Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S2YqkR3ZFPgHjVvWXUUVHqGdclY.roa
File: S2YqkR3ZFPgHjVvWXUUVHqGdclY.roa (raw, json)
Hash identifier: gE870cHDl0kaybNH6eLtYSfxrnoSmMQikIbTDtI/wpg=
Subject key identifier: 4B:66:2A:91:1D:D9:14:F8:07:8D:5B:D6:5D:45:15:1E:A1:9D:72:56
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6D975456D3EF652FBC0CB071700EE972
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S2YqkR3ZFPgHjVvWXUUVHqGdclY.roa
Signing time: Thu 26 Oct 2023 20:05:15 +0000
ROA not before: Thu 26 Oct 2023 20:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:6d96:7c7e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6d:97:54:56:d3:ef:65:2f:bc:0c:b0:71:70:0e:e9:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 26 20:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b662a911dd914f8078d5bd65d45151ea19d7256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7d:f0:9f:f9:47:35:8f:9f:2c:67:a0:8a:ec:
ad:bf:12:f6:a6:c5:f8:d2:6f:73:58:1f:91:86:91:
6e:0a:57:dc:49:56:c1:cb:d2:bf:5f:de:91:f7:86:
09:55:7c:e9:9f:03:25:9f:44:e2:74:2b:8c:fe:c9:
b5:c5:1f:b1:d4:63:25:65:3a:f8:6f:c4:46:bb:fb:
b0:b5:6c:1c:61:cc:01:87:99:86:9e:11:79:05:b6:
77:62:7a:74:e4:d6:69:02:3b:52:14:98:9b:6a:0b:
a9:d6:65:f5:7f:ff:43:53:ba:41:97:12:22:78:93:
bf:de:a1:f5:6e:7b:33:8d:6b:cd:7f:fa:84:46:c4:
f1:eb:ec:53:22:20:53:eb:ce:0c:49:b3:b8:01:c0:
28:8f:71:d2:1d:60:2c:4f:b4:f9:16:c0:bb:99:78:
be:2e:d1:f3:e8:ac:93:57:6d:f3:0f:d9:0a:c5:f4:
1b:53:d6:a7:d9:c4:56:3b:4d:63:72:34:c4:5b:04:
a3:74:0f:c6:7f:7d:67:db:d1:b9:18:d3:96:59:cd:
7b:99:82:d3:16:39:2c:8b:fb:d2:58:e1:1c:f9:ef:
ce:1e:8b:ba:aa:c3:f7:46:ee:38:79:a2:45:67:ea:
06:00:45:6f:d8:74:eb:7d:cb:92:d4:1f:07:95:b7:
2b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:66:2A:91:1D:D9:14:F8:07:8D:5B:D6:5D:45:15:1E:A1:9D:72:56
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S2YqkR3ZFPgHjVvWXUUVHqGdclY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:c4:37:50:f2:aa:a6:f8:88:01:95:f9:a1:a4:6b:77:ea:5c:
04:de:1d:40:34:37:0c:36:93:84:99:da:3d:76:01:1f:6e:d1:
de:9b:55:aa:62:ef:22:fa:3c:25:83:12:16:98:47:5d:b1:cc:
9e:86:4d:20:f0:26:a0:70:ff:5a:92:d8:17:33:49:e8:62:48:
12:79:6d:48:e7:52:6b:8c:15:eb:28:f5:06:06:6b:9d:1e:f0:
74:dd:18:69:d2:b6:13:48:cc:5d:48:ee:88:d1:83:cc:24:e8:
1e:ab:57:bf:cc:c6:0a:d9:18:93:bc:1e:6e:f6:8a:e0:bf:7c:
56:5f:a2:da:3c:cf:40:b0:e2:6c:5b:0d:1a:3c:f4:ff:b9:9b:
0c:04:fb:36:76:a1:c2:ff:60:1a:d3:64:f4:37:d1:10:32:39:
dd:9d:61:56:ed:53:12:2c:c6:7f:2a:92:a2:dc:fd:0a:db:ab:
b1:28:98:95:19:ca:99:9a:ca:34:ef:3b:3d:15:e2:90:5d:27:
41:c9:2a:64:75:d7:3c:22:a6:b7:3e:e1:a0:46:37:c6:1b:fc:
38:ba:e5:be:06:65:d3:99:88:80:fa:4d:4f:6c:b4:b7:57:61:
e4:69:2a:2e:12:34:c2:10:5c:72:38:66:d9:b1:35:37:cd:18:
53:05:b6:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYttl1RW0+9lL7wMsHFwDulyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI2MjAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjY2MmE5MTFkZDkxNGY4MDc4ZDViZDY1ZDQ1MTUxZWExOWQ3MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl33wn/lHNY+fLGegiuytvxL2psX4
0m9zWB+RhpFuClfcSVbBy9K/X96R94YJVXzpnwMln0TidCuM/sm1xR+x1GMlZTr4
b8RGu/uwtWwcYcwBh5mGnhF5BbZ3Ynp05NZpAjtSFJibagup1mX1f/9DU7pBlxIi
eJO/3qH1bnszjWvNf/qERsTx6+xTIiBT684MSbO4AcAoj3HSHWAsT7T5FsC7mXi+
LtHz6KyTV23zD9kKxfQbU9an2cRWO01jcjTEWwSjdA/Gf31n29G5GNOWWc17mYLT
Fjksi/vSWOEc+e/OHou6qsP3Ru44eaJFZ+oGAEVv2HTrfcuS1B8Hlbcr5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEtmKpEd2RT4B41b1l1FFR6hnXJWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUzJZcWtSM1pGUGdIalZ2V1hVVVZIcUdkY2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbEN1Dyqqb4iAGV+aGk
a3fqXATeHUA0Nww2k4SZ2j12AR9u0d6bVapi7yL6PCWDEhaYR12xzJ6GTSDwJqBw
/1qS2BczSehiSBJ5bUjnUmuMFeso9QYGa50e8HTdGGnSthNIzF1I7ojRg8wk6B6r
V7/MxgrZGJO8Hm72iuC/fFZfoto8z0Cw4mxbDRo89P+5mwwE+zZ2ocL/YBrTZPQ3
0RAyOd2dYVbtUxIsxn8qkqLc/Qrbq7EomJUZypmayjTvOz0V4pBdJ0HJKmR11zwi
prc+4aBGN8Yb/Di65b4GZdOZiID6TU9stLdXYeRpKi4SNMIQXHI4ZtmxNTfNGFMF
tt4=
-----END CERTIFICATE-----
Generated at Thu Jun 19 01:42:12 2025 by rpki-client