Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Yh4GawAC7883fGmYGWSKMsjuksg.roa
File: Yh4GawAC7883fGmYGWSKMsjuksg.roa (raw, json)
Hash identifier: SMoktKFrMWIs1v6mnidfHIOPuLadh1uTtdtgQTr2c7U=
Subject key identifier: 62:1E:06:6B:00:02:EF:CF:37:7C:69:98:19:64:8A:32:C8:EE:92:C8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFA5CC358D79168AD39BEB24065740D66
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Yh4GawAC7883fGmYGWSKMsjuksg.roa
Signing time: Wed 04 Oct 2023 11:04:57 +0000
ROA not before: Wed 04 Oct 2023 11:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:fa5c:83ec/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:5c:c3:58:d7:91:68:ad:39:be:b2:40:65:74:0d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 11:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=621e066b0002efcf377c699819648a32c8ee92c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:30:d8:8d:91:b9:5c:79:18:b6:b5:54:eb:4d:
5a:1b:7b:2e:6a:0a:25:11:c1:94:f2:35:65:5b:f4:
50:57:8c:4a:5f:f9:dc:24:43:26:1a:b9:7a:71:19:
78:34:d5:81:e6:24:2f:e3:d9:8f:b2:cb:2d:4c:c6:
62:3a:a8:cf:4d:2d:50:0d:b0:0d:4a:2d:04:a8:53:
1b:f6:f6:aa:d5:a2:89:c3:51:e4:3a:1a:cc:cc:a8:
9d:f3:d9:38:a5:fa:84:87:4a:06:1f:0a:87:4b:1a:
59:fa:53:cd:c3:49:4e:d5:50:20:49:28:e4:2b:8e:
b1:45:69:50:18:98:a6:d7:8f:94:b1:aa:14:27:e9:
4c:d0:c5:06:79:ee:6d:00:2b:a2:77:91:cc:41:05:
85:be:c0:b9:81:d3:5b:02:5f:a1:63:c6:ad:1b:92:
b6:c3:ee:f7:f8:da:63:af:be:40:aa:03:6c:f9:13:
63:a6:63:54:de:b7:ec:82:e6:e9:95:ed:e3:8c:df:
21:67:67:7e:7d:ab:44:87:c5:aa:6e:c9:28:e1:a3:
e9:e4:4b:53:de:2a:9b:44:c0:25:98:56:ea:27:97:
25:d9:d5:76:c3:b9:f9:76:48:b6:5f:30:d0:42:62:
ed:9a:39:ef:d5:eb:a7:83:f3:2c:e5:d7:9b:19:bb:
c3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1E:06:6B:00:02:EF:CF:37:7C:69:98:19:64:8A:32:C8:EE:92:C8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Yh4GawAC7883fGmYGWSKMsjuksg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:53:bb:da:83:3c:50:fa:ed:d1:3f:a6:86:fc:c8:7e:d4:c6:
4c:6d:b7:82:74:3b:85:58:bc:9f:ef:ad:3d:79:1b:4e:3e:cd:
98:37:d0:48:82:55:b9:88:9e:41:86:6d:c8:b2:92:e8:34:fd:
97:4b:b1:7b:a3:ab:c3:1d:04:e3:14:ac:4c:57:96:04:03:2c:
73:ac:dc:82:36:2e:00:e6:f9:0a:17:d6:65:1a:4d:ab:5e:41:
41:7b:78:17:c8:39:d3:42:e7:af:4e:41:43:da:a6:e2:28:d1:
be:81:39:bc:38:be:b3:16:b4:17:62:e6:d9:4f:aa:b1:09:cf:
fa:11:54:f6:c9:54:17:81:94:1b:25:00:82:02:a8:17:c4:80:
f1:b8:db:42:d7:85:9b:0a:60:25:76:5d:56:f8:80:3f:fb:d0:
d0:ac:6f:cb:f9:85:c1:c1:c0:49:42:15:54:8e:68:67:0d:11:
b3:00:ba:88:62:d8:3d:2a:3c:20:f6:59:8e:70:e6:98:00:be:
ce:ea:5b:7f:42:3a:54:83:cf:06:a6:ea:db:ef:7d:3e:4b:8d:
72:3c:62:2a:ae:d8:16:fb:e2:4f:e2:d5:29:ff:cf:45:38:a0:
f9:33:0c:a3:ed:74:09:75:4b:a5:a7:e6:f7:36:83:d7:b5:63:
cf:b5:0f:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr6XMNY15ForTm+skBldA1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MTEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjFlMDY2YjAwMDJlZmNmMzc3YzY5OTgxOTY0OGEzMmM4ZWU5MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijDYjZG5XHkYtrVU601aG3suagol
EcGU8jVlW/RQV4xKX/ncJEMmGrl6cRl4NNWB5iQv49mPssstTMZiOqjPTS1QDbAN
Si0EqFMb9vaq1aKJw1HkOhrMzKid89k4pfqEh0oGHwqHSxpZ+lPNw0lO1VAgSSjk
K46xRWlQGJim14+UsaoUJ+lM0MUGee5tACuid5HMQQWFvsC5gdNbAl+hY8atG5K2
w+73+Npjr75AqgNs+RNjpmNU3rfsgubple3jjN8hZ2d+fatEh8Wqbsko4aPp5EtT
3iqbRMAlmFbqJ5cl2dV2w7n5dki2XzDQQmLtmjnv1eung/Ms5debGbvDKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGIeBmsAAu/PN3xpmBlkijLI7pLIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWWg0R2F3QUM3ODgzZkdtWUdXU0tNc2p1a3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFVTu9qDPFD67dE/pob8
yH7Uxkxtt4J0O4VYvJ/vrT15G04+zZg30EiCVbmInkGGbciykug0/ZdLsXujq8Md
BOMUrExXlgQDLHOs3II2LgDm+QoX1mUaTateQUF7eBfIOdNC569OQUPapuIo0b6B
Obw4vrMWtBdi5tlPqrEJz/oRVPbJVBeBlBslAIICqBfEgPG420LXhZsKYCV2XVb4
gD/70NCsb8v5hcHBwElCFVSOaGcNEbMAuohi2D0qPCD2WY5w5pgAvs7qW39COlSD
zwam6tvvfT5LjXI8Yiqu2Bb74k/i1Sn/z0U4oPkzDKPtdAl1S6Wn5vc2g9e1Y8+1
D88=
-----END CERTIFICATE-----
Generated at Fri Jun 20 13:51:01 2025 by rpki-client