Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yTH_Z0pW0aC9JLT_2I5yJ0l9dpg.roa
File: yTH_Z0pW0aC9JLT_2I5yJ0l9dpg.roa (raw, json)
Hash identifier: LrYCkScqrIRfUttCTrEvW/p3uMrf2T0xgZwJMc8aMfA=
Subject key identifier: C9:31:FF:67:4A:56:D1:A0:BD:24:B4:FF:D8:8E:72:27:49:7D:76:98
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3638178532981BEBE8776879C0FBC33E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yTH_Z0pW0aC9JLT_2I5yJ0l9dpg.roa
Signing time: Mon 04 Dec 2023 19:04:54 +0000
ROA not before: Mon 04 Dec 2023 19:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:3637:a079/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:36:38:17:85:32:98:1b:eb:e8:77:68:79:c0:fb:c3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 19:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c931ff674a56d1a0bd24b4ffd88e7227497d7698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e4:ab:2f:0f:60:87:11:b8:d3:ce:a3:d2:53:
f0:9e:d0:e3:8a:d4:e3:e3:b7:0a:b6:87:ca:ba:e7:
40:6e:6d:7d:cf:46:54:1a:c4:0f:b7:cb:6d:79:db:
66:8e:78:90:bb:a5:3e:8e:1c:08:84:55:f5:35:44:
28:cb:bf:3a:a5:21:15:7c:42:05:7e:3e:e7:d4:1d:
96:fe:1c:64:69:3c:c9:70:c0:67:be:60:16:23:91:
c5:8d:d5:f4:90:42:31:ac:18:f1:09:00:d3:ff:fa:
a8:8b:bc:de:e5:9d:e3:76:d4:91:5b:e1:05:c9:7d:
40:e6:94:1a:cb:c6:37:ea:c1:2d:b9:c4:c1:10:69:
ee:23:ec:2c:f3:09:f4:e5:4c:85:8f:12:b9:f9:07:
11:49:b9:9c:54:ea:b5:a4:fc:21:03:07:43:b6:6b:
1e:4c:fe:e3:4f:e9:aa:59:1e:6a:dc:9c:0e:e8:61:
9f:2c:2b:1c:10:5c:37:d0:d3:2b:04:be:6e:ff:e8:
3a:88:88:ab:a8:ea:af:ac:fc:fc:2d:0d:5f:4b:37:
f3:79:f4:0a:8a:3f:df:73:0c:5b:06:cc:e7:01:ef:
16:54:07:bc:d2:0e:7e:8d:20:44:63:00:6c:03:7c:
12:59:af:e2:51:91:ef:20:e2:b1:47:a0:64:34:2b:
c2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:31:FF:67:4A:56:D1:A0:BD:24:B4:FF:D8:8E:72:27:49:7D:76:98
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yTH_Z0pW0aC9JLT_2I5yJ0l9dpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:9d:aa:a6:29:e3:11:b8:df:9b:5c:a1:dd:7f:e4:db:6d:11:
2b:08:a0:b3:75:72:79:8c:df:3f:ef:eb:1a:02:50:86:f2:d3:
d4:dc:2e:a2:7e:4b:2f:a7:6e:38:c5:b1:27:9a:46:da:75:f5:
05:f0:d6:4c:b6:18:ba:ff:c4:31:fd:5b:d0:f3:22:02:e1:8b:
7b:83:c7:86:60:b1:63:80:04:99:54:23:a5:c9:de:41:6a:f8:
a8:12:70:af:97:d2:08:49:ca:b4:82:bc:42:a7:bd:f7:5a:2b:
93:1a:41:8b:be:65:7a:6a:d1:6f:c9:b0:94:06:9c:04:7f:a4:
8b:c0:41:65:1e:9b:c1:ff:33:d6:57:cb:f7:8b:77:ad:db:1f:
32:dc:88:38:da:ad:5c:1f:c3:c3:c5:54:66:85:01:18:1b:87:
17:3f:fb:08:4a:98:ca:9a:d4:1f:b1:00:7a:9f:ad:86:57:c1:
ca:cf:c0:03:98:ef:cb:91:7e:6e:83:54:6a:20:90:3c:b7:e8:
9e:84:02:fc:9f:71:5f:d9:b9:d8:e7:d3:1d:34:cf:22:6d:3e:
cd:4c:f4:eb:01:d1:81:ec:2e:d1:53:91:fd:d1:c0:25:10:be:
b0:39:59:c1:bf:dc:56:33:9e:9b:7c:e0:5b:26:e7:66:80:d1:
a6:77:91:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw2OBeFMpgb6+h3aHnA+8M+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MTkwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTMxZmY2NzRhNTZkMWEwYmQyNGI0ZmZkODhlNzIyNzQ5N2Q3Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+SrLw9ghxG4086j0lPwntDjitTj
47cKtofKuudAbm19z0ZUGsQPt8ttedtmjniQu6U+jhwIhFX1NUQoy786pSEVfEIF
fj7n1B2W/hxkaTzJcMBnvmAWI5HFjdX0kEIxrBjxCQDT//qoi7ze5Z3jdtSRW+EF
yX1A5pQay8Y36sEtucTBEGnuI+ws8wn05UyFjxK5+QcRSbmcVOq1pPwhAwdDtmse
TP7jT+mqWR5q3JwO6GGfLCscEFw30NMrBL5u/+g6iIirqOqvrPz8LQ1fSzfzefQK
ij/fcwxbBsznAe8WVAe80g5+jSBEYwBsA3wSWa/iUZHvIOKxR6BkNCvC+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMkx/2dKVtGgvSS0/9iOcidJfXaYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveVRIX1owcFcwYUM5SkxUXzJJNXlKMGw5ZHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADadqqYp4xG435tcod1/
5NttESsIoLN1cnmM3z/v6xoCUIby09TcLqJ+Sy+nbjjFsSeaRtp19QXw1ky2GLr/
xDH9W9DzIgLhi3uDx4ZgsWOABJlUI6XJ3kFq+KgScK+X0ghJyrSCvEKnvfdaK5Ma
QYu+ZXpq0W/JsJQGnAR/pIvAQWUem8H/M9ZXy/eLd63bHzLciDjarVwfw8PFVGaF
ARgbhxc/+whKmMqa1B+xAHqfrYZXwcrPwAOY78uRfm6DVGogkDy36J6EAvyfcV/Z
udjn0x00zyJtPs1M9OsB0YHsLtFTkf3RwCUQvrA5WcG/3FYznpt84Fsm52aA0aZ3
kYM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:02:36 2025 by rpki-client