Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ymBm999dBvYWWY4ibdHoRg2wVvg.roa
File: ymBm999dBvYWWY4ibdHoRg2wVvg.roa (raw, json)
Hash identifier: zdMADs9/K/hwk9PmR3BMys29otVC2eyWLieU1GteqRY=
Subject key identifier: CA:60:66:F7:DF:5D:06:F6:16:59:8E:22:6D:D1:E8:46:0D:B0:56:F8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5ECDAB15A23328D8053EDB24553668EA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ymBm999dBvYWWY4ibdHoRg2wVvg.roa
Signing time: Tue 12 Dec 2023 16:13:06 +0000
ROA not before: Tue 12 Dec 2023 16:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:cd:ab:15:a2:33:28:d8:05:3e:db:24:55:36:68:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 16:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca6066f7df5d06f616598e226dd1e8460db056f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:63:13:36:02:78:85:ca:49:fc:09:96:90:18:
2a:04:a9:c6:27:fa:67:8f:37:5c:dd:5f:d4:c8:96:
90:47:db:f1:b4:4b:46:81:3b:c7:f6:7c:84:7a:83:
b7:f3:82:9d:3d:28:c5:e7:f9:5a:24:6c:61:e5:1f:
c5:8d:6c:34:7c:44:d8:37:12:82:54:ba:8d:d3:27:
c5:6d:29:a2:92:58:da:ab:69:29:3d:47:27:e5:33:
15:b0:4f:a1:49:e9:0e:af:78:cd:6f:87:dc:09:57:
35:9a:e8:39:e6:85:f3:ec:ce:8b:db:92:f5:ba:40:
7b:90:49:8d:36:56:b6:5e:29:b4:f6:ad:50:2b:67:
97:83:99:fa:7a:f6:69:a9:09:0a:2b:6b:9a:95:67:
6f:e7:45:ec:9c:52:cb:e3:b9:3e:d5:25:f3:90:79:
dd:28:d4:11:54:d2:8b:54:4c:41:a7:98:a0:bd:f8:
9a:0d:f7:f6:42:87:06:16:f8:3a:97:fc:9f:6c:5a:
cc:8e:39:62:d5:22:bf:88:a3:f4:b7:53:c1:d3:3c:
ce:a0:61:44:3e:54:a9:2f:5f:9f:c0:37:42:9c:d3:
f7:fc:0a:bf:8b:40:b6:ac:b0:74:ce:da:6b:61:5b:
2b:40:95:d5:b3:d0:27:03:8d:ac:c1:e1:71:59:e2:
16:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:60:66:F7:DF:5D:06:F6:16:59:8E:22:6D:D1:E8:46:0D:B0:56:F8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ymBm999dBvYWWY4ibdHoRg2wVvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:d8:ed:3f:96:76:41:ef:1a:08:ed:45:38:87:90:0c:99:b1:
21:36:0c:34:66:d6:d0:45:0f:cb:62:bc:a9:3f:65:2c:ee:ec:
28:1a:9c:39:68:4a:3a:69:92:4a:19:14:74:d0:b0:df:2f:64:
33:38:d1:0d:97:af:42:93:ab:3f:0b:ad:4c:cf:01:3c:a8:65:
73:e3:30:8c:d8:8c:3d:3c:ee:df:18:25:76:6f:ad:ef:59:50:
31:35:52:0f:f7:20:a2:3b:ad:f7:6b:cd:0b:d4:b0:73:6d:26:
fb:c6:6e:54:64:b2:a3:0b:70:7f:22:40:d3:2b:6f:c0:4a:50:
dd:ec:73:61:39:1f:88:23:c2:43:90:3d:f1:50:4f:53:d4:11:
d2:43:51:09:9b:1f:ab:5a:a1:f5:91:59:03:3b:6a:a4:34:e0:
41:20:d4:f5:8f:7c:ea:68:f0:27:a5:a1:93:cd:fc:76:70:8b:
62:82:62:9f:03:57:e9:b3:08:3e:86:e1:b9:cf:90:2d:06:39:
80:16:ed:9d:cf:71:6a:aa:2f:68:cd:13:84:79:56:b1:44:64:
86:eb:6f:28:dd:a1:fa:22:f0:8e:93:15:35:c5:a3:b4:09:3b:
0f:7c:00:60:f3:25:98:91:de:52:a7:34:46:42:cf:5f:1f:43:
f8:27:db:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxezasVojMo2AU+2yRVNmjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMTYxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYwNjZmN2RmNWQwNmY2MTY1OThlMjI2ZGQxZTg0NjBkYjA1NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2MTNgJ4hcpJ/AmWkBgqBKnGJ/pn
jzdc3V/UyJaQR9vxtEtGgTvH9nyEeoO384KdPSjF5/laJGxh5R/FjWw0fETYNxKC
VLqN0yfFbSmikljaq2kpPUcn5TMVsE+hSekOr3jNb4fcCVc1mug55oXz7M6L25L1
ukB7kEmNNla2Xim09q1QK2eXg5n6evZpqQkKK2ualWdv50XsnFLL47k+1SXzkHnd
KNQRVNKLVExBp5igvfiaDff2QocGFvg6l/yfbFrMjjli1SK/iKP0t1PB0zzOoGFE
PlSpL1+fwDdCnNP3/Aq/i0C2rLB0ztprYVsrQJXVs9AnA42sweFxWeIWhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMpgZvffXQb2FlmOIm3R6EYNsFb4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveW1CbTk5OWRCdllXV1k0aWJkSG9SZzJ3VnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABzY7T+WdkHvGgjtRTiH
kAyZsSE2DDRm1tBFD8tivKk/ZSzu7CganDloSjppkkoZFHTQsN8vZDM40Q2Xr0KT
qz8LrUzPATyoZXPjMIzYjD087t8YJXZvre9ZUDE1Ug/3IKI7rfdrzQvUsHNtJvvG
blRksqMLcH8iQNMrb8BKUN3sc2E5H4gjwkOQPfFQT1PUEdJDUQmbH6taofWRWQM7
aqQ04EEg1PWPfOpo8CeloZPN/HZwi2KCYp8DV+mzCD6G4bnPkC0GOYAW7Z3PcWqq
L2jNE4R5VrFEZIbrbyjdofoi8I6TFTXFo7QJOw98AGDzJZiR3lKnNEZCz18fQ/gn
2ys=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:04:07 2025 by rpki-client