Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/usnyIHBDa0S-DYGkG_OAFLviOUg.roa
File: usnyIHBDa0S-DYGkG_OAFLviOUg.roa (raw, json)
Hash identifier: tHV19rgg2FfpR7TNV3MiAt7d2c747zbjU+pc3l2vVM0=
Subject key identifier: BA:C9:F2:20:70:43:6B:44:BE:0D:81:A4:1B:F3:80:14:BB:E2:39:48
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE178B915719177BF43109D8F0E5022DB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/usnyIHBDa0S-DYGkG_OAFLviOUg.roa
Signing time: Fri 29 Sep 2023 15:04:59 +0000
ROA not before: Fri 29 Sep 2023 15:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:e178:2d7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:78:b9:15:71:91:77:bf:43:10:9d:8f:0e:50:22:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 15:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bac9f22070436b44be0d81a41bf38014bbe23948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cf:f8:5b:13:4e:32:f7:fd:05:22:8c:88:00:
b9:9c:05:7a:dc:bd:7b:03:1d:11:63:63:9b:6e:6c:
b1:5a:96:a1:46:d5:13:1f:13:cb:f0:0c:79:c7:f0:
15:62:6f:37:d7:a3:2e:20:2c:4e:6e:c7:9f:6f:16:
a4:26:2f:c2:73:76:ea:0e:f4:76:b6:93:8d:fd:39:
ff:a6:1b:9c:b2:73:f4:02:21:b4:41:2d:3a:a1:12:
b9:ec:c6:5e:a4:86:3e:9e:17:91:e1:0a:97:70:63:
fe:18:4b:81:6e:29:71:80:25:e7:1c:dd:45:ad:57:
2d:20:ad:7a:cb:c9:df:92:c7:6a:f4:d6:bc:44:5e:
e3:e2:1b:b9:c4:6a:ee:7f:28:98:b8:ba:4e:c1:79:
3f:14:96:75:e5:84:b2:56:c7:2d:31:c6:8f:67:4a:
47:9a:56:4d:71:f1:88:81:99:53:7b:99:3e:c9:f2:
a3:54:ad:43:34:39:58:42:fa:94:63:bd:b8:eb:b6:
20:29:38:0c:82:37:e5:ff:75:68:a5:32:02:bc:5e:
ff:72:ea:c4:96:88:3d:87:e7:aa:74:b8:fa:a9:50:
79:58:18:76:e9:ce:17:b0:d5:f0:fc:37:60:6c:96:
ff:d1:40:a0:a4:75:b1:fe:0b:21:07:71:a1:90:26:
ef:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C9:F2:20:70:43:6B:44:BE:0D:81:A4:1B:F3:80:14:BB:E2:39:48
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/usnyIHBDa0S-DYGkG_OAFLviOUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:2f:c9:6b:2c:a7:9e:50:51:e0:b8:43:5a:0e:3f:96:31:1b:
cc:08:7d:86:bf:d6:2e:bc:c5:02:0a:24:46:cd:26:18:9a:dc:
4b:01:75:9e:e4:2c:d0:58:de:51:db:62:d9:00:0e:47:cf:9b:
49:9a:52:aa:b4:c2:da:f3:4b:08:75:75:ee:36:56:d9:95:b0:
76:71:2e:62:c4:72:58:8a:cd:2f:44:ec:1c:79:e5:36:bd:0c:
a2:83:6e:2c:44:33:11:99:30:92:e5:94:42:82:c9:a1:74:7a:
ff:a2:72:98:34:43:4f:7e:19:a0:ad:ed:82:04:37:fa:9b:e2:
61:50:a9:de:a4:9a:c0:3c:f5:9c:80:64:c0:89:79:89:b1:90:
13:72:0b:a5:71:95:b0:63:2a:17:30:55:1b:dc:70:af:df:3c:
65:b1:86:d9:9d:fd:5f:86:63:1c:b3:89:38:df:b1:2f:f5:e2:
8e:02:ee:40:5b:c6:41:40:4c:75:0b:83:2c:7e:e2:d8:87:11:
44:4f:70:6e:e8:39:f0:62:c7:b0:c1:98:1e:8e:37:0e:7f:93:
dd:3f:6f:e2:78:92:4f:07:d3:a7:6f:ca:c8:b5:c0:33:89:14:
52:c9:69:d5:10:b6:a5:3c:eb:20:7a:31:24:e8:fa:56:15:cc:
15:f7:33:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrheLkVcZF3v0MQnY8OUCLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MTUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM5ZjIyMDcwNDM2YjQ0YmUwZDgxYTQxYmYzODAxNGJiZTIzOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3c/4WxNOMvf9BSKMiAC5nAV63L17
Ax0RY2ObbmyxWpahRtUTHxPL8Ax5x/AVYm8316MuICxObsefbxakJi/Cc3bqDvR2
tpON/Tn/phucsnP0AiG0QS06oRK57MZepIY+nheR4QqXcGP+GEuBbilxgCXnHN1F
rVctIK16y8nfksdq9Na8RF7j4hu5xGrufyiYuLpOwXk/FJZ15YSyVsctMcaPZ0pH
mlZNcfGIgZlTe5k+yfKjVK1DNDlYQvqUY72467YgKTgMgjfl/3VopTICvF7/curE
log9h+eqdLj6qVB5WBh26c4XsNXw/DdgbJb/0UCgpHWx/gshB3GhkCbvAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLrJ8iBwQ2tEvg2BpBvzgBS74jlIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdXNueUlIQkRhMFMtRFlHa0dfT0FGTHZpT1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJYvyWssp55QUeC4Q1oO
P5YxG8wIfYa/1i68xQIKJEbNJhia3EsBdZ7kLNBY3lHbYtkADkfPm0maUqq0wtrz
Swh1de42VtmVsHZxLmLEcliKzS9E7Bx55Ta9DKKDbixEMxGZMJLllEKCyaF0ev+i
cpg0Q09+GaCt7YIEN/qb4mFQqd6kmsA89ZyAZMCJeYmxkBNyC6VxlbBjKhcwVRvc
cK/fPGWxhtmd/V+GYxyziTjfsS/14o4C7kBbxkFATHULgyx+4tiHEURPcG7oOfBi
x7DBmB6ONw5/k90/b+J4kk8H06dvysi1wDOJFFLJadUQtqU86yB6MSTo+lYVzBX3
M+M=
-----END CERTIFICATE-----
Generated at Wed Jun 18 21:50:16 2025 by rpki-client