Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yCEJEjWBz_mW8KaiZU_tDpHqQLs.roa
File: yCEJEjWBz_mW8KaiZU_tDpHqQLs.roa (raw, json)
Hash identifier: 28yOV75G5fEPTbESJXOlT4/vz0cncGdzE+Hma1Ea86U=
Subject key identifier: C8:21:09:12:35:81:CF:F9:96:F0:A6:A2:65:4F:ED:0E:91:EA:40:BB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C32C997F12F5CFF5034967F966026ECAD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yCEJEjWBz_mW8KaiZU_tDpHqQLs.roa
Signing time: Mon 04 Dec 2023 03:05:21 +0000
ROA not before: Mon 04 Dec 2023 03:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:32c8:bb31/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:32:c9:97:f1:2f:5c:ff:50:34:96:7f:96:60:26:ec:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 03:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82109123581cff996f0a6a2654fed0e91ea40bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8b:83:13:ab:1c:18:37:9c:8d:a3:37:3c:a3:
ff:52:c9:cb:db:b6:64:07:ca:52:5b:4d:11:ef:a6:
51:9d:94:cf:ee:ca:e1:71:9d:9f:ba:6d:15:37:87:
62:2b:b3:6a:df:cc:ca:ed:31:e1:7f:00:60:97:a6:
e8:56:19:36:d6:9a:8b:ca:67:03:90:40:c3:22:a7:
23:17:3c:69:1c:5b:19:5e:c9:da:85:fe:68:94:96:
37:ea:97:55:85:79:a7:c0:dc:5f:e1:4e:6d:47:ed:
f0:5b:66:64:5d:87:d5:71:69:10:40:34:8c:18:62:
ac:94:f4:80:e7:03:46:9a:12:2b:72:53:06:0c:b3:
94:93:4d:24:71:84:50:58:36:b0:aa:be:c5:34:d0:
21:19:f8:89:7f:34:46:89:46:34:5a:99:10:5f:ef:
72:92:e0:1b:98:4d:f3:2a:e2:86:b6:93:bb:d2:b5:
8c:67:9a:8d:8f:ac:7c:bd:84:39:fd:e1:8c:50:01:
bb:0b:57:07:b1:d4:06:b2:f2:a8:44:25:70:6c:c0:
13:05:f2:ce:f6:ee:f4:cf:7e:2a:f7:0a:09:cb:c1:
23:bd:2c:90:e2:77:1f:60:84:64:e8:f1:f5:45:0e:
a8:23:bc:64:64:5e:fd:ba:de:42:1f:71:48:b4:7b:
f6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:21:09:12:35:81:CF:F9:96:F0:A6:A2:65:4F:ED:0E:91:EA:40:BB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yCEJEjWBz_mW8KaiZU_tDpHqQLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:dd:d2:fb:18:13:72:dc:7d:9b:ce:a7:20:f7:f2:eb:91:b7:
bc:3f:08:de:ec:60:0a:b4:6f:07:36:9a:c5:ab:13:bb:0a:88:
26:58:1f:86:99:b8:75:2e:22:20:3d:02:09:ac:93:d8:b6:01:
b2:6c:9c:11:0f:56:6b:df:42:7f:7e:c0:31:b1:2b:81:67:63:
d0:18:8a:3b:b4:59:0c:d6:91:3a:13:20:f5:99:d4:50:2e:3c:
05:92:fb:58:c3:6f:3b:11:a4:88:62:2f:df:bb:80:e3:3b:bc:
4a:7e:9c:d5:6b:43:1a:51:1e:3e:1b:d9:3d:83:a5:62:e1:7c:
ca:93:e4:ee:3a:d4:41:52:33:a2:3f:4e:79:22:70:e6:db:18:
20:50:b5:ef:b0:f9:98:bb:b0:5f:3a:ac:e7:96:fb:e5:fa:ca:
04:c6:2e:af:aa:52:b3:a1:ea:51:72:4b:f3:15:52:48:58:f0:
f8:6a:5c:92:55:5f:7c:7e:67:ff:18:a8:4c:7e:ea:78:b8:fc:
e2:cb:42:d8:57:1f:20:30:ea:b0:14:9d:e0:4d:02:43:f0:02:
83:85:c2:5f:88:0a:cb:74:b0:4d:57:d1:ef:0b:d6:55:78:df:
2a:0f:36:c9:5f:8e:8f:1b:19:5d:79:49:55:31:a3:a1:7b:4d:
8a:a9:15:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwyyZfxL1z/UDSWf5ZgJuytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MDMwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIxMDkxMjM1ODFjZmY5OTZmMGE2YTI2NTRmZWQwZTkxZWE0MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoouDE6scGDecjaM3PKP/UsnL27Zk
B8pSW00R76ZRnZTP7srhcZ2fum0VN4diK7Nq38zK7THhfwBgl6boVhk21pqLymcD
kEDDIqcjFzxpHFsZXsnahf5olJY36pdVhXmnwNxf4U5tR+3wW2ZkXYfVcWkQQDSM
GGKslPSA5wNGmhIrclMGDLOUk00kcYRQWDawqr7FNNAhGfiJfzRGiUY0WpkQX+9y
kuAbmE3zKuKGtpO70rWMZ5qNj6x8vYQ5/eGMUAG7C1cHsdQGsvKoRCVwbMATBfLO
9u70z34q9woJy8EjvSyQ4ncfYIRk6PH1RQ6oI7xkZF79ut5CH3FItHv2fQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMghCRI1gc/5lvCmomVP7Q6R6kC7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveUNFSkVqV0J6X21XOEthaVpVX3REcEhxUUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvd0vsYE3LcfZvOpyD3
8uuRt7w/CN7sYAq0bwc2msWrE7sKiCZYH4aZuHUuIiA9Agmsk9i2AbJsnBEPVmvf
Qn9+wDGxK4FnY9AYiju0WQzWkToTIPWZ1FAuPAWS+1jDbzsRpIhiL9+7gOM7vEp+
nNVrQxpRHj4b2T2DpWLhfMqT5O461EFSM6I/TnkicObbGCBQte+w+Zi7sF86rOeW
++X6ygTGLq+qUrOh6lFyS/MVUkhY8PhqXJJVX3x+Z/8YqEx+6ni4/OLLQthXHyAw
6rAUneBNAkPwAoOFwl+ICst0sE1X0e8L1lV43yoPNslfjo8bGV15SVUxo6F7TYqp
FUU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:46:47 2025 by rpki-client