Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lY2p71-uwvqzixdvgj3HYFuEcD0.roa
File: lY2p71-uwvqzixdvgj3HYFuEcD0.roa (raw, json)
Hash identifier: pZXG2JeSl3m3uKe11F8PSHDqJ3pHUGcfRgYDlk7bxPY=
Subject key identifier: 95:8D:A9:EF:5F:AE:C2:FA:B3:8B:17:6F:82:3D:C7:60:5B:84:70:3D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B352F538D97EAD73A4128D6B59B298E53
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lY2p71-uwvqzixdvgj3HYFuEcD0.roa
Signing time: Sun 15 Oct 2023 21:12:55 +0000
ROA not before: Sun 15 Oct 2023 21:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:35:2f:53:8d:97:ea:d7:3a:41:28:d6:b5:9b:29:8e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 21:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=958da9ef5faec2fab38b176f823dc7605b84703d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e4:d6:d4:57:a7:03:00:a1:ef:1e:d6:80:6a:
8e:58:9c:cc:51:a8:f5:60:6e:2e:a9:d7:b7:21:63:
b6:43:69:d7:ee:9d:73:28:f0:ce:18:3c:3f:3b:26:
c1:fb:04:89:b5:f1:a1:4b:ba:38:cd:3a:78:8c:bc:
7a:c4:21:2e:2d:2f:31:0e:93:7d:25:17:9c:8b:c3:
70:c1:73:8c:06:3a:3e:92:c6:6c:cb:1e:2c:56:03:
4c:89:62:a6:c0:1f:92:72:3a:2b:a3:a8:9b:51:2a:
ca:93:3a:70:5f:fa:fa:76:83:76:e7:61:6c:21:36:
a2:44:40:d4:a5:fb:81:1c:f5:72:af:5b:a7:a0:dd:
9f:6f:c9:28:88:60:0c:ce:54:9a:35:0a:7f:96:fa:
4e:0e:a8:a2:c6:13:eb:a8:7e:7a:f9:94:dc:a8:50:
a1:b9:0d:aa:e0:32:92:55:f4:8f:82:e2:24:2e:90:
11:cc:a4:a4:14:85:b4:67:bd:43:8d:7a:db:86:44:
0d:bb:1a:9e:26:6a:af:d9:7a:ea:a5:69:fe:c9:00:
31:e6:0e:69:bd:ab:e0:a4:a5:38:43:33:c4:1d:66:
6b:f4:b2:9c:2a:ec:fc:5c:9c:58:c6:89:af:f2:d3:
fd:85:86:de:45:f0:9d:e5:f9:6e:3d:2f:f5:89:25:
82:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8D:A9:EF:5F:AE:C2:FA:B3:8B:17:6F:82:3D:C7:60:5B:84:70:3D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lY2p71-uwvqzixdvgj3HYFuEcD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:a5:c7:e2:d1:fd:98:3e:7a:dc:11:98:75:16:f4:60:a8:1d:
11:07:7e:8c:84:29:a6:84:5a:c7:c0:5a:42:7f:39:75:dd:17:
f3:33:c4:5d:85:46:80:cf:08:61:b1:29:50:8a:0f:ea:2f:ca:
50:b4:e2:4e:f7:1d:63:10:92:43:be:c2:53:fd:db:48:72:26:
5f:54:da:e2:18:a6:dc:7d:5b:84:b8:d4:f5:dd:d9:a7:e1:bf:
5c:21:9f:13:a5:d3:2d:88:1a:c8:3f:e5:e4:50:84:43:ec:bc:
f5:e9:09:10:fe:92:0e:a5:fe:dc:70:d8:0f:cb:d3:3b:02:14:
45:52:00:02:39:7c:5b:de:e9:17:5c:80:69:5d:ec:64:58:21:
fb:38:58:63:57:d6:21:b2:8d:45:24:0a:37:81:6f:03:fe:e9:
49:da:bd:a2:bb:2b:a9:97:ca:10:e6:59:3f:74:15:1e:6d:b9:
de:f8:2e:70:ae:84:eb:a8:b5:96:24:ac:0d:ae:11:fb:9a:76:
ed:d9:38:f5:ea:ef:ad:a5:9f:ec:27:c1:c9:92:ea:5f:04:fb:
e1:b1:eb:0b:96:a4:f6:ea:dd:6d:04:93:d1:6d:3a:1a:c2:1b:
a6:9d:ef:30:de:5e:cb:89:cd:9c:54:c9:8d:2b:92:dc:03:5d:
2c:2a:86:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs1L1ONl+rXOkEo1rWbKY5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MjExMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThkYTllZjVmYWVjMmZhYjM4YjE3NmY4MjNkYzc2MDViODQ3MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOTW1FenAwCh7x7WgGqOWJzMUaj1
YG4uqde3IWO2Q2nX7p1zKPDOGDw/OybB+wSJtfGhS7o4zTp4jLx6xCEuLS8xDpN9
JReci8NwwXOMBjo+ksZsyx4sVgNMiWKmwB+Scjoro6ibUSrKkzpwX/r6doN252Fs
ITaiREDUpfuBHPVyr1unoN2fb8koiGAMzlSaNQp/lvpODqiixhPrqH56+ZTcqFCh
uQ2q4DKSVfSPguIkLpARzKSkFIW0Z71DjXrbhkQNuxqeJmqv2XrqpWn+yQAx5g5p
vavgpKU4QzPEHWZr9LKcKuz8XJxYxomv8tP9hYbeRfCd5fluPS/1iSWCnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJWNqe9frsL6s4sXb4I9x2BbhHA9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbFkycDcxLXV3dnF6aXhkdmdqM0hZRnVFY0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGalx+LR/Zg+etwRmHUW
9GCoHREHfoyEKaaEWsfAWkJ/OXXdF/MzxF2FRoDPCGGxKVCKD+ovylC04k73HWMQ
kkO+wlP920hyJl9U2uIYptx9W4S41PXd2afhv1whnxOl0y2IGsg/5eRQhEPsvPXp
CRD+kg6l/txw2A/L0zsCFEVSAAI5fFve6RdcgGld7GRYIfs4WGNX1iGyjUUkCjeB
bwP+6UnavaK7K6mXyhDmWT90FR5tud74LnCuhOuotZYkrA2uEfuadu3ZOPXq762l
n+wnwcmS6l8E++Gx6wuWpPbq3W0Ek9FtOhrCG6ad7zDeXsuJzZxUyY0rktwDXSwq
hnI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:46:54 2025 by rpki-client