Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sY1BC7dseL4PX197EAQhc6UXDc8.roa
File: sY1BC7dseL4PX197EAQhc6UXDc8.roa (raw, json)
Hash identifier: Mu/mD7y5Sh7v+4X5m+M7P/bDClBYXKOopRvURgNPiKk=
Subject key identifier: B1:8D:41:0B:B7:6C:78:BE:0F:5F:5F:7B:10:04:21:73:A5:17:0D:CF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5592A6730DF6F42000E7D8E0ED405107
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sY1BC7dseL4PX197EAQhc6UXDc8.roa
Signing time: Sun 22 Oct 2023 04:09:15 +0000
ROA not before: Sun 22 Oct 2023 04:09:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:55:92:a6:73:0d:f6:f4:20:00:e7:d8:e0:ed:40:51:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 04:09:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b18d410bb76c78be0f5f5f7b10042173a5170dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:54:a7:b1:44:56:e0:f4:f9:ee:d3:02:58:0b:
de:13:e2:40:9a:2e:61:7d:46:b6:ce:d2:51:41:f9:
12:f2:ac:f3:65:25:f8:6c:0a:48:01:a2:43:ea:3e:
b2:31:25:59:bf:24:56:cd:ee:dd:a2:32:19:37:dd:
a9:43:42:5f:64:ec:b2:14:2f:9c:a2:26:d1:94:9b:
d4:b0:d4:ff:a9:da:bc:a0:1f:59:4f:ff:ce:93:61:
38:a9:11:7f:55:09:e2:8f:bd:c4:f3:88:05:e2:38:
e9:ee:cd:14:87:e4:74:76:db:28:0e:0d:a0:ba:3d:
a8:ad:1d:ee:9e:d0:db:7d:3c:b6:be:1d:1a:27:d5:
c8:ae:e8:2d:13:41:0d:8a:5e:22:a0:1c:8a:ec:92:
0f:6d:9f:fd:e8:f6:d9:b4:85:6e:39:52:da:f1:6b:
4f:9e:7c:8f:7c:2b:a4:5e:ef:95:74:09:13:8b:f6:
85:09:c3:d5:82:f1:c4:19:b6:7d:57:a2:f2:f1:cf:
71:ee:32:08:0c:2e:d2:27:4c:f0:4a:8f:63:45:a9:
cd:21:54:9c:8d:4e:72:68:af:e4:34:2c:a0:c1:57:
14:ec:f6:b6:ac:86:62:61:18:ec:f1:c3:a4:4f:67:
e9:a0:18:91:d2:dc:66:4e:4e:52:ff:16:d2:a3:98:
9d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8D:41:0B:B7:6C:78:BE:0F:5F:5F:7B:10:04:21:73:A5:17:0D:CF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sY1BC7dseL4PX197EAQhc6UXDc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:fe:d4:45:3a:41:26:d0:c8:91:1b:fb:10:bd:43:75:3f:38:
b3:9c:14:fb:94:a0:1d:11:88:ed:cb:ac:e2:77:28:ec:7a:0f:
1b:30:07:fd:9d:68:2c:89:9d:5d:02:01:78:b2:8b:a0:7a:d5:
3d:ce:78:85:a9:0d:ce:09:74:d1:fc:70:e3:bc:fe:3e:3a:d6:
fb:f2:6a:5b:fc:ce:c5:1f:8d:41:32:5f:56:3f:c3:ad:c2:f7:
86:7a:5c:41:ea:e7:df:3f:b0:82:1c:b9:f9:c1:67:fd:56:6f:
6d:c6:26:f5:78:30:75:d8:53:3f:36:c4:58:8a:93:e8:17:d6:
3b:dc:c8:eb:36:93:cf:1d:ef:23:5b:de:d3:11:d9:19:2b:23:
0b:2e:2d:29:86:39:63:dd:b9:d8:eb:a8:01:d1:b7:05:92:5f:
09:82:8c:e4:cd:2f:06:2c:36:fd:e2:d7:43:c9:5c:4f:f0:09:
e6:4d:3d:cc:af:04:d9:e0:92:6c:55:8d:49:68:4f:e8:15:17:
da:02:e2:f6:13:f5:cd:54:c1:07:e3:06:34:d5:77:66:f4:48:
12:8b:5e:dd:7a:05:82:2b:ce:c5:e1:11:b4:21:81:19:48:b4:
43:eb:db:47:fb:1f:aa:38:4a:2c:f1:d5:94:2d:24:67:e8:22:
c9:8c:db:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtVkqZzDfb0IADn2ODtQFEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMDQwOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThkNDEwYmI3NmM3OGJlMGY1ZjVmN2IxMDA0MjE3M2E1MTcwZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFSnsURW4PT57tMCWAveE+JAmi5h
fUa2ztJRQfkS8qzzZSX4bApIAaJD6j6yMSVZvyRWze7dojIZN92pQ0JfZOyyFC+c
oibRlJvUsNT/qdq8oB9ZT//Ok2E4qRF/VQnij73E84gF4jjp7s0Uh+R0dtsoDg2g
uj2orR3untDbfTy2vh0aJ9XIrugtE0ENil4ioByK7JIPbZ/96PbZtIVuOVLa8WtP
nnyPfCukXu+VdAkTi/aFCcPVgvHEGbZ9V6Ly8c9x7jIIDC7SJ0zwSo9jRanNIVSc
jU5yaK/kNCygwVcU7Pa2rIZiYRjs8cOkT2fpoBiR0txmTk5S/xbSo5idewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLGNQQu3bHi+D19fexAEIXOlFw3PMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc1kxQkM3ZHNlTDRQWDE5N0VBUWhjNlVYRGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAv+1EU6QSbQyJEb+xC9
Q3U/OLOcFPuUoB0RiO3LrOJ3KOx6DxswB/2daCyJnV0CAXiyi6B61T3OeIWpDc4J
dNH8cOO8/j461vvyalv8zsUfjUEyX1Y/w63C94Z6XEHq598/sIIcufnBZ/1Wb23G
JvV4MHXYUz82xFiKk+gX1jvcyOs2k88d7yNb3tMR2RkrIwsuLSmGOWPdudjrqAHR
twWSXwmCjOTNLwYsNv3i10PJXE/wCeZNPcyvBNngkmxVjUloT+gVF9oC4vYT9c1U
wQfjBjTVd2b0SBKLXt16BYIrzsXhEbQhgRlItEPr20f7H6o4Sizx1ZQtJGfoIsmM
228=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:24:50 2025 by rpki-client