Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nYhPv2_3m9PQK9LTZl3nCLdD-74.roa
File: nYhPv2_3m9PQK9LTZl3nCLdD-74.roa (raw, json)
Hash identifier: BEBzU5+JsXXBnP2c7VRPKhcTUzrDneoyMQIjLJStlag=
Subject key identifier: 9D:88:4F:BF:6F:F7:9B:D3:D0:2B:D2:D3:66:5D:E7:08:B7:43:FB:BE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADEAE9CC879B60E38D3B63967726E831F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nYhPv2_3m9PQK9LTZl3nCLdD-74.roa
Signing time: Fri 29 Sep 2023 02:04:59 +0000
ROA not before: Fri 29 Sep 2023 02:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:dead:f2d6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:de:ae:9c:c8:79:b6:0e:38:d3:b6:39:67:72:6e:83:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 02:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d884fbf6ff79bd3d02bd2d3665de708b743fbbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a4:d6:c3:da:fc:17:5c:e1:d3:19:d8:cd:a8:
32:f3:16:ee:3c:bd:42:0e:8c:73:ac:8d:75:5f:10:
dc:70:cc:c1:93:48:ed:6a:33:30:8c:25:79:0f:61:
54:06:e0:f8:da:86:04:8c:20:ec:8b:5a:34:28:a5:
11:87:dd:7b:f5:77:3d:0f:86:ba:33:77:56:07:88:
60:fe:9e:f9:3b:71:32:ca:79:dc:e9:ec:c9:bb:fd:
a4:22:07:61:d7:d2:07:e5:32:f4:8c:94:8e:ac:4a:
70:83:bf:47:c9:36:9d:2c:17:20:8e:1b:d5:9c:4b:
94:4e:c6:e1:31:d2:22:eb:c1:1e:86:e1:9e:87:5c:
4c:3b:4f:99:a5:6a:a4:66:37:42:61:41:68:89:d3:
38:62:e6:86:40:be:75:99:0a:b6:25:42:84:fc:8e:
16:ac:43:7a:ff:ac:9d:d7:5c:89:7c:c9:e3:1d:e2:
00:cd:10:03:de:0e:83:a7:85:13:21:8b:12:9c:07:
8f:3f:26:a2:5b:13:c5:62:b6:0a:41:fa:a0:7c:1d:
f8:e7:1b:0b:ad:06:cf:5c:05:96:73:36:55:43:31:
4c:96:e5:26:ec:2b:1c:98:fe:44:3b:e3:88:a1:be:
c0:86:c9:de:21:5a:77:2e:2a:46:c2:1a:98:67:94:
b8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:88:4F:BF:6F:F7:9B:D3:D0:2B:D2:D3:66:5D:E7:08:B7:43:FB:BE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nYhPv2_3m9PQK9LTZl3nCLdD-74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:22:0d:b6:ee:05:19:e8:50:73:b6:20:85:9f:0a:f7:78:28:
50:dc:97:87:b1:03:57:8d:16:76:d7:d3:ec:e6:6e:c8:3b:3c:
1e:10:cf:73:9b:c6:6a:06:98:c7:9e:8c:e2:b6:26:43:fc:8b:
6d:ea:42:96:f8:71:14:56:b7:26:31:6b:ea:50:63:99:d1:1e:
34:f7:c2:9a:a2:b9:d2:4c:0c:53:99:ae:2e:77:ac:ef:3d:34:
47:40:c7:8f:8a:dd:0a:18:19:c7:a1:90:24:a8:19:68:f5:44:
6a:cb:3c:ec:18:33:e4:f6:cd:8a:25:d3:4e:ab:eb:bf:76:34:
fa:b1:79:00:c6:68:47:ea:af:0c:3a:ae:f9:a2:83:af:8c:cb:
92:e0:cf:8a:78:be:c4:6b:df:99:7e:dc:4b:bf:d0:62:d0:c6:
6a:6e:36:2f:cc:6b:43:5f:36:fb:5a:6d:95:80:1c:da:04:68:
64:b9:2c:3b:00:ed:5d:c8:57:47:1c:4f:5d:68:b4:1a:a2:4d:
c1:58:6a:8c:34:61:d2:9e:e8:f6:60:93:4c:c7:2e:b7:61:82:
25:58:01:78:35:63:de:ef:70:89:bd:2d:9d:bc:2a:a4:a7:7c:
27:a5:61:53:ad:69:21:9a:ea:e9:20:ee:78:f4:40:56:8d:db:
76:68:90:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrerpzIebYOONO2OWdyboMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MDIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg4NGZiZjZmZjc5YmQzZDAyYmQyZDM2NjVkZTcwOGI3NDNmYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqTWw9r8F1zh0xnYzagy8xbuPL1C
DoxzrI11XxDccMzBk0jtajMwjCV5D2FUBuD42oYEjCDsi1o0KKURh9179Xc9D4a6
M3dWB4hg/p75O3Eyynnc6ezJu/2kIgdh19IH5TL0jJSOrEpwg79HyTadLBcgjhvV
nEuUTsbhMdIi68EehuGeh1xMO0+ZpWqkZjdCYUFoidM4YuaGQL51mQq2JUKE/I4W
rEN6/6yd11yJfMnjHeIAzRAD3g6Dp4UTIYsSnAePPyaiWxPFYrYKQfqgfB345xsL
rQbPXAWWczZVQzFMluUm7CscmP5EO+OIob7AhsneIVp3LipGwhqYZ5S4BwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ2IT79v95vT0CvS02Zd5wi3Q/u+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvblloUHYyXzNtOVBRSzlMVFpsM25DTGRELTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAwiDbbuBRnoUHO2IIWf
Cvd4KFDcl4exA1eNFnbX0+zmbsg7PB4Qz3ObxmoGmMeejOK2JkP8i23qQpb4cRRW
tyYxa+pQY5nRHjT3wpqiudJMDFOZri53rO89NEdAx4+K3QoYGcehkCSoGWj1RGrL
POwYM+T2zYol006r6792NPqxeQDGaEfqrww6rvmig6+My5Lgz4p4vsRr35l+3Eu/
0GLQxmpuNi/Ma0NfNvtabZWAHNoEaGS5LDsA7V3IV0ccT11otBqiTcFYaow0YdKe
6PZgk0zHLrdhgiVYAXg1Y97vcIm9LZ28KqSnfCelYVOtaSGa6ukg7nj0QFaN23Zo
kNM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:46 2025 by rpki-client