Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y4vkRFxq-f9nbRt5wj2zd9VCqB8.roa
File: y4vkRFxq-f9nbRt5wj2zd9VCqB8.roa (raw, json)
Hash identifier: wviju2xxgqwPUTCW5qDBnEXG05EL7gGAbpkcbq9kejI=
Subject key identifier: CB:8B:E4:44:5C:6A:F9:FF:67:6D:1B:79:C2:3D:B3:77:D5:42:A8:1F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC25B4A12ECF7D14487BB1DC2A96E06B8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y4vkRFxq-f9nbRt5wj2zd9VCqB8.roa
Signing time: Sat 23 Sep 2023 14:04:37 +0000
ROA not before: Sat 23 Sep 2023 14:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:c25b:10d3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c2:5b:4a:12:ec:f7:d1:44:87:bb:1d:c2:a9:6e:06:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 14:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb8be4445c6af9ff676d1b79c23db377d542a81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2c:ef:24:e0:55:ad:2c:28:77:22:90:67:6c:
6c:a4:51:64:4b:95:30:6c:a3:00:b4:56:69:81:d2:
ca:76:85:ab:f0:77:70:22:ac:19:ff:20:f7:58:bf:
72:18:8d:6e:55:18:bf:a7:13:69:f3:93:8e:f9:00:
54:ee:7a:b3:00:7f:3d:af:b1:9e:29:a4:04:8a:72:
03:36:44:a6:ec:75:cc:e1:9b:c4:ae:06:dd:4f:fd:
bf:74:61:3b:c3:e6:ec:5b:e3:4b:f7:62:30:be:22:
b4:6b:8a:a8:1f:27:27:49:a2:2f:7c:82:5e:f8:d3:
75:37:92:ac:48:44:a3:05:68:67:e6:0a:f9:ff:7c:
f4:f8:89:3b:aa:c4:fe:e2:a6:bd:7e:5f:8e:8e:9a:
95:2f:58:7b:2f:06:3d:db:5a:99:59:fc:71:1b:3a:
b4:7d:39:cd:93:0e:6e:0e:d4:d0:6a:99:a6:31:e6:
5f:e0:95:ae:85:14:37:d2:71:64:ee:88:f1:f9:2a:
48:09:72:c6:3e:68:31:42:14:aa:4e:1f:03:6c:21:
1a:22:6e:53:7c:8c:52:ec:e2:b6:a1:b7:ad:af:1a:
9b:65:45:f2:49:de:77:e3:e5:43:ed:0f:4f:b4:68:
82:46:53:88:33:21:2a:6b:50:82:ff:1d:ba:3f:02:
a7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8B:E4:44:5C:6A:F9:FF:67:6D:1B:79:C2:3D:B3:77:D5:42:A8:1F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/y4vkRFxq-f9nbRt5wj2zd9VCqB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:d3:d5:6b:68:d2:f7:c8:f0:6c:77:36:c4:fa:d3:01:88:7e:
82:ba:de:84:0a:3d:45:22:90:4a:34:c5:d4:cd:34:4f:b2:16:
13:5e:79:71:a9:2f:aa:6a:dc:c9:50:14:69:3d:d6:5c:4a:b5:
6a:f8:b1:74:a2:55:e5:7f:8d:2c:c1:34:59:c8:c9:07:ab:5c:
8d:31:56:dd:60:c5:a6:5f:bd:80:3d:6e:ce:12:8f:e7:40:81:
a4:f4:00:13:8b:c1:28:dc:24:c5:9e:0e:b1:5d:ea:90:f5:29:
67:3f:b6:0b:b3:d6:f4:6f:df:69:a0:37:11:34:00:dc:b7:b9:
92:fa:cb:b4:4c:dd:e2:71:15:ee:96:57:f5:81:7b:b8:d1:e1:
cb:0c:ca:7f:2d:3a:2c:46:d2:3a:7b:7d:09:2d:ac:00:23:5e:
ea:a8:e4:e9:00:07:bf:e4:a4:85:1a:db:fd:51:69:b3:c5:b2:
d1:56:08:1e:87:35:af:e7:84:56:6a:fd:f1:e2:04:46:f9:73:
1a:fa:81:7c:da:4d:3e:c6:32:3b:e1:1e:5c:e4:45:17:ac:e8:
cb:e0:1d:df:e8:b5:3e:39:4b:5a:dd:9d:db:dc:8d:fb:5d:17:
62:64:22:68:e7:a9:24:aa:db:5d:25:02:6e:4d:c3:de:93:7c:
70:90:21:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrCW0oS7PfRRIe7HcKpbga4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMTQwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjhiZTQ0NDVjNmFmOWZmNjc2ZDFiNzljMjNkYjM3N2Q1NDJhODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSzvJOBVrSwodyKQZ2xspFFkS5Uw
bKMAtFZpgdLKdoWr8HdwIqwZ/yD3WL9yGI1uVRi/pxNp85OO+QBU7nqzAH89r7Ge
KaQEinIDNkSm7HXM4ZvErgbdT/2/dGE7w+bsW+NL92IwviK0a4qoHycnSaIvfIJe
+NN1N5KsSESjBWhn5gr5/3z0+Ik7qsT+4qa9fl+OjpqVL1h7LwY921qZWfxxGzq0
fTnNkw5uDtTQapmmMeZf4JWuhRQ30nFk7ojx+SpICXLGPmgxQhSqTh8DbCEaIm5T
fIxS7OK2obetrxqbZUXySd534+VD7Q9PtGiCRlOIMyEqa1CC/x26PwKnWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMuL5ERcavn/Z20becI9s3fVQqgfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveTR2a1JGeHEtZjluYlJ0NXdqMnpkOVZDcUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3T1Wto0vfI8Gx3NsT6
0wGIfoK63oQKPUUikEo0xdTNNE+yFhNeeXGpL6pq3MlQFGk91lxKtWr4sXSiVeV/
jSzBNFnIyQerXI0xVt1gxaZfvYA9bs4Sj+dAgaT0ABOLwSjcJMWeDrFd6pD1KWc/
tguz1vRv32mgNxE0ANy3uZL6y7RM3eJxFe6WV/WBe7jR4csMyn8tOixG0jp7fQkt
rAAjXuqo5OkAB7/kpIUa2/1RabPFstFWCB6HNa/nhFZq/fHiBEb5cxr6gXzaTT7G
MjvhHlzkRRes6MvgHd/otT45S1rdndvcjftdF2JkImjnqSSq210lAm5Nw96TfHCQ
Ics=
-----END CERTIFICATE-----
Generated at Tue Jun 17 04:45:03 2025 by rpki-client