Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ymjvZrg8xeNpun5626OitiOW5RU.roa
File: ymjvZrg8xeNpun5626OitiOW5RU.roa (raw, json)
Hash identifier: 2Qn4nMq6HwmCUL1awDnaV10Oaqzgx/CmUA6VgWvCyVU=
Subject key identifier: CA:68:EF:66:B8:3C:C5:E3:69:BA:7E:7A:DB:A3:A2:B6:23:96:E5:15
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC9AB2032BB6A1726D4928A9832089E2C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ymjvZrg8xeNpun5626OitiOW5RU.roa
Signing time: Mon 13 Nov 2023 17:11:57 +0000
ROA not before: Mon 13 Nov 2023 17:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:ab:20:32:bb:6a:17:26:d4:92:8a:98:32:08:9e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 17:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca68ef66b83cc5e369ba7e7adba3a2b62396e515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:2e:1b:e3:4c:60:57:30:2f:74:88:5b:9a:
7d:26:14:ac:50:62:d3:9f:af:70:ec:d4:55:a7:3c:
3a:4b:87:91:c1:45:79:30:d7:2f:67:6f:f6:bd:a5:
a3:e2:88:7d:bc:d5:77:24:da:fa:2a:ee:29:01:24:
16:1c:cb:e7:77:77:08:7e:84:05:2e:cc:ef:48:52:
da:92:77:fb:d2:cf:9d:cc:95:ea:3e:17:f9:9b:b4:
69:76:ac:1c:18:f6:43:01:d5:db:bd:dd:b5:74:4b:
dc:b0:7f:bd:90:04:29:b4:d2:35:30:19:cd:53:9d:
42:90:09:c2:10:32:5e:4d:13:b9:cd:2b:51:4b:f9:
88:40:a8:8f:cc:ca:e0:1d:b8:7a:5b:2c:68:83:ad:
d1:dd:da:ba:4c:15:22:a7:4b:46:6d:95:22:38:57:
e0:8f:f7:da:98:34:40:76:e9:69:26:fe:b9:8f:f5:
62:cd:82:6f:54:0b:cc:92:2a:12:5d:90:1c:dd:4f:
f8:1b:72:6b:50:5e:e4:74:94:a9:55:fa:e0:55:58:
74:6b:58:10:4b:b1:a0:27:e2:5e:c0:14:d9:31:88:
9e:ac:d1:e4:06:9b:e1:1a:72:16:37:19:65:2e:af:
db:55:71:17:f5:c5:95:a1:f3:21:c2:5a:ef:04:d0:
dc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:68:EF:66:B8:3C:C5:E3:69:BA:7E:7A:DB:A3:A2:B6:23:96:E5:15
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ymjvZrg8xeNpun5626OitiOW5RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:30:90:25:65:18:b5:11:8b:68:75:1d:a7:b2:c1:89:93:8f:
78:4b:ad:7e:c3:ec:5b:c3:12:68:14:6b:94:ce:46:bd:75:5a:
3a:b5:d3:5d:33:c7:49:43:1c:c6:9b:3c:05:0c:cc:6e:b4:de:
42:43:0e:6c:35:73:ee:ff:a7:06:8a:1b:0d:29:50:59:e5:bf:
62:4b:16:af:e0:bd:58:0a:5b:0c:b4:11:96:1d:85:36:97:5b:
8e:e5:c1:dc:6d:9e:d4:17:26:11:37:68:64:2f:25:7b:22:8c:
a5:c1:03:da:9d:8c:d6:f9:b8:dc:d5:0c:75:25:4a:2b:c4:02:
93:cb:ca:d6:5d:8a:af:83:bf:b5:9f:06:cf:03:28:c6:c9:fa:
58:b7:91:63:6f:6b:e4:b9:8d:08:e7:9a:70:69:1e:89:49:de:
e4:d6:6d:f1:71:2d:02:ed:dc:23:51:e9:5a:ba:05:a2:8f:f8:
a0:e3:37:88:3b:ca:7c:78:be:a8:e4:68:ae:63:10:a9:92:f5:
f7:c0:97:3d:20:92:96:a8:15:21:5d:2f:d8:39:63:33:f3:1c:
e2:8d:e1:4b:b4:28:ae:24:e4:02:0c:94:4e:2b:cf:dc:85:ef:
7b:93:de:16:79:4e:42:21:cd:23:8b:eb:75:bf:6e:6e:06:18:
d2:1e:a6:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvJqyAyu2oXJtSSipgyCJ4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMTcxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY4ZWY2NmI4M2NjNWUzNjliYTdlN2FkYmEzYTJiNjIzOTZlNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkUuG+NMYFcwL3SIW5p9JhSsUGLT
n69w7NRVpzw6S4eRwUV5MNcvZ2/2vaWj4oh9vNV3JNr6Ku4pASQWHMvnd3cIfoQF
LszvSFLaknf70s+dzJXqPhf5m7RpdqwcGPZDAdXbvd21dEvcsH+9kAQptNI1MBnN
U51CkAnCEDJeTRO5zStRS/mIQKiPzMrgHbh6Wyxog63R3dq6TBUip0tGbZUiOFfg
j/famDRAdulpJv65j/VizYJvVAvMkioSXZAc3U/4G3JrUF7kdJSpVfrgVVh0a1gQ
S7GgJ+JewBTZMYierNHkBpvhGnIWNxllLq/bVXEX9cWVofMhwlrvBNDcTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMpo72a4PMXjabp+etujorYjluUVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveW1qdlpyZzh4ZU5wdW41NjI2T2l0aU9XNVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABMwkCVlGLURi2h1Haey
wYmTj3hLrX7D7FvDEmgUa5TORr11Wjq1010zx0lDHMabPAUMzG603kJDDmw1c+7/
pwaKGw0pUFnlv2JLFq/gvVgKWwy0EZYdhTaXW47lwdxtntQXJhE3aGQvJXsijKXB
A9qdjNb5uNzVDHUlSivEApPLytZdiq+Dv7WfBs8DKMbJ+li3kWNva+S5jQjnmnBp
HolJ3uTWbfFxLQLt3CNR6Vq6BaKP+KDjN4g7ynx4vqjkaK5jEKmS9ffAlz0gkpao
FSFdL9g5YzPzHOKN4Uu0KK4k5AIMlE4rz9yF73uT3hZ5TkIhzSOL63W/bm4GGNIe
pok=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:26:45 2025 by rpki-client