Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y36-nuAR1oKEoGoOqtDLXpHYj4s.roa
File: y36-nuAR1oKEoGoOqtDLXpHYj4s.roa (raw, json)
Hash identifier: BdhFlfb84uqlgmLb81SpeceCHeHTZbs9rYVXc1RF6QM=
Subject key identifier: CB:7E:BE:9E:E0:11:D6:82:84:A0:6A:0E:AA:D0:CB:5E:91:D8:8F:8B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFF1D68F4245731DBC8F52C44B6754639
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y36-nuAR1oKEoGoOqtDLXpHYj4s.roa
Signing time: Fri 24 Nov 2023 02:16:39 +0000
ROA not before: Fri 24 Nov 2023 02:16:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ff:1d:68:f4:24:57:31:db:c8:f5:2c:44:b6:75:46:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 24 02:16:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb7ebe9ee011d68284a06a0eaad0cb5e91d88f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bb:52:ad:9a:25:a4:8e:db:d4:c3:cf:03:94:
63:8e:3b:ea:f9:68:9c:da:de:50:3f:69:16:f9:06:
22:0f:39:33:5f:5f:c7:63:e4:14:13:84:e8:0d:e1:
5a:83:61:48:ac:ba:7a:7c:9b:5a:b8:0f:79:83:de:
ff:fc:ea:4a:e4:fa:f7:17:26:1d:66:7c:ab:67:4e:
e6:8e:ac:a1:cc:27:12:04:c4:ff:a2:ce:91:61:f2:
f9:58:13:5f:c0:57:2c:86:22:de:21:ed:f8:1f:1d:
75:09:10:44:b6:7e:0c:35:67:0a:af:9a:b9:fe:ab:
b9:36:4f:f6:d6:cf:7f:14:96:8e:1c:74:1a:46:c6:
ac:43:3a:88:01:6b:a6:09:0c:96:80:af:8d:32:4d:
a5:22:ec:84:c4:b9:53:9d:80:09:fb:6a:4b:a2:2c:
19:ee:94:20:d9:65:d4:b2:27:1b:a8:b1:e1:0a:6b:
35:4d:6f:f6:5e:9b:b5:5e:f8:70:09:53:b2:23:03:
d5:d8:66:c3:90:9d:31:4c:7f:44:7c:f3:cb:71:cb:
fa:80:95:2c:51:26:02:36:74:02:64:98:b8:3c:1b:
86:84:70:31:2d:57:d4:30:6b:7f:62:bf:94:b4:77:
79:f7:fa:9f:76:59:0b:af:2a:43:7a:c3:f2:90:26:
8a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7E:BE:9E:E0:11:D6:82:84:A0:6A:0E:AA:D0:CB:5E:91:D8:8F:8B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y36-nuAR1oKEoGoOqtDLXpHYj4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d3:d1:2b:50:3d:bc:9e:14:1b:28:48:cc:d5:e5:ee:3a:19:a1:
1d:50:f1:20:d7:66:d9:92:cf:46:ec:40:9a:4e:8b:59:60:ad:
fd:6d:8e:d9:3a:c8:c1:46:75:05:c1:a0:1d:ea:10:1f:53:8c:
2e:6e:fd:92:45:4d:63:6a:8d:12:2d:11:8d:e3:6c:ae:4b:7a:
e6:66:ff:0f:48:e8:f3:00:d2:a3:3c:ec:4b:0a:b3:17:59:a6:
0a:ee:62:b7:1b:db:bc:d3:04:54:8b:18:22:33:b4:67:66:81:
b8:56:3f:7b:06:a6:c1:33:cd:62:27:44:7e:47:4e:a9:b7:e9:
49:dc:9f:42:5a:d4:b7:fa:9b:00:b9:dd:65:ae:b7:e6:a3:2f:
8b:60:50:db:34:29:cb:b2:e5:68:a9:62:01:0c:a3:be:fe:bc:
ca:3e:63:a4:f4:c1:a7:49:0d:9f:15:01:7e:e5:11:52:1f:17:
03:97:79:ad:47:df:24:ab:5a:5a:7d:91:1c:47:27:e6:af:34:
75:bd:0a:a0:81:20:8e:5a:f2:1a:8a:d4:96:4a:d1:38:01:0e:
9d:8a:15:fd:59:dd:87:6d:b2:b9:a5:95:78:4d:e1:6d:58:31:
23:b3:7a:13:31:a1:91:01:e1:c3:10:3e:e5:4c:b6:7c:de:70:
c5:8f:7b:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv/HWj0JFcx28j1LES2dUY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI0MDIxNjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdlYmU5ZWUwMTFkNjgyODRhMDZhMGVhYWQwY2I1ZTkxZDg4ZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbtSrZolpI7b1MPPA5Rjjjvq+Wic
2t5QP2kW+QYiDzkzX1/HY+QUE4ToDeFag2FIrLp6fJtauA95g97//OpK5Pr3FyYd
ZnyrZ07mjqyhzCcSBMT/os6RYfL5WBNfwFcshiLeIe34Hx11CRBEtn4MNWcKr5q5
/qu5Nk/21s9/FJaOHHQaRsasQzqIAWumCQyWgK+NMk2lIuyExLlTnYAJ+2pLoiwZ
7pQg2WXUsicbqLHhCms1TW/2Xpu1XvhwCVOyIwPV2GbDkJ0xTH9EfPPLccv6gJUs
USYCNnQCZJi4PBuGhHAxLVfUMGt/Yr+UtHd59/qfdlkLrypDesPykCaKFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMt+vp7gEdaChKBqDqrQy16R2I+LMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveTM2LW51QVIxb0tFb0dvT3F0RExYcEhZajRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANPRK1A9vJ4UGyhIzNXl
7joZoR1Q8SDXZtmSz0bsQJpOi1lgrf1tjtk6yMFGdQXBoB3qEB9TjC5u/ZJFTWNq
jRItEY3jbK5LeuZm/w9I6PMA0qM87EsKsxdZpgruYrcb27zTBFSLGCIztGdmgbhW
P3sGpsEzzWInRH5HTqm36Uncn0Ja1Lf6mwC53WWut+ajL4tgUNs0Kcuy5WipYgEM
o77+vMo+Y6T0wadJDZ8VAX7lEVIfFwOXea1H3ySrWlp9kRxHJ+avNHW9CqCBII5a
8hqK1JZK0TgBDp2KFf1Z3YdtsrmllXhN4W1YMSOzehMxoZEB4cMQPuVMtnzecMWP
e4M=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:13:03 2025 by rpki-client