b:08:fd:c6:e0:c4:e2:5b:ee:ae:93:c9:82:c5:
7a:06:b4:8b:58:8d:a1:13:3e:64:56:04:bf:3a:e8:
b5:8c:2a:5e:f1:b2:3c:99:47:f2:46:20:27:2e:8d:
e1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0D:64:36:59:CF:46:7D:5C:2C:93:01:A8:09:D5:0C:85:EA:7C:66
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Yw1kNlnPRn1cLJMBqAnVDIXqfGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c6:b1:05:e3:d6:af:72:93:67:cb:a2:d6:cc:b6:6c:6a:13:fc:
c3:94:b5:ce:01:0c:7e:e8:3d:79:e1:a0:5c:97:9e:1e:01:8f:
92:f2:cf:cb:0c:e6:92:d5:8d:a3:a0:00:f8:6e:ba:43:fa:13:
36:bd:d1:e2:37:bd:c7:9c:f5:b8:40:6b:0a:b1:74:e5:14:6a:
70:b5:99:f6:f0:01:5e:e3:e5:49:58:81:9b:97:8d:c6:5e:9a:
58:42:c8:71:be:66:d0:91:57:2d:d2:90:3d:b4:b7:d3:c1:16:
4d:36:ac:3d:34:d6:52:f7:f9:e6:f1:f3:b8:76:c9:3a:0d:54:
72:1a:c9:11:d1:90:7d:a0:e2:a2:44:46:5e:a1:e9:b3:ea:62:
5a:9e:62:62:40:ed:d5:6f:88:54:46:f1:c4:e9:e8:d0:5c:37:
3f:b6:c3:f0:f7:e7:36:29:0a:80:18:c4:f9:1b:37:e0:46:f0:
ec:d2:a7:16:9f:ed:62:0d:97:8d:46:6a:8e:c7:ad:f5:12:f6:
d5:00:33:ee:3b:64:68:1f:6e:28:3d:9f:39:b9:e5:f0:0f:56:
ac:3d:87:31:79:6a:04:3f:bb:f1:8b:f4:c9:d4:80:d7:26:39:
92:b0:81:37:53:f5:df:4e:44:c7:93:b8:d9:a9:2d:2e:34:bc:
c3:ba:03:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqyuMbs6paf6TY6Zj3GI0wgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMTMxMjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBkNjQzNjU5Y2Y0NjdkNWMyYzkzMDFhODA5ZDUwYzg1ZWE3YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBpO4VZ2fedwkfXleaYmwliX/n8A
73tztdlJxASVmn/nsfKYXMFd9m00jJ5sziNMEvqClthAZwVoCRP//jDrJ1zV8e5z
DWsGWtzGBWat8ZbtEZjcf460boUaiI8anfqN9dhz05dRGirb4LVxCFESEseTGJ+O
1Cct9MF8BUVmXCbdod4Sx/3JbEdbOC1A8ZZWf2h9pnyoyBMRxepccUypXjeLkiw3
VRARgWWUOw1PWfuH0bNpX/ChVgfWJh+FrM+9tel19Gx1gEGPiotJ2E134Hl+Owj9
xuDE4lvurpPJgsV6BrSLWI2hEz5kVgS/Oui1jCpe8bI8mUfyRiAnLo3hswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGMNZDZZz0Z9XCyTAagJ1QyF6nxmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWXcxa05sblBSbjFjTEpNQnFBblZESVhxZkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMaxBePWr3KTZ8ui1sy2
bGoT/MOUtc4BDH7oPXnhoFyXnh4Bj5Lyz8sM5pLVjaOgAPhuukP6Eza90eI3vcec
9bhAawqxdOUUanC1mfbwAV7j5UlYgZuXjcZemlhCyHG+ZtCRVy3SkD20t9PBFk02
rD001lL3+ebx87h2yToNVHIayRHRkH2g4qJERl6h6bPqYlqeYmJA7dVviFRG8cTp
6NBcNz+2w/D35zYpCoAYxPkbN+BG8OzSpxaf7WINl41Gao7HrfUS9tUAM+47ZGgf
big9nzm55fAPVqw9hzF5agQ/u/GL9MnUgNcmOZKwgTdT9d9ORMeTuNmpLS40vMO6
A6M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:12:41 2025 by rpki-client