Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bYKjhF7LAobkWAhfJQBMq_p4xls.roa
File: bYKjhF7LAobkWAhfJQBMq_p4xls.roa (raw, json)
Hash identifier: AlSeTgyzu5tRclPiHZbVe93MBqnPkiTIiGWOPa3ph8k=
Subject key identifier: 6D:82:A3:84:5E:CB:02:86:E4:58:08:5F:25:00:4C:AB:FA:78:C6:5B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADCF728B49D188106ACD9CDC6B414FB81
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bYKjhF7LAobkWAhfJQBMq_p4xls.roa
Signing time: Thu 28 Sep 2023 18:04:59 +0000
ROA not before: Thu 28 Sep 2023 18:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:dcf6:d068/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:f7:28:b4:9d:18:81:06:ac:d9:cd:c6:b4:14:fb:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 18:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d82a3845ecb0286e458085f25004cabfa78c65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7a:2c:19:44:62:2a:bb:80:41:aa:05:55:39:
bf:b8:a6:02:43:24:5c:10:35:65:c2:c8:a8:09:13:
25:bd:d0:89:51:f6:94:91:2f:3d:c5:10:5a:16:3d:
98:15:a0:4f:9b:eb:d7:05:f1:94:12:cb:d1:ca:c5:
64:92:e2:26:77:e2:a9:c6:fc:db:ec:d8:f7:9c:54:
58:f5:b1:d0:d0:ee:b3:b4:2e:22:eb:b2:ca:11:69:
6f:15:3d:42:e5:06:cc:aa:de:40:cf:15:19:8f:b5:
9f:0a:d4:f3:89:a6:ea:f2:9e:66:57:32:49:09:d4:
b3:06:22:6d:0d:86:27:61:a7:5e:54:fa:09:be:8a:
d7:70:55:2c:bd:fb:f1:d5:df:36:11:b2:ea:37:f0:
b9:85:94:fd:da:61:9d:fe:38:ae:3c:b6:51:5c:67:
19:2d:3d:61:26:0f:de:e8:da:be:3b:32:a6:84:70:
87:61:d0:c4:95:a9:a3:4f:60:52:6a:f2:69:5b:e5:
bc:4a:6d:03:4c:e7:f2:cd:02:86:4b:7a:9d:cc:3a:
51:54:c8:9b:7c:0c:a1:38:50:b0:84:c5:1b:e9:ec:
1d:1f:ad:7f:3a:8e:a1:b5:07:3d:bc:85:1a:18:b2:
d7:f2:e0:00:e6:ee:c7:3d:eb:0a:78:38:d4:f5:32:
f1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:82:A3:84:5E:CB:02:86:E4:58:08:5F:25:00:4C:AB:FA:78:C6:5B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bYKjhF7LAobkWAhfJQBMq_p4xls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:cd:41:e8:97:62:0b:de:e3:43:8a:db:7c:20:13:fa:2e:a5:
40:74:ad:cc:48:31:e7:7c:d8:73:d2:02:a4:4e:1d:22:c8:a5:
d5:d8:ca:ca:58:a3:eb:ed:fa:8a:ac:0f:d1:a5:fd:fa:c0:49:
6a:4b:1a:0b:0e:ac:c7:87:e0:78:1e:49:b9:aa:1c:b0:5d:6a:
0d:93:83:05:50:22:47:c5:9c:96:e2:2c:aa:94:4d:25:ca:fc:
e8:61:63:7f:0a:74:d8:18:55:71:8c:9d:80:30:c6:87:41:16:
0a:66:6e:4c:c7:83:96:bd:7c:29:71:e1:ac:d6:5e:19:69:f5:
8e:1f:8f:38:4c:a6:5b:25:f3:09:26:05:99:02:67:32:6a:cf:
33:cd:c1:ab:c6:e2:76:ab:45:66:1c:c0:d1:d0:72:ad:4b:26:
54:24:ce:7d:22:c1:a1:12:21:dc:16:3e:b8:37:fa:0d:7b:91:
28:46:21:b1:d2:4d:c2:58:38:97:ce:da:bd:a3:32:9c:97:64:
7b:a7:6f:8e:56:5a:b1:05:ad:0b:0c:e3:c6:50:a7:f2:d7:2b:
ac:d8:6f:f7:a1:73:6e:ee:fe:d0:8d:89:1d:db:37:7e:50:bd:
58:6a:e8:21:f4:1e:1e:3c:77:e6:0d:ed:c8:61:6f:5a:a2:48:
4d:97:46:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrc9yi0nRiBBqzZzca0FPuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MTgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDgyYTM4NDVlY2IwMjg2ZTQ1ODA4NWYyNTAwNGNhYmZhNzhjNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXosGURiKruAQaoFVTm/uKYCQyRc
EDVlwsioCRMlvdCJUfaUkS89xRBaFj2YFaBPm+vXBfGUEsvRysVkkuImd+Kpxvzb
7Nj3nFRY9bHQ0O6ztC4i67LKEWlvFT1C5QbMqt5AzxUZj7WfCtTziabq8p5mVzJJ
CdSzBiJtDYYnYadeVPoJvorXcFUsvfvx1d82EbLqN/C5hZT92mGd/jiuPLZRXGcZ
LT1hJg/e6Nq+OzKmhHCHYdDElamjT2BSavJpW+W8Sm0DTOfyzQKGS3qdzDpRVMib
fAyhOFCwhMUb6ewdH61/Oo6htQc9vIUaGLLX8uAA5u7HPesKeDjU9TLxGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2Co4ReywKG5FgIXyUATKv6eMZbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYllLamhGN0xBb2JrV0FoZkpRQk1xX3A0eGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABHNQeiXYgve40OK23wg
E/oupUB0rcxIMed82HPSAqROHSLIpdXYyspYo+vt+oqsD9Gl/frASWpLGgsOrMeH
4HgeSbmqHLBdag2TgwVQIkfFnJbiLKqUTSXK/OhhY38KdNgYVXGMnYAwxodBFgpm
bkzHg5a9fClx4azWXhlp9Y4fjzhMplsl8wkmBZkCZzJqzzPNwavG4narRWYcwNHQ
cq1LJlQkzn0iwaESIdwWPrg3+g17kShGIbHSTcJYOJfO2r2jMpyXZHunb45WWrEF
rQsM48ZQp/LXK6zYb/ehc27u/tCNiR3bN35QvVhq6CH0Hh48d+YN7chhb1qiSE2X
RtQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:36:08 2025 by rpki-client