Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ry0I_oEy1gVcFJbbDTLm6I9xtQA.roa
File: Ry0I_oEy1gVcFJbbDTLm6I9xtQA.roa (raw, json)
Hash identifier: ccCgvBkVtcC7q06y6skcSa+1UyKQM3XfmRXL8ADi0FI=
Subject key identifier: 47:2D:08:FE:81:32:D6:05:5C:14:96:DB:0D:32:E6:E8:8F:71:B5:00
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B26FF6CD011726CAB30ECFAD31E410F76
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ry0I_oEy1gVcFJbbDTLm6I9xtQA.roa
Signing time: Fri 13 Oct 2023 03:05:55 +0000
ROA not before: Fri 13 Oct 2023 03:05:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:26fe:e171/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:26:ff:6c:d0:11:72:6c:ab:30:ec:fa:d3:1e:41:0f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 03:05:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=472d08fe8132d6055c1496db0d32e6e88f71b500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6c:c3:38:1b:dc:d6:2d:00:f7:a8:3b:cd:9b:
5e:37:df:83:4b:73:50:c0:59:5d:8d:ea:0c:ad:64:
bb:c0:b1:31:fe:0a:95:15:d9:8f:25:98:0b:f2:09:
1e:5a:2b:c6:44:19:09:ef:2a:ce:e2:d6:06:2e:5c:
9d:94:4f:e3:e4:47:3a:92:76:d7:9b:1b:e8:90:35:
3d:06:61:13:a3:ae:dd:46:18:4f:77:d8:10:49:b9:
c0:9e:36:3e:e4:7c:cf:2b:51:a6:7e:a6:6c:b7:73:
6d:67:fa:62:28:1e:90:ce:5d:98:95:f5:eb:12:0e:
3f:e5:30:da:25:c1:74:01:3a:be:85:c1:79:95:07:
d3:c1:dc:4b:7b:7a:67:c5:76:38:a7:eb:6b:7d:56:
85:73:4b:7b:db:80:f0:63:d8:4e:e2:35:d1:d6:dd:
11:40:4e:f5:37:7b:51:10:13:8d:56:42:e9:52:c5:
db:8e:63:ba:7d:4d:b0:bd:89:ea:cf:1e:0a:ad:e2:
14:46:08:2c:ea:59:cc:94:f9:bd:5d:9e:9e:1a:f3:
af:9d:2b:10:0e:20:5b:7b:94:ee:ea:ff:db:11:ab:
1d:10:f2:0e:6f:d7:70:f5:74:10:f8:ab:56:a7:16:
f4:34:06:60:83:de:dd:8d:9e:53:a3:4e:19:f7:67:
b8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2D:08:FE:81:32:D6:05:5C:14:96:DB:0D:32:E6:E8:8F:71:B5:00
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ry0I_oEy1gVcFJbbDTLm6I9xtQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:0c:9a:73:9b:2a:c6:be:e9:f2:a7:79:ea:52:a3:1e:57:3c:
e2:05:8c:5d:51:7b:a3:57:75:f7:b7:f2:3d:95:a1:0e:fc:a9:
7d:83:98:7f:08:e7:1b:83:4c:cf:71:20:c7:e5:8e:25:5e:11:
96:b0:15:3f:38:20:b5:d5:1c:cf:b0:e6:3f:a7:fb:e5:e2:4c:
b8:38:ff:7c:92:0c:e3:ed:88:34:41:6c:93:83:5b:d4:42:ac:
b0:40:46:cd:2c:68:31:3b:e2:57:fe:0c:82:34:1f:93:ed:6f:
78:bf:4f:c0:bf:6e:43:2f:0f:77:9c:fe:c5:31:aa:07:1c:f9:
8d:3e:70:23:b7:5e:05:74:6f:b4:34:06:93:b7:59:33:96:ed:
e9:24:48:c8:25:0e:2e:b3:8f:96:8e:84:06:0e:cd:b4:56:9e:
cb:70:19:8a:7b:ed:55:cf:92:7c:18:3c:75:f8:c6:5a:52:ae:
9a:a7:d4:83:8d:6f:75:45:59:56:cf:50:97:90:70:24:c1:bc:
a4:05:9f:d8:6e:ca:6f:62:77:ab:6e:73:50:4b:5a:2f:3d:00:
ed:e3:aa:06:bd:e2:22:56:d2:a4:86:61:dd:66:3f:7b:03:35:
44:1e:74:64:a4:27:07:04:4f:3d:74:dd:04:b1:4f:a8:3d:00:
21:ec:9b:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsm/2zQEXJsqzDs+tMeQQ92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMDMwNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJkMDhmZTgxMzJkNjA1NWMxNDk2ZGIwZDMyZTZlODhmNzFiNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WzDOBvc1i0A96g7zZteN9+DS3NQ
wFldjeoMrWS7wLEx/gqVFdmPJZgL8gkeWivGRBkJ7yrO4tYGLlydlE/j5Ec6knbX
mxvokDU9BmETo67dRhhPd9gQSbnAnjY+5HzPK1GmfqZst3NtZ/piKB6Qzl2YlfXr
Eg4/5TDaJcF0ATq+hcF5lQfTwdxLe3pnxXY4p+trfVaFc0t724DwY9hO4jXR1t0R
QE71N3tREBONVkLpUsXbjmO6fU2wvYnqzx4KreIURggs6lnMlPm9XZ6eGvOvnSsQ
DiBbe5Tu6v/bEasdEPIOb9dw9XQQ+KtWpxb0NAZgg97djZ5To04Z92e4/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEctCP6BMtYFXBSW2w0y5uiPcbUAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUnkwSV9vRXkxZ1ZjRkpiYkRUTG02STl4dFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC0MmnObKsa+6fKneepS
ox5XPOIFjF1Re6NXdfe38j2VoQ78qX2DmH8I5xuDTM9xIMfljiVeEZawFT84ILXV
HM+w5j+n++XiTLg4/3ySDOPtiDRBbJODW9RCrLBARs0saDE74lf+DII0H5Ptb3i/
T8C/bkMvD3ec/sUxqgcc+Y0+cCO3XgV0b7Q0BpO3WTOW7ekkSMglDi6zj5aOhAYO
zbRWnstwGYp77VXPknwYPHX4xlpSrpqn1IONb3VFWVbPUJeQcCTBvKQFn9huym9i
d6tuc1BLWi89AO3jqga94iJW0qSGYd1mP3sDNUQedGSkJwcETz103QSxT6g9ACHs
mzE=
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:43:49 2025 by rpki-client