Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DyVgajpUWBdl2Fc3LoVoaIm53ZI.roa
File: DyVgajpUWBdl2Fc3LoVoaIm53ZI.roa (raw, json)
Hash identifier: Pf3O/kB4u8kAU9RuxkiqbjI+oUw5Y1UZGggmfHssNBU=
Subject key identifier: 0F:25:60:6A:3A:54:58:17:65:D8:57:37:2E:85:68:68:89:B9:DD:92
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1008A4E4B85DC9E2101BC97AE746E093
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DyVgajpUWBdl2Fc3LoVoaIm53ZI.roa
Signing time: Sun 08 Oct 2023 16:04:43 +0000
ROA not before: Sun 08 Oct 2023 16:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:1008:491f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:10:08:a4:e4:b8:5d:c9:e2:10:1b:c9:7a:e7:46:e0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 16:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f25606a3a54581765d857372e85686889b9dd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2e:14:a5:b3:bf:eb:b1:c8:22:c3:45:1e:d5:
d4:1a:2c:d9:fd:a2:60:29:ba:99:b4:89:ca:47:19:
b4:aa:8a:f4:3e:26:8d:26:4f:51:94:75:8d:80:0b:
28:44:e0:55:c6:e8:40:cf:83:07:c1:71:58:18:1c:
33:d4:76:0c:2b:17:5f:39:82:5b:3a:22:bc:51:1f:
f8:29:db:5d:e8:d3:c0:1c:5e:8d:45:0a:82:c7:cb:
cf:62:3e:5e:d2:cf:10:c4:63:47:fa:01:24:7e:63:
9e:db:d8:61:1c:35:5b:ad:cc:b2:71:97:90:77:fa:
24:e3:88:c6:8f:54:2a:47:fa:8b:c1:03:5b:1f:26:
3c:fe:8c:7c:71:6b:83:aa:42:4c:96:0a:d8:bb:75:
d0:37:73:69:ba:5d:34:20:53:46:4b:6f:7a:1d:78:
17:09:d0:b7:97:43:3b:f8:b9:3e:d6:3f:f9:f9:46:
1c:b6:5a:1d:b5:6e:76:ae:86:6e:da:2c:23:64:73:
ed:88:5f:41:f8:97:f3:9b:17:4c:02:35:98:2c:63:
ea:b4:4d:7a:c9:e7:1b:a8:23:be:dc:ee:b0:ed:00:
22:59:33:56:e8:8c:55:bb:62:9d:ee:f2:3f:da:f5:
8c:c9:4a:5b:72:74:a3:8e:7f:f7:25:05:0b:9b:ce:
28:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:25:60:6A:3A:54:58:17:65:D8:57:37:2E:85:68:68:89:B9:DD:92
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DyVgajpUWBdl2Fc3LoVoaIm53ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:25:52:be:f7:e1:7a:c1:5d:64:5f:f8:e1:85:94:56:21:42:
a5:fe:60:ad:50:c4:af:2b:98:6e:2a:66:ee:8d:a1:32:17:2b:
d8:53:3c:ca:e6:01:00:2a:e5:09:77:08:e8:32:48:c9:85:6e:
f7:5a:74:34:90:df:e9:1c:66:83:8c:a8:d1:f3:b2:6e:1f:e9:
16:ac:d3:24:8e:d4:14:89:31:03:64:3b:07:90:f2:d8:30:ce:
f8:16:be:97:1e:6b:fa:ef:ae:f3:33:66:e9:ca:7a:78:b5:97:
4c:60:34:ff:24:c2:ec:d2:97:f4:41:17:62:c5:74:90:12:40:
49:19:e2:44:d9:0d:07:89:52:d2:2d:c1:71:2c:8f:8e:95:8d:
ed:b6:03:ee:8f:d7:87:a2:f7:1a:5d:4d:b6:c2:28:ad:f8:6a:
0f:e3:4c:39:f8:ff:12:16:76:d7:a8:68:3e:77:e2:a5:42:da:
68:c5:fb:37:e1:a9:ae:4b:24:e8:be:89:2d:76:66:e3:03:1a:
69:20:14:0e:4f:d2:c1:e8:d0:62:70:e7:21:e5:39:de:6d:a3:
99:07:e3:b1:d4:2b:e5:3d:15:e8:73:71:51:d8:f5:e6:89:fe:
0e:66:1a:9b:89:a3:17:05:63:3a:8e:92:be:ed:52:f8:72:90:
69:c8:54:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsQCKTkuF3J4hAbyXrnRuCTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MTYwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI1NjA2YTNhNTQ1ODE3NjVkODU3MzcyZTg1Njg2ODg5YjlkZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki4UpbO/67HIIsNFHtXUGizZ/aJg
KbqZtInKRxm0qor0PiaNJk9RlHWNgAsoROBVxuhAz4MHwXFYGBwz1HYMKxdfOYJb
OiK8UR/4Kdtd6NPAHF6NRQqCx8vPYj5e0s8QxGNH+gEkfmOe29hhHDVbrcyycZeQ
d/ok44jGj1QqR/qLwQNbHyY8/ox8cWuDqkJMlgrYu3XQN3Npul00IFNGS296HXgX
CdC3l0M7+Lk+1j/5+UYctlodtW52roZu2iwjZHPtiF9B+JfzmxdMAjWYLGPqtE16
yecbqCO+3O6w7QAiWTNW6IxVu2Kd7vI/2vWMyUpbcnSjjn/3JQULm84oxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA8lYGo6VFgXZdhXNy6FaGiJud2SMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRHlWZ2FqcFVXQmRsMkZjM0xvVm9hSW01M1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL4lUr734XrBXWRf+OGF
lFYhQqX+YK1QxK8rmG4qZu6NoTIXK9hTPMrmAQAq5Ql3COgySMmFbvdadDSQ3+kc
ZoOMqNHzsm4f6Ras0ySO1BSJMQNkOweQ8tgwzvgWvpcea/rvrvMzZunKeni1l0xg
NP8kwuzSl/RBF2LFdJASQEkZ4kTZDQeJUtItwXEsj46Vje22A+6P14ei9xpdTbbC
KK34ag/jTDn4/xIWdteoaD534qVC2mjF+zfhqa5LJOi+iS12ZuMDGmkgFA5P0sHo
0GJw5yHlOd5to5kH47HUK+U9FehzcVHY9eaJ/g5mGpuJoxcFYzqOkr7tUvhykGnI
VBQ=
-----END CERTIFICATE-----
Generated at Tue Jun 17 07:00:37 2025 by rpki-client