Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yCtJJ6B9slJPLl_cntof-DPCA4U.roa
File: yCtJJ6B9slJPLl_cntof-DPCA4U.roa (raw, json)
Hash identifier: j5Pii+GfBYzdAr9pJ2GzdZVTWN7sseZk6I0nWfbyI88=
Subject key identifier: C8:2B:49:27:A0:7D:B2:52:4F:2E:5F:DC:9E:DA:1F:F8:33:C2:03:85
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB7A22052B49FF1A86639FB55F83A9D9D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yCtJJ6B9slJPLl_cntof-DPCA4U.roa
Signing time: Fri 10 Nov 2023 05:08:57 +0000
ROA not before: Fri 10 Nov 2023 05:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b7:a2:20:52:b4:9f:f1:a8:66:39:fb:55:f8:3a:9d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 05:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82b4927a07db2524f2e5fdc9eda1ff833c20385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:39:72:3e:5b:f5:6a:06:17:7f:e2:f4:af:e0:
23:00:aa:7b:2a:ab:9f:37:47:a7:15:4c:c7:52:60:
5b:2b:b4:ae:65:15:50:8c:f1:12:83:4e:49:eb:96:
1e:6a:0e:a1:86:36:a1:e4:72:3d:e1:17:55:7e:e5:
f3:fc:c4:7b:9f:9d:06:e4:b5:e4:2c:8f:b1:69:23:
f2:9c:b7:5c:66:06:90:20:b2:53:b5:3f:7f:89:f5:
93:57:65:55:49:ad:d5:11:17:2c:a1:d9:9d:08:ad:
70:ef:b7:f2:6d:72:2e:d2:6e:8e:e6:72:c1:ac:ff:
5c:93:2a:7a:b9:4c:36:24:a0:f7:30:8d:13:5f:36:
e9:5b:a9:c1:86:20:db:75:ab:75:35:73:9a:8f:fe:
fa:3b:97:8e:70:5b:f7:16:f7:d0:24:00:b8:c5:2a:
ad:18:b0:57:9b:82:64:3b:49:ad:1e:44:06:a1:93:
2a:ea:3d:91:e7:cf:81:7e:64:d0:21:b0:d1:91:9d:
a4:4e:cd:e9:29:40:26:47:1a:38:11:1b:36:9c:64:
2d:fc:38:35:5b:af:65:e4:f6:32:8e:0c:34:29:3b:
6a:3b:5c:cb:b9:39:2f:b2:d1:a6:ca:0c:1d:da:10:
65:4a:0e:e5:3e:6a:01:0d:07:a6:da:d5:f1:33:c3:
04:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2B:49:27:A0:7D:B2:52:4F:2E:5F:DC:9E:DA:1F:F8:33:C2:03:85
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yCtJJ6B9slJPLl_cntof-DPCA4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:b5:cc:7c:9e:e8:28:95:7c:10:8a:6d:11:f1:2c:59:dd:b9:
db:5c:7a:f8:18:30:e8:dd:bc:0d:49:0a:24:4e:bd:d2:94:0f:
86:8d:b2:bf:ec:40:de:c1:43:7c:f7:ef:45:a1:43:26:5d:0b:
b4:94:3e:84:bc:77:02:54:60:ba:6a:48:39:50:0a:62:8f:c1:
73:50:1e:9f:c1:8d:8f:02:a9:66:97:b4:57:44:31:a2:44:6f:
51:1b:56:9d:a6:c6:77:f1:99:f7:ba:7a:41:86:cb:1f:c7:36:
a6:3c:17:4b:51:b7:af:e3:d5:90:3c:a1:0d:80:2c:6e:d1:29:
0d:a8:a9:8c:e8:af:9b:69:c0:aa:64:95:bf:49:f8:d3:cd:41:
a3:e9:67:96:09:7d:1f:5c:60:29:41:f0:fd:31:e8:21:ad:08:
a5:f1:19:78:37:96:b4:52:fa:2d:42:6c:e5:ba:bd:22:86:8c:
7d:bf:1b:43:a8:af:f0:1e:93:be:d8:e6:99:59:09:f5:13:a5:
05:12:ef:85:48:e9:b2:96:50:3c:4a:16:1f:81:c7:1e:5e:e4:
61:bb:a7:1e:4d:e8:f9:2b:c9:8e:db:2b:0c:bb:d9:c0:bb:17:
81:5b:ac:10:2c:81:e3:2e:43:0b:93:c0:f4:1e:77:6b:a1:2d:
56:fd:80:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu3oiBStJ/xqGY5+1X4Op2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMDUwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODJiNDkyN2EwN2RiMjUyNGYyZTVmZGM5ZWRhMWZmODMzYzIwMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDlyPlv1agYXf+L0r+AjAKp7Kquf
N0enFUzHUmBbK7SuZRVQjPESg05J65Yeag6hhjah5HI94RdVfuXz/MR7n50G5LXk
LI+xaSPynLdcZgaQILJTtT9/ifWTV2VVSa3VERcsodmdCK1w77fybXIu0m6O5nLB
rP9ckyp6uUw2JKD3MI0TXzbpW6nBhiDbdat1NXOaj/76O5eOcFv3FvfQJAC4xSqt
GLBXm4JkO0mtHkQGoZMq6j2R58+BfmTQIbDRkZ2kTs3pKUAmRxo4ERs2nGQt/Dg1
W69l5PYyjgw0KTtqO1zLuTkvstGmygwd2hBlSg7lPmoBDQem2tXxM8MEqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMgrSSegfbJSTy5f3J7aH/gzwgOFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveUN0Sko2QjlzbEpQTGxfY250b2YtRFBDQTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJC1zHye6CiVfBCKbRHx
LFndudtcevgYMOjdvA1JCiROvdKUD4aNsr/sQN7BQ3z370WhQyZdC7SUPoS8dwJU
YLpqSDlQCmKPwXNQHp/BjY8CqWaXtFdEMaJEb1EbVp2mxnfxmfe6ekGGyx/HNqY8
F0tRt6/j1ZA8oQ2ALG7RKQ2oqYzor5tpwKpklb9J+NPNQaPpZ5YJfR9cYClB8P0x
6CGtCKXxGXg3lrRS+i1CbOW6vSKGjH2/G0Oor/Aek77Y5plZCfUTpQUS74VI6bKW
UDxKFh+Bxx5e5GG7px5N6PkryY7bKwy72cC7F4FbrBAsgeMuQwuTwPQed2uhLVb9
gN8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:09:23 2025 by rpki-client