Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b-ysLGfKvgnmliXEcjeQwderNV4.roa
File: b-ysLGfKvgnmliXEcjeQwderNV4.roa (raw, json)
Hash identifier: RLTaB0WGXB5+saTkiQGfMk/keznWmtsu4s9gU3Hx5Dc=
Subject key identifier: 6F:EC:AC:2C:67:CA:BE:09:E6:96:25:C4:72:37:90:C1:D7:AB:35:5E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2A73D37D202FE354D3AEA3BF362AE5CB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b-ysLGfKvgnmliXEcjeQwderNV4.roa
Signing time: Fri 13 Oct 2023 19:11:55 +0000
ROA not before: Fri 13 Oct 2023 19:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2a:73:d3:7d:20:2f:e3:54:d3:ae:a3:bf:36:2a:e5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 19:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fecac2c67cabe09e69625c4723790c1d7ab355e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ae:97:94:cf:89:0c:55:93:3a:66:22:39:bc:
b4:2a:28:51:c2:f1:26:84:00:24:8f:2c:59:5f:9d:
8a:ac:21:89:63:5a:66:01:ad:f9:38:b9:4d:7c:e7:
6b:23:c3:2c:65:0b:db:e6:6c:c2:be:25:a9:46:6b:
5c:2e:d0:f2:7e:e1:90:75:35:bc:08:3f:2a:73:d5:
96:c0:79:f2:3d:32:ef:0c:d4:8c:7d:be:54:25:71:
7b:65:cc:bd:8d:fa:33:56:c7:6e:aa:2f:24:69:07:
6e:58:c8:9b:e9:c4:3b:5f:d6:41:ee:44:c7:98:d4:
d1:c2:c4:4b:60:6b:1d:5d:82:47:7d:1f:26:e3:98:
ae:fa:12:16:fe:0c:06:8f:c2:db:01:c6:42:64:eb:
06:34:9c:91:34:34:45:bb:ce:43:b4:7a:aa:dd:03:
08:e9:d1:4b:bc:30:c8:ce:58:6b:37:f8:49:e9:63:
e4:7a:65:9b:0b:0b:c4:a1:28:65:01:5a:eb:48:cf:
29:88:a7:a8:35:a3:1e:46:98:4c:73:d5:d5:ff:63:
21:40:a5:9d:59:8b:0b:5a:3a:b8:2a:6c:c9:d0:e4:
bc:f5:b8:06:b5:e3:4b:be:d8:43:1a:c7:87:de:95:
c9:c0:07:a6:8f:d8:02:76:f7:9a:ce:37:da:a8:ed:
fe:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EC:AC:2C:67:CA:BE:09:E6:96:25:C4:72:37:90:C1:D7:AB:35:5E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b-ysLGfKvgnmliXEcjeQwderNV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:c0:ad:1b:81:c7:3f:f5:52:23:c9:0f:2c:ac:fa:3e:64:42:
c6:40:79:31:0a:22:4f:ab:44:b7:c1:c2:0c:32:0d:c3:80:a1:
62:77:0f:df:f6:fa:ab:b0:7e:24:67:2e:43:8d:9e:20:28:d0:
c7:49:86:b0:dc:0d:87:73:47:7f:10:79:7c:65:fd:75:89:92:
df:80:ba:53:51:3f:8c:43:42:ec:89:4e:1f:d2:02:e8:d2:f9:
66:0b:c1:1f:59:f2:43:d6:11:12:45:d6:bf:6f:d4:12:75:b5:
49:35:9f:60:fa:62:67:f7:b1:97:7a:0a:9f:fa:dc:b0:cc:c5:
ec:9e:11:74:5b:50:ce:89:b7:44:5b:53:30:98:93:e2:25:d9:
48:e4:b1:21:f2:e2:96:fe:83:88:c2:56:83:de:4d:f3:b3:9c:
5b:99:a0:f0:c1:65:14:5b:58:ec:c0:d9:5a:e1:53:14:77:c2:
9f:c5:ea:0a:59:8e:4d:91:48:a0:33:bc:12:f5:f1:18:76:af:
03:28:ba:1b:cb:46:4b:68:de:9a:93:25:3c:24:1a:e9:2d:92:
16:99:49:46:b4:84:8a:8b:1b:e4:ca:61:2b:6f:f2:3c:d7:f4:
e6:06:1e:be:87:6a:53:db:6a:03:6f:5e:90:4d:48:a2:3b:9f:
ce:dc:d8:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsqc9N9IC/jVNOuo782KuXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMTkxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVjYWMyYzY3Y2FiZTA5ZTY5NjI1YzQ3MjM3OTBjMWQ3YWIzNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq6XlM+JDFWTOmYiOby0KihRwvEm
hAAkjyxZX52KrCGJY1pmAa35OLlNfOdrI8MsZQvb5mzCviWpRmtcLtDyfuGQdTW8
CD8qc9WWwHnyPTLvDNSMfb5UJXF7Zcy9jfozVsduqi8kaQduWMib6cQ7X9ZB7kTH
mNTRwsRLYGsdXYJHfR8m45iu+hIW/gwGj8LbAcZCZOsGNJyRNDRFu85DtHqq3QMI
6dFLvDDIzlhrN/hJ6WPkemWbCwvEoShlAVrrSM8piKeoNaMeRphMc9XV/2MhQKWd
WYsLWjq4KmzJ0OS89bgGteNLvthDGseH3pXJwAemj9gCdveazjfaqO3+gwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG/srCxnyr4J5pYlxHI3kMHXqzVeMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYi15c0xHZkt2Z25tbGlYRWNqZVF3ZGVyTlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEPArRuBxz/1UiPJDyys
+j5kQsZAeTEKIk+rRLfBwgwyDcOAoWJ3D9/2+quwfiRnLkONniAo0MdJhrDcDYdz
R38QeXxl/XWJkt+AulNRP4xDQuyJTh/SAujS+WYLwR9Z8kPWERJF1r9v1BJ1tUk1
n2D6Ymf3sZd6Cp/63LDMxeyeEXRbUM6Jt0RbUzCYk+Il2UjksSHy4pb+g4jCVoPe
TfOznFuZoPDBZRRbWOzA2VrhUxR3wp/F6gpZjk2RSKAzvBL18Rh2rwMouhvLRkto
3pqTJTwkGuktkhaZSUa0hIqLG+TKYStv8jzX9OYGHr6HalPbagNvXpBNSKI7n87c
2FU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:41:39 2025 by rpki-client