Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ryFaKwJxnuf_xJ9v2H3-xcv3fiA.roa
File: ryFaKwJxnuf_xJ9v2H3-xcv3fiA.roa (raw, json)
Hash identifier: bCl0ntAGWO1PD0iHYvzVIRgoOmWeIFmoNzkK1f9EGNc=
Subject key identifier: AF:21:5A:2B:02:71:9E:E7:FF:C4:9F:6F:D8:7D:FE:C5:CB:F7:7E:20
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD6BE8E6BC67CB3BB47C9182AF4E7BE84
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ryFaKwJxnuf_xJ9v2H3-xcv3fiA.roa
Signing time: Wed 27 Sep 2023 13:05:27 +0000
ROA not before: Wed 27 Sep 2023 13:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:d6bd:b533/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:be:8e:6b:c6:7c:b3:bb:47:c9:18:2a:f4:e7:be:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 13:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af215a2b02719ee7ffc49f6fd87dfec5cbf77e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e2:d2:e8:79:e6:5a:0b:8d:cf:7f:09:8f:c0:
6a:30:c9:5d:b8:86:9c:b7:10:f2:0b:86:8a:18:1e:
d2:8b:9a:c5:04:9d:af:9c:15:7c:ba:65:ce:fb:a5:
b6:fa:42:d7:ef:12:3b:ed:d7:1f:45:10:5b:b5:fb:
3a:44:0e:32:8c:fe:2d:f1:72:b9:94:99:5d:3b:2c:
d0:8a:00:e8:3e:c9:16:93:88:8d:0b:e8:b2:02:ad:
1f:14:5f:76:6e:f6:7a:ad:3b:ce:ed:94:a1:fc:fe:
c6:62:81:b1:ad:33:df:39:23:23:e2:8a:57:50:50:
7d:30:47:f4:ea:10:e8:5b:52:38:c2:52:1f:5a:a7:
0c:fb:bc:4d:5e:d4:2c:c3:2d:58:72:87:55:89:b3:
cf:06:d4:03:12:be:82:5b:33:91:cc:63:8a:00:ab:
56:ac:69:8d:92:39:5b:17:78:c0:bd:9d:57:03:f1:
8c:ca:40:00:fa:f3:5e:b1:26:21:18:25:82:8b:41:
3d:bb:7e:c3:c3:18:33:81:67:f5:3b:98:1a:9f:32:
85:07:25:bc:43:90:03:67:8f:97:82:3d:d0:9a:5a:
29:a9:e6:17:b8:99:df:f4:0a:39:28:c2:a0:e5:5c:
f0:24:4f:5a:d7:44:d2:4d:87:a5:f8:08:40:b1:93:
6a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:21:5A:2B:02:71:9E:E7:FF:C4:9F:6F:D8:7D:FE:C5:CB:F7:7E:20
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ryFaKwJxnuf_xJ9v2H3-xcv3fiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:89:af:ab:80:97:e2:34:08:4e:47:d0:84:1c:06:16:81:e0:
25:21:f1:3d:a5:9d:6d:49:dd:fe:9d:fd:e2:97:7d:b0:37:50:
38:ab:e7:38:67:79:da:81:de:68:e2:9c:93:07:29:95:69:43:
96:0c:11:d0:99:8f:22:77:3c:b1:93:fd:7c:4d:a6:bd:3c:a8:
45:4d:71:16:3b:80:b8:3c:95:af:23:be:bf:f8:b2:50:98:2b:
13:c6:7e:4f:62:6c:99:1a:74:f2:23:c7:3d:70:33:38:b5:04:
8b:fc:ce:f9:11:a8:79:7e:cb:7e:7f:d8:ae:25:ee:33:08:1c:
1b:a7:48:73:fd:05:47:38:5b:6c:4a:ef:43:2e:1d:f7:c6:1b:
8e:fd:ef:d6:6f:65:78:fd:39:b1:76:68:bb:84:41:60:26:80:
9d:65:4b:53:03:1f:6b:f2:32:8f:cd:48:3b:ee:68:bf:e4:fb:
d6:64:24:f6:b8:4c:a3:a6:fd:da:41:6d:e9:7c:e9:77:23:f4:
6a:a6:bb:c6:e9:90:74:49:e0:ef:6c:d1:37:d8:6f:55:40:6b:
9e:44:26:06:32:4e:7a:4a:0e:a4:85:27:e3:b9:39:14:fa:ed:
bf:1e:73:b3:0e:93:b5:40:6f:e2:db:27:d1:85:15:40:48:d9:
ad:fb:58:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrWvo5rxnyzu0fJGCr0576EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MTMwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIxNWEyYjAyNzE5ZWU3ZmZjNDlmNmZkODdkZmVjNWNiZjc3ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuLS6HnmWguNz38Jj8BqMMlduIac
txDyC4aKGB7Si5rFBJ2vnBV8umXO+6W2+kLX7xI77dcfRRBbtfs6RA4yjP4t8XK5
lJldOyzQigDoPskWk4iNC+iyAq0fFF92bvZ6rTvO7ZSh/P7GYoGxrTPfOSMj4opX
UFB9MEf06hDoW1I4wlIfWqcM+7xNXtQswy1YcodVibPPBtQDEr6CWzORzGOKAKtW
rGmNkjlbF3jAvZ1XA/GMykAA+vNesSYhGCWCi0E9u37DwxgzgWf1O5ganzKFByW8
Q5ADZ4+Xgj3QmlopqeYXuJnf9Ao5KMKg5VzwJE9a10TSTYel+AhAsZNqAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK8hWisCcZ7n/8Sfb9h9/sXL934gMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcnlGYUt3SnhudWZfeEo5djJIMy14Y3YzZmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGOJr6uAl+I0CE5H0IQc
BhaB4CUh8T2lnW1J3f6d/eKXfbA3UDir5zhnedqB3mjinJMHKZVpQ5YMEdCZjyJ3
PLGT/XxNpr08qEVNcRY7gLg8la8jvr/4slCYKxPGfk9ibJkadPIjxz1wMzi1BIv8
zvkRqHl+y35/2K4l7jMIHBunSHP9BUc4W2xK70MuHffGG47979ZvZXj9ObF2aLuE
QWAmgJ1lS1MDH2vyMo/NSDvuaL/k+9ZkJPa4TKOm/dpBbel86Xcj9Gqmu8bpkHRJ
4O9s0TfYb1VAa55EJgYyTnpKDqSFJ+O5ORT67b8ec7MOk7VAb+LbJ9GFFUBI2a37
WMs=
-----END CERTIFICATE-----
Generated at Wed Jun 18 21:50:03 2025 by rpki-client