Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/YwCVgnPt7JauTeXw86ithgtYZzY.roa
File: YwCVgnPt7JauTeXw86ithgtYZzY.roa (raw, json)
Hash identifier: ek49FVVCdWX2BMHynflKZvwSLR28uOtivul6/6eD5ck=
Subject key identifier: 63:00:95:82:73:ED:EC:96:AE:4D:E5:F0:F3:A8:AD:86:0B:58:67:36
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B02161743663DF5D9677F8ACEEC2738CF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/YwCVgnPt7JauTeXw86ithgtYZzY.roa
Signing time: Thu 05 Oct 2023 23:04:44 +0000
ROA not before: Thu 05 Oct 2023 23:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:215:af8b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:02:16:17:43:66:3d:f5:d9:67:7f:8a:ce:ec:27:38:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 23:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6300958273edec96ae4de5f0f3a8ad860b586736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e7:ce:42:f2:49:ba:6b:b5:84:7a:9b:db:a0:
d2:c5:69:7d:88:68:c3:7a:ac:d9:8b:94:0e:29:5c:
85:61:5c:08:e6:84:61:ba:c6:ee:3f:bd:cc:16:29:
e9:5a:de:e0:8f:3f:04:d5:88:69:fe:e8:b0:4e:3a:
aa:43:b6:d9:8e:1e:b4:0a:e9:b1:04:d2:fc:b8:1c:
c6:14:0d:a2:56:6e:ad:c5:2e:6b:23:69:45:0f:66:
61:1a:10:6f:83:77:a9:e8:a9:54:2e:77:9d:59:2c:
c7:18:e5:82:fc:d9:68:1b:c8:43:6a:28:5c:27:4d:
cd:59:07:cb:72:bc:e6:4d:79:87:16:c9:7f:c9:3c:
ea:4f:02:b6:a2:6b:b5:42:d2:64:46:b2:25:77:85:
6d:3a:59:a7:56:b7:23:10:d3:c7:ad:ce:3a:e3:6f:
0d:0e:9c:06:3a:60:2a:ac:d3:86:42:54:ed:86:28:
56:9e:d6:48:39:47:f4:3d:70:10:c3:d5:bb:5e:f0:
2f:d1:1a:65:98:a0:2f:1f:4a:c4:6e:ec:04:5f:90:
b8:7f:28:9d:99:f9:5e:f0:09:25:83:f9:9a:9f:e9:
ef:79:bd:7b:66:60:f6:05:cd:ff:b2:55:09:c4:d7:
06:a6:82:c7:8f:94:8c:5a:14:7f:cd:af:13:a5:04:
87:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:00:95:82:73:ED:EC:96:AE:4D:E5:F0:F3:A8:AD:86:0B:58:67:36
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/YwCVgnPt7JauTeXw86ithgtYZzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c6:30:b1:54:e0:1c:f4:15:a3:ce:77:bd:c9:5c:d5:80:ad:41:
e8:1a:1e:c7:66:11:2b:a0:ef:09:74:a0:94:fd:bd:8e:28:42:
1f:63:e8:e5:76:b8:1f:30:40:26:b0:ec:a9:4c:f9:99:c7:08:
5d:24:07:36:53:03:fd:d1:57:40:55:9a:28:26:e7:06:85:0a:
83:b7:91:14:d5:b1:3c:8a:64:c8:ff:82:ac:3d:bc:d8:00:55:
75:a6:94:c9:ff:6d:a3:02:f3:b7:19:19:05:13:ab:f4:bb:b0:
dd:2c:51:e8:46:a4:f9:3b:da:b4:10:ff:56:5b:82:0f:a4:fc:
0d:3c:de:be:e4:11:3f:64:8b:d4:ae:e1:e3:74:08:12:0c:13:
c3:10:da:3c:59:83:c9:bb:0c:8b:6a:9c:b7:88:9a:93:4d:57:
1b:cf:e5:f8:5b:5e:93:3b:fd:16:ec:07:6f:c3:a1:07:bd:80:
04:42:ea:9f:51:80:95:e4:f8:0b:3b:72:90:40:d7:00:d8:4f:
d4:fa:8c:1a:2a:d0:3c:bc:7c:eb:33:39:a3:a3:30:e2:5c:f0:
ff:2b:2f:cf:39:db:b4:4a:61:0b:c9:a3:24:c8:5a:14:f9:46:
30:a4:75:e9:a9:75:b3:d1:ff:7e:0e:a4:1f:9e:ee:be:23:53:
2d:a3:92:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsCFhdDZj312Wd/is7sJzjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MjMwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzAwOTU4MjczZWRlYzk2YWU0ZGU1ZjBmM2E4YWQ4NjBiNTg2NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOfOQvJJumu1hHqb26DSxWl9iGjD
eqzZi5QOKVyFYVwI5oRhusbuP73MFinpWt7gjz8E1Yhp/uiwTjqqQ7bZjh60Cumx
BNL8uBzGFA2iVm6txS5rI2lFD2ZhGhBvg3ep6KlULnedWSzHGOWC/NloG8hDaihc
J03NWQfLcrzmTXmHFsl/yTzqTwK2omu1QtJkRrIld4VtOlmnVrcjENPHrc46428N
DpwGOmAqrNOGQlTthihWntZIOUf0PXAQw9W7XvAv0RplmKAvH0rEbuwEX5C4fyid
mfle8Aklg/man+nveb17ZmD2Bc3/slUJxNcGpoLHj5SMWhR/za8TpQSHqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGMAlYJz7eyWrk3l8POorYYLWGc2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWXdDVmduUHQ3SmF1VGVYdzg2aXRoZ3RZWnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMYwsVTgHPQVo853vclc
1YCtQegaHsdmESug7wl0oJT9vY4oQh9j6OV2uB8wQCaw7KlM+ZnHCF0kBzZTA/3R
V0BVmigm5waFCoO3kRTVsTyKZMj/gqw9vNgAVXWmlMn/baMC87cZGQUTq/S7sN0s
UehGpPk72rQQ/1Zbgg+k/A083r7kET9ki9Su4eN0CBIME8MQ2jxZg8m7DItqnLeI
mpNNVxvP5fhbXpM7/RbsB2/DoQe9gARC6p9RgJXk+As7cpBA1wDYT9T6jBoq0Dy8
fOszOaOjMOJc8P8rL88527RKYQvJoyTIWhT5RjCkdempdbPR/34OpB+e7r4jUy2j
klE=
-----END CERTIFICATE-----
Generated at Fri Jun 20 08:59:26 2025 by rpki-client