Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yci6DN3ZaaIWTgkZBx8g5dtc9zU.roa
File: yci6DN3ZaaIWTgkZBx8g5dtc9zU.roa (raw, json)
Hash identifier: xXu6tL64SruaQNrykZRGz+exZWtrF4Wy1Jrq78VYmUs=
Subject key identifier: C9:C8:BA:0C:DD:D9:69:A2:16:4E:09:19:07:1F:20:E5:DB:5C:F7:35
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7066FAC2A67EF21D1C933952824E22EE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yci6DN3ZaaIWTgkZBx8g5dtc9zU.roa
Signing time: Sat 16 Dec 2023 02:14:06 +0000
ROA not before: Sat 16 Dec 2023 02:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:70:66:fa:c2:a6:7e:f2:1d:1c:93:39:52:82:4e:22:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 02:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9c8ba0cddd969a2164e0919071f20e5db5cf735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:14:46:0b:9c:f7:c6:ae:bf:fd:25:31:fd:b3:
b4:1c:97:b3:b4:aa:6d:34:b5:e2:e7:fb:6d:0e:7f:
06:3f:da:5f:18:ca:01:33:e6:5b:80:6f:27:dc:1e:
05:0a:6c:5e:8c:94:69:98:c3:15:c4:0b:0b:61:88:
24:50:68:59:c5:3a:a0:20:68:7c:aa:72:69:d0:7e:
6e:b3:3b:f5:60:29:0d:f8:56:93:c9:cd:c7:c9:32:
56:60:93:03:bd:f0:89:ec:3a:01:ca:e8:26:21:4d:
f1:c7:7b:b8:bf:12:53:0f:70:ff:9f:9a:63:77:40:
ce:ae:85:32:b8:85:53:b0:01:db:bc:95:d8:3b:02:
29:12:b8:78:4a:b2:c7:f3:2e:f2:31:be:bf:bc:6b:
a2:f0:b3:40:02:5e:97:e5:c9:42:d5:5d:b8:c8:5f:
95:83:41:63:01:6c:f7:ed:59:c4:e3:4a:97:6d:28:
36:02:07:60:0b:1e:f4:31:cb:81:3c:6e:d9:e9:4d:
85:19:b6:5a:db:2e:4f:4e:c0:f4:e8:23:ae:6d:e6:
a7:1d:1e:06:b4:52:b8:1f:d5:42:01:28:6a:f8:91:
f6:25:50:a5:e2:92:12:7f:b1:1e:cc:c2:d2:79:03:
6e:e9:30:a9:cb:4b:3e:95:a3:3a:77:7e:80:06:c2:
6a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C8:BA:0C:DD:D9:69:A2:16:4E:09:19:07:1F:20:E5:DB:5C:F7:35
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yci6DN3ZaaIWTgkZBx8g5dtc9zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:a4:ba:6f:8b:43:7e:8b:c1:55:a9:20:be:33:d5:b7:ad:b6:
7e:f8:03:ae:f5:46:0f:e6:c4:d6:03:ed:2e:34:35:a8:9d:d7:
d2:c1:be:1c:79:1b:c1:b3:5f:b0:51:7a:7f:31:60:53:7e:31:
9b:66:98:07:d8:42:3e:8e:2d:c0:e1:d7:85:f8:60:3b:b7:1f:
72:f3:7c:7f:a7:79:34:b6:4a:0a:ad:ba:b3:07:dd:4e:65:34:
9b:e3:d3:30:c3:d6:4d:6f:bb:1c:39:0c:de:40:67:e9:44:15:
27:f3:5d:64:7d:6c:d3:3a:05:79:8d:df:04:1c:bb:d4:e4:2c:
7e:cb:f2:d1:6d:a6:74:5e:9f:8e:1d:7a:30:15:79:e0:72:fe:
bd:1f:52:33:85:be:04:d0:d1:d8:65:26:73:64:b2:42:ba:d2:
c7:1e:e6:d6:67:2a:0d:43:48:cf:8f:ac:97:0c:79:ec:b1:6f:
5d:eb:96:62:0f:2a:5a:d0:d2:7e:05:17:4b:e7:98:bb:2e:e3:
da:b3:7f:8b:55:9a:76:3f:d5:91:5d:38:24:1d:0c:ee:90:d8:
21:41:69:ae:8f:1b:22:62:cd:96:05:5f:85:06:91:05:44:8c:
59:13:8a:5d:9f:9e:4d:dc:d9:4f:7e:11:a4:17:80:a0:e1:a5:
73:a8:fe:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxwZvrCpn7yHRyTOVKCTiLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MDIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWM4YmEwY2RkZDk2OWEyMTY0ZTA5MTkwNzFmMjBlNWRiNWNmNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBRGC5z3xq6//SUx/bO0HJeztKpt
NLXi5/ttDn8GP9pfGMoBM+ZbgG8n3B4FCmxejJRpmMMVxAsLYYgkUGhZxTqgIGh8
qnJp0H5uszv1YCkN+FaTyc3HyTJWYJMDvfCJ7DoByugmIU3xx3u4vxJTD3D/n5pj
d0DOroUyuIVTsAHbvJXYOwIpErh4SrLH8y7yMb6/vGui8LNAAl6X5clC1V24yF+V
g0FjAWz37VnE40qXbSg2AgdgCx70McuBPG7Z6U2FGbZa2y5PTsD06COubeanHR4G
tFK4H9VCAShq+JH2JVCl4pISf7EezMLSeQNu6TCpy0s+laM6d36ABsJq0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMnIugzd2WmiFk4JGQcfIOXbXPc1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveWNpNkROM1phYUlXVGdrWkJ4OGc1ZHRjOXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIGkum+LQ36LwVWpIL4z
1bettn74A671Rg/mxNYD7S40Naid19LBvhx5G8GzX7BRen8xYFN+MZtmmAfYQj6O
LcDh14X4YDu3H3LzfH+neTS2SgqturMH3U5lNJvj0zDD1k1vuxw5DN5AZ+lEFSfz
XWR9bNM6BXmN3wQcu9TkLH7L8tFtpnRen44dejAVeeBy/r0fUjOFvgTQ0dhlJnNk
skK60sce5tZnKg1DSM+PrJcMeeyxb13rlmIPKlrQ0n4FF0vnmLsu49qzf4tVmnY/
1ZFdOCQdDO6Q2CFBaa6PGyJizZYFX4UGkQVEjFkTil2fnk3c2U9+EaQXgKDhpXOo
/vk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:51:13 2025 by rpki-client