Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/taiymyXJg0hVWa3kqhbMx2zTiE4.roa
File: taiymyXJg0hVWa3kqhbMx2zTiE4.roa (raw, json)
Hash identifier: r/UQ1sdxoW2Fa/Ij8e7IUhcNXdiF3gSbc9806KpktMs=
Subject key identifier: B5:A8:B2:9B:25:C9:83:48:55:59:AD:E4:AA:16:CC:C7:6C:D3:88:4E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACD8DC50651A7E78EA7B78D95D9D05679
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/taiymyXJg0hVWa3kqhbMx2zTiE4.roa
Signing time: Mon 25 Sep 2023 18:15:34 +0000
ROA not before: Mon 25 Sep 2023 18:15:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:8d:c5:06:51:a7:e7:8e:a7:b7:8d:95:d9:d0:56:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 18:15:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a8b29b25c983485559ade4aa16ccc76cd3884e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4c:8b:a8:51:14:e4:5c:2b:13:bb:d7:2f:ce:
ba:b2:a4:4d:ce:e1:9a:19:24:74:e4:90:ce:cf:40:
fc:9f:fd:e7:dc:e0:fb:13:01:77:a0:b3:a1:be:be:
33:c0:16:e4:1f:52:a6:fa:7a:44:b3:bc:fb:30:90:
b3:47:ac:ea:7b:0f:46:60:6a:2c:2d:12:38:39:9e:
69:d5:46:9a:a0:3a:30:cf:e8:79:ea:f9:90:0e:d3:
6d:c5:0a:82:3f:10:0a:be:81:f1:3e:6d:55:00:aa:
b5:a9:87:43:c9:5a:b6:01:7b:e7:ee:b9:36:87:ab:
1f:14:fb:ed:09:e5:10:2e:68:ab:82:39:ee:20:55:
06:0e:2a:1d:72:d5:9e:8c:36:c6:9d:f7:40:d9:11:
8d:95:cd:69:62:02:92:28:e5:ee:c8:95:e8:73:dc:
7a:f4:08:61:c1:65:8b:b6:90:d3:5c:c9:11:dd:fe:
8b:d3:54:37:3b:64:42:df:66:bc:69:50:1b:b9:d6:
a7:18:16:1e:29:0e:63:99:22:04:80:e1:3c:af:66:
71:00:b1:4f:a6:e1:01:e7:f4:c2:bb:26:1d:5e:44:
50:8a:b8:33:ee:98:d7:14:1e:ee:fe:f5:6e:65:f4:
d0:bd:11:36:7b:a5:41:56:3c:bc:62:ba:57:bc:92:
22:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A8:B2:9B:25:C9:83:48:55:59:AD:E4:AA:16:CC:C7:6C:D3:88:4E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/taiymyXJg0hVWa3kqhbMx2zTiE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:9c:a0:31:85:50:e3:45:d4:41:0f:d8:43:20:3a:0c:e6:c2:
5f:c9:5e:b1:c8:95:c0:d4:6e:46:a7:4a:e6:8f:d0:a4:b7:86:
f2:7c:a7:c3:2c:9d:fc:f1:8d:13:67:7f:15:d2:ae:12:6c:2b:
d9:13:79:38:0a:e8:53:64:98:fc:31:4f:65:c0:39:32:36:84:
4a:20:47:46:b4:1b:63:e3:d6:af:49:a8:10:f4:f9:10:98:e3:
06:a9:50:17:6c:36:a7:eb:4e:43:6d:cb:6e:fc:09:bf:6d:3e:
58:c3:51:ad:04:7c:92:7a:2c:87:6f:96:61:12:97:02:be:30:
af:3d:7e:f6:91:3d:ae:be:3b:0a:9f:1c:cb:08:65:24:26:c8:
1b:8b:25:e4:d9:21:14:7d:85:ec:44:23:43:3b:e8:83:cf:2c:
ef:da:04:8a:52:79:20:a2:4f:d7:5d:1d:f3:6c:49:e2:20:87:
a0:81:e8:e6:7b:e5:19:2a:ac:fc:93:e2:60:78:2a:4f:f2:b6:
07:9e:43:ec:f9:24:d1:60:73:84:18:33:55:39:4f:39:a2:a7:
51:a3:3a:24:6d:f3:d7:32:1e:89:80:d8:3b:04:59:13:48:dc:
fb:b4:44:a7:db:1d:b8:1a:8d:23:bb:4d:8c:7a:e0:ee:95:75:
d7:33:a1:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrNjcUGUafnjqe3jZXZ0FZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MTgxNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE4YjI5YjI1Yzk4MzQ4NTU1OWFkZTRhYTE2Y2NjNzZjZDM4ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0yLqFEU5FwrE7vXL866sqRNzuGa
GSR05JDOz0D8n/3n3OD7EwF3oLOhvr4zwBbkH1Km+npEs7z7MJCzR6zqew9GYGos
LRI4OZ5p1UaaoDowz+h56vmQDtNtxQqCPxAKvoHxPm1VAKq1qYdDyVq2AXvn7rk2
h6sfFPvtCeUQLmirgjnuIFUGDiodctWejDbGnfdA2RGNlc1pYgKSKOXuyJXoc9x6
9AhhwWWLtpDTXMkR3f6L01Q3O2RC32a8aVAbudanGBYeKQ5jmSIEgOE8r2ZxALFP
puEB5/TCuyYdXkRQirgz7pjXFB7u/vVuZfTQvRE2e6VBVjy8YrpXvJIiqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLWospslyYNIVVmt5KoWzMds04hOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdGFpeW15WEpnMGhWV2Eza3FoYk14MnpUaUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJucoDGFUONF1EEP2EMg
Ogzmwl/JXrHIlcDUbkanSuaP0KS3hvJ8p8MsnfzxjRNnfxXSrhJsK9kTeTgK6FNk
mPwxT2XAOTI2hEogR0a0G2Pj1q9JqBD0+RCY4wapUBdsNqfrTkNty278Cb9tPljD
Ua0EfJJ6LIdvlmESlwK+MK89fvaRPa6+OwqfHMsIZSQmyBuLJeTZIRR9hexEI0M7
6IPPLO/aBIpSeSCiT9ddHfNsSeIgh6CB6OZ75RkqrPyT4mB4Kk/ytgeeQ+z5JNFg
c4QYM1U5Tzmip1GjOiRt89cyHomA2DsEWRNI3Pu0RKfbHbgajSO7TYx64O6Vddcz
oZk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:10:38 2025 by rpki-client