Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yQrwl8r8Cu3ikezk696UkGqqz2c.roa
File: yQrwl8r8Cu3ikezk696UkGqqz2c.roa (raw, json)
Hash identifier: kODbkCPU4oSryfcImOnb5LtRZkBMqz674J+fqYruPoI=
Subject key identifier: C9:0A:F0:97:CA:FC:0A:ED:E2:91:EC:E4:EB:DE:94:90:6A:AA:CF:67
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB4D6998234E1347508B8B2FC1DAA41CA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yQrwl8r8Cu3ikezk696UkGqqz2c.roa
Signing time: Wed 20 Sep 2023 23:04:37 +0000
ROA not before: Wed 20 Sep 2023 23:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:b4d6:757f/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b4:d6:99:82:34:e1:34:75:08:b8:b2:fc:1d:aa:41:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 23:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c90af097cafc0aede291ece4ebde94906aaacf67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:27:f2:d8:8f:7f:54:c1:da:32:40:da:84:c4:
24:df:6b:35:70:db:5c:83:a5:b7:c0:95:b5:09:1c:
df:ce:4a:41:5e:07:7b:b0:48:58:e4:17:2d:08:25:
62:43:65:9e:db:81:72:fe:37:cf:4f:13:2a:87:7f:
94:d0:e3:41:a2:08:24:d2:e9:4a:cb:6e:91:31:3c:
07:3c:83:ca:ff:99:b6:f0:ba:2c:67:49:79:29:03:
b8:88:86:67:12:3e:17:b3:63:55:d8:3d:82:a9:cc:
66:ec:19:71:45:5d:12:6c:e3:1d:96:61:db:b3:e3:
93:29:9b:a6:f1:2d:c7:c5:d5:98:16:b2:08:ea:1d:
d0:5e:9c:66:46:cf:ab:4c:8a:3c:1c:01:b5:a5:7a:
e1:1b:4a:4f:cb:cc:3d:41:92:31:67:27:0e:ad:73:
ea:6a:f9:db:c2:c8:95:67:67:d1:27:40:8e:d7:85:
d2:bb:6d:7e:a4:64:9a:6c:6a:e7:fc:a5:96:e6:28:
9a:ec:26:c5:69:76:0d:cf:f7:05:5f:f0:90:82:9c:
67:3d:88:20:4c:f7:0b:62:f0:cd:46:51:da:a9:2f:
ee:28:74:45:e2:f3:06:ef:f7:1f:ed:8f:e3:db:ee:
f3:db:66:2d:fd:3c:f6:6c:68:07:a0:77:dc:d8:94:
77:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0A:F0:97:CA:FC:0A:ED:E2:91:EC:E4:EB:DE:94:90:6A:AA:CF:67
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/yQrwl8r8Cu3ikezk696UkGqqz2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:2b:40:b2:a8:73:88:a4:ac:9d:bb:99:ae:00:0e:c4:27:d3:
68:80:c8:d4:83:81:6c:e9:44:51:45:2e:a2:0d:d7:1c:bc:fd:
34:b8:9f:5a:93:f3:a4:ba:82:63:db:90:28:09:6f:52:b8:75:
22:9b:eb:d1:a9:07:e6:bb:02:dd:4d:ed:66:36:59:f4:e2:67:
b5:31:33:d9:70:11:8f:a2:77:47:4f:82:06:12:f1:c5:a8:ec:
75:fe:eb:69:c2:42:d9:63:d3:a6:cc:82:58:08:94:c5:97:07:
8e:16:4e:14:a5:4d:06:b4:e6:fd:e3:11:fa:8c:ec:36:97:a8:
33:ad:57:73:3d:d9:5b:e4:74:ec:d2:e1:f9:2e:a3:a1:ce:52:
41:75:fb:3d:a3:e1:e8:75:99:c5:d2:6e:6b:6e:dd:53:f0:d4:
89:f0:ee:4c:ab:1f:53:48:66:2e:e2:c7:9d:5d:bb:f0:c1:d9:
61:79:d2:05:41:b1:a3:a8:7e:6d:f3:ff:df:c4:52:24:2c:16:
a8:86:c6:52:96:47:d2:d5:f0:f7:b7:4d:f4:bd:92:d5:e9:6c:
8c:b1:19:57:ee:1f:60:c8:4d:12:b8:a7:83:0b:10:f6:3e:34:
62:71:48:fb:f9:de:db:25:d9:d9:85:5b:ad:21:af:1a:68:e2:
53:3f:10:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq01pmCNOE0dQi4svwdqkHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMjMwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBhZjA5N2NhZmMwYWVkZTI5MWVjZTRlYmRlOTQ5MDZhYWFjZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCfy2I9/VMHaMkDahMQk32s1cNtc
g6W3wJW1CRzfzkpBXgd7sEhY5BctCCViQ2We24Fy/jfPTxMqh3+U0ONBoggk0ulK
y26RMTwHPIPK/5m28LosZ0l5KQO4iIZnEj4Xs2NV2D2Cqcxm7BlxRV0SbOMdlmHb
s+OTKZum8S3HxdWYFrII6h3QXpxmRs+rTIo8HAG1pXrhG0pPy8w9QZIxZycOrXPq
avnbwsiVZ2fRJ0CO14XSu21+pGSabGrn/KWW5iia7CbFaXYNz/cFX/CQgpxnPYgg
TPcLYvDNRlHaqS/uKHRF4vMG7/cf7Y/j2+7z22Yt/Tz2bGgHoHfc2JR3LQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMkK8JfK/Art4pHs5OvelJBqqs9nMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveVFyd2w4cjhDdTNpa2V6azY5NlVrR3FxejJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4rQLKoc4ikrJ27ma4A
DsQn02iAyNSDgWzpRFFFLqIN1xy8/TS4n1qT86S6gmPbkCgJb1K4dSKb69GpB+a7
At1N7WY2WfTiZ7UxM9lwEY+id0dPggYS8cWo7HX+62nCQtlj06bMglgIlMWXB44W
ThSlTQa05v3jEfqM7DaXqDOtV3M92VvkdOzS4fkuo6HOUkF1+z2j4eh1mcXSbmtu
3VPw1Inw7kyrH1NIZi7ix51du/DB2WF50gVBsaOofm3z/9/EUiQsFqiGxlKWR9LV
8Pe3TfS9ktXpbIyxGVfuH2DITRK4p4MLEPY+NGJxSPv53tsl2dmFW60hrxpo4lM/
EOg=
-----END CERTIFICATE-----
Generated at Wed Jun 18 16:32:35 2025 by rpki-client