Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sY8Kq4FyQxV-anrCdANMORvZSbQ.roa
File: sY8Kq4FyQxV-anrCdANMORvZSbQ.roa (raw, json)
Hash identifier: wU2kvAabQswd/nazq/B9vqfLfMJddGLIXPhnBJHEajg=
Subject key identifier: B1:8F:0A:AB:81:72:43:15:7E:6A:7A:C2:74:03:4C:39:1B:D9:49:B4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE17B13DE6AC299AE70769AED43CA46BF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sY8Kq4FyQxV-anrCdANMORvZSbQ.roa
Signing time: Sat 18 Nov 2023 08:10:21 +0000
ROA not before: Sat 18 Nov 2023 08:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e1:7b:13:de:6a:c2:99:ae:70:76:9a:ed:43:ca:46:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 18 08:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b18f0aab817243157e6a7ac274034c391bd949b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:95:ff:79:a6:bd:22:77:18:70:86:26:07:
e4:ff:3f:73:d6:f9:82:0a:32:10:31:21:f0:58:20:
e5:55:a9:2b:78:73:1b:20:86:1d:5f:19:61:67:a4:
44:00:8c:d6:94:df:f6:a1:d7:04:a6:03:37:b2:75:
a9:0b:9d:aa:32:2c:b0:e8:a5:06:11:a6:b9:1e:cc:
2b:f2:dd:29:ea:dc:9c:e6:60:51:64:53:68:83:68:
c0:c4:09:d8:da:08:ba:5a:30:53:d1:1e:e6:62:a3:
f6:3f:76:f9:cd:41:6c:54:02:ea:0c:48:32:ec:cd:
9f:9f:06:ba:ff:26:89:6b:57:ac:bc:31:d3:c2:c3:
de:ad:db:5d:ab:e0:4a:8f:66:bb:6e:10:0b:22:1c:
41:a9:76:dc:45:fe:9e:02:94:24:b4:4b:ae:05:b1:
71:00:11:74:03:ec:ad:17:21:0c:27:74:19:23:45:
f2:8e:d5:e1:ac:99:22:21:d8:24:07:d6:83:1c:f4:
4a:e1:38:38:3c:d0:37:25:12:09:57:c0:05:c5:db:
e6:b4:df:a3:fe:1d:28:03:4f:5d:85:b9:ee:8d:df:
d8:de:2a:e3:e4:8c:cb:0a:fb:9c:1d:38:a3:ce:e4:
f9:4c:e0:c4:81:a9:0a:43:7f:6b:06:68:d5:1c:d0:
d6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8F:0A:AB:81:72:43:15:7E:6A:7A:C2:74:03:4C:39:1B:D9:49:B4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sY8Kq4FyQxV-anrCdANMORvZSbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b7:42:a8:9e:ec:5e:09:8a:1e:a6:81:95:b3:b7:62:73:86:35:
5e:bf:45:4f:d4:8a:7c:b3:54:ff:20:6d:e2:67:3e:af:94:f7:
98:2b:9b:1f:bf:8e:59:51:c5:68:3d:be:a4:f9:71:a1:ab:bc:
4a:cd:b0:28:05:02:42:55:fc:71:0b:de:78:57:96:90:2b:f0:
a1:6f:8f:94:22:29:22:3e:bb:8c:ee:d7:da:ad:01:7d:ed:33:
7b:54:85:7d:09:a6:c9:7b:09:47:83:c6:cc:7f:10:64:ef:91:
05:88:c2:ec:30:2d:e5:13:38:21:a7:2f:8c:81:65:eb:56:8b:
a1:14:3f:85:5d:9e:64:db:e2:37:e1:5b:c6:fd:80:22:86:39:
99:24:7c:c5:5f:fb:75:53:79:77:34:38:96:bc:d9:56:7f:06:
f5:67:9c:1e:c7:bb:46:62:4c:72:f1:55:2c:a7:82:5a:69:d5:
55:21:6a:c0:b6:db:56:b5:a6:23:a3:7e:60:46:f6:1e:ae:e1:
b8:11:fb:93:c8:a8:af:72:fb:19:97:2c:b6:78:bf:ac:6d:78:
2f:4e:9c:fa:50:43:81:9c:7e:40:b4:f7:9b:2f:83:f2:20:11:
88:2a:28:8c:b2:c2:e8:46:36:4c:ca:0a:2d:73:54:63:9d:70:
06:39:4f:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvhexPeasKZrnB2mu1Dyka/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE4MDgxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThmMGFhYjgxNzI0MzE1N2U2YTdhYzI3NDAzNGMzOTFiZDk0OWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhISV/3mmvSJ3GHCGJgfk/z9z1vmC
CjIQMSHwWCDlVakreHMbIIYdXxlhZ6REAIzWlN/2odcEpgM3snWpC52qMiyw6KUG
Eaa5Hswr8t0p6tyc5mBRZFNog2jAxAnY2gi6WjBT0R7mYqP2P3b5zUFsVALqDEgy
7M2fnwa6/yaJa1esvDHTwsPerdtdq+BKj2a7bhALIhxBqXbcRf6eApQktEuuBbFx
ABF0A+ytFyEMJ3QZI0XyjtXhrJkiIdgkB9aDHPRK4Tg4PNA3JRIJV8AFxdvmtN+j
/h0oA09dhbnujd/Y3irj5IzLCvucHTijzuT5TODEgakKQ39rBmjVHNDWrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLGPCquBckMVfmp6wnQDTDkb2Um0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc1k4S3E0RnlReFYtYW5yQ2RBTk1PUnZaU2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALdCqJ7sXgmKHqaBlbO3
YnOGNV6/RU/UinyzVP8gbeJnPq+U95grmx+/jllRxWg9vqT5caGrvErNsCgFAkJV
/HEL3nhXlpAr8KFvj5QiKSI+u4zu19qtAX3tM3tUhX0Jpsl7CUeDxsx/EGTvkQWI
wuwwLeUTOCGnL4yBZetWi6EUP4VdnmTb4jfhW8b9gCKGOZkkfMVf+3VTeXc0OJa8
2VZ/BvVnnB7Hu0ZiTHLxVSynglpp1VUhasC221a1piOjfmBG9h6u4bgR+5PIqK9y
+xmXLLZ4v6xteC9OnPpQQ4GcfkC095svg/IgEYgqKIyywuhGNkzKCi1zVGOdcAY5
T28=
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:18:43 2025 by rpki-client