Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y5HvWTs4Okv5PswD5I_QK8jmokk.roa
File: y5HvWTs4Okv5PswD5I_QK8jmokk.roa (raw, json)
Hash identifier: FwIWSsUKi9s6O7CaOgaekweOZflanIz91g+VskPomQQ=
Subject key identifier: CB:91:EF:59:3B:38:3A:4B:F9:3E:CC:03:E4:8F:D0:2B:C8:E6:A2:49
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B322F320C7436A3128784F79EAA315BF2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y5HvWTs4Okv5PswD5I_QK8jmokk.roa
Signing time: Sun 15 Oct 2023 07:13:55 +0000
ROA not before: Sun 15 Oct 2023 07:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:32:2f:32:0c:74:36:a3:12:87:84:f7:9e:aa:31:5b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 07:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb91ef593b383a4bf93ecc03e48fd02bc8e6a249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:66:41:31:51:96:e9:b2:ce:90:2a:4d:95:91:
3b:9d:be:f6:08:d1:d2:a5:e3:f5:e2:c1:1f:d4:a2:
7c:2d:32:d6:ec:75:29:8a:93:b3:72:1b:b5:12:8e:
76:95:8f:7a:f2:67:a3:f1:cd:a5:a4:93:0a:b2:5a:
70:b4:3a:69:f8:b0:e2:07:52:29:54:76:a2:05:57:
66:56:f8:59:d1:7c:be:d0:7c:bd:0a:8f:3d:a1:9a:
46:ef:2d:83:25:ec:42:5b:57:b2:c1:19:19:35:86:
8b:f7:90:cb:18:3f:8d:d3:1c:2e:db:ae:a6:f9:d2:
e3:d4:44:80:e4:39:e8:38:36:80:04:09:f9:e7:39:
dd:66:24:dc:3c:92:52:a8:73:20:df:21:25:b8:67:
70:98:f3:81:36:39:83:a6:00:35:6e:ec:43:b6:86:
d0:e3:33:c0:aa:aa:7d:5f:7a:d5:1d:23:87:b6:51:
92:db:4a:6d:df:1d:da:7c:a6:5b:d7:9f:a4:4b:e4:
f4:1d:62:f2:93:62:12:57:1b:19:7e:50:0c:15:07:
69:10:6c:87:98:02:05:11:f7:33:a5:64:92:db:c9:
2d:d5:c1:ff:6f:39:30:6e:f4:60:40:aa:26:47:1a:
b3:bd:e3:e5:41:47:8d:17:18:df:f3:d4:4d:29:d4:
5f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:91:EF:59:3B:38:3A:4B:F9:3E:CC:03:E4:8F:D0:2B:C8:E6:A2:49
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y5HvWTs4Okv5PswD5I_QK8jmokk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:03:6c:90:d9:2f:93:5d:d5:f7:d7:1d:75:88:7f:56:13:a1:
cd:59:a4:32:fc:07:cf:10:4d:e5:6f:fe:3e:75:74:15:85:07:
84:d6:54:36:6e:0e:ac:b6:41:85:ee:7b:2d:65:fa:c0:d1:a1:
d4:28:f0:f9:a0:68:ab:d8:7f:a9:a0:1b:3b:7b:37:53:ce:87:
ac:78:e2:15:30:c8:d8:0f:41:65:27:aa:24:dc:f3:f3:4c:c3:
9b:77:37:78:04:99:1a:02:9b:3d:f0:c7:c6:03:48:93:34:ca:
ed:16:88:a1:bd:0d:22:da:ba:22:05:08:b8:b9:bc:fb:fb:73:
df:6e:ec:74:bf:b8:49:03:1e:39:8f:47:86:9d:66:d1:9f:16:
4b:98:34:f6:94:be:4f:9b:93:56:b2:18:df:72:ad:80:f9:ce:
59:9e:59:03:48:4d:01:0a:a6:1a:43:7a:b8:d5:e9:4b:43:4a:
26:bb:f8:a1:f6:82:cc:63:96:07:57:83:ad:59:9c:8b:de:78:
1e:e0:2d:32:27:f7:37:65:52:fd:09:e8:89:ec:d0:85:a0:0b:
e7:ea:9a:ca:f9:1b:e0:b9:b6:73:b4:36:47:cb:bd:62:7c:87:
87:34:ee:80:e3:f9:0c:63:ff:c6:1a:20:1f:71:62:79:52:89:
9b:86:fb:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsyLzIMdDajEoeE956qMVvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MDcxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjkxZWY1OTNiMzgzYTRiZjkzZWNjMDNlNDhmZDAyYmM4ZTZhMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGZBMVGW6bLOkCpNlZE7nb72CNHS
peP14sEf1KJ8LTLW7HUpipOzchu1Eo52lY968mej8c2lpJMKslpwtDpp+LDiB1Ip
VHaiBVdmVvhZ0Xy+0Hy9Co89oZpG7y2DJexCW1eywRkZNYaL95DLGD+N0xwu266m
+dLj1ESA5DnoODaABAn55zndZiTcPJJSqHMg3yEluGdwmPOBNjmDpgA1buxDtobQ
4zPAqqp9X3rVHSOHtlGS20pt3x3afKZb15+kS+T0HWLyk2ISVxsZflAMFQdpEGyH
mAIFEfczpWSS28kt1cH/bzkwbvRgQKomRxqzvePlQUeNFxjf89RNKdRf3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMuR71k7ODpL+T7MA+SP0CvI5qJJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveTVIdldUczRPa3Y1UHN3RDVJX1FLOGptb2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC8DbJDZL5Nd1ffXHXWI
f1YToc1ZpDL8B88QTeVv/j51dBWFB4TWVDZuDqy2QYXuey1l+sDRodQo8PmgaKvY
f6mgGzt7N1POh6x44hUwyNgPQWUnqiTc8/NMw5t3N3gEmRoCmz3wx8YDSJM0yu0W
iKG9DSLauiIFCLi5vPv7c99u7HS/uEkDHjmPR4adZtGfFkuYNPaUvk+bk1ayGN9y
rYD5zlmeWQNITQEKphpDerjV6UtDSia7+KH2gsxjlgdXg61ZnIveeB7gLTIn9zdl
Uv0J6Ins0IWgC+fqmsr5G+C5tnO0NkfLvWJ8h4c07oDj+Qxj/8YaIB9xYnlSiZuG
+7g=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:40:49 2025 by rpki-client