Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/ny-ovEEZxDZOHLJi-3WALcbiPug.roa
File: ny-ovEEZxDZOHLJi-3WALcbiPug.roa (raw, json)
Hash identifier: Yrx9P0bSPXickx9+Ok+K6iICbUjxKI0bkk1kwORVs70=
Subject key identifier: 9F:2F:A8:BC:41:19:C4:36:4E:1C:B2:62:FB:75:80:2D:C6:E2:3E:E8
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF0064296BF579BE99A10DA59E9ACD4BB
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/ny-ovEEZxDZOHLJi-3WALcbiPug.roa
Signing time: Thu 18 Apr 2024 07:05:25 +0000
ROA not before: Thu 18 Apr 2024 07:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f005:72b1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:06:42:96:bf:57:9b:e9:9a:10:da:59:e9:ac:d4:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 07:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f2fa8bc4119c4364e1cb262fb75802dc6e23ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:af:aa:81:43:b6:b0:ab:6a:59:d1:01:a0:48:
11:a7:c7:9a:eb:ca:62:cf:6a:77:2a:3b:3f:1d:8f:
8f:f6:ae:93:63:d6:98:d3:a1:0b:e1:13:a8:bc:9e:
d0:bb:cb:a4:6c:ce:83:2b:f2:bf:6e:a8:e3:3e:0f:
c5:42:a6:65:04:7e:2d:34:8d:6f:56:99:8b:30:c3:
e2:b3:43:0e:e6:c2:4a:fc:0b:7b:a2:ab:55:1c:91:
4e:e0:df:26:34:cd:42:0c:5b:4e:0f:eb:a7:98:3f:
eb:9c:e4:e4:cc:8d:9b:4f:08:d9:d4:ea:c9:a5:a4:
2d:fb:e0:66:53:2e:29:d4:75:d1:91:71:39:30:e8:
c1:a2:92:c9:82:e3:27:18:82:0b:ca:dd:94:07:3a:
1a:fa:0e:ba:f0:d5:b2:5a:29:44:00:7e:6d:d4:29:
a5:91:18:e9:f8:01:a0:71:00:b5:ee:08:4b:cc:c7:
5b:5c:69:1b:c9:26:e0:4c:98:da:c5:34:87:e8:7e:
90:05:2a:1f:ac:fd:08:2e:cf:ae:00:f2:d0:9f:13:
9c:d8:7d:8e:cd:3c:63:39:5d:5f:aa:8b:ca:e2:38:
fb:b6:cf:ec:6a:3c:77:84:aa:0f:c0:65:a7:8e:e2:
79:41:1f:e5:28:69:6f:1d:38:39:37:04:a8:7c:2e:
4e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:2F:A8:BC:41:19:C4:36:4E:1C:B2:62:FB:75:80:2D:C6:E2:3E:E8
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/ny-ovEEZxDZOHLJi-3WALcbiPug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:f9:6d:01:a3:50:89:06:86:59:86:bc:68:9d:89:e8:b0:7e:
4c:b8:c2:ed:68:7c:df:e3:be:27:df:58:1c:93:ba:b4:42:02:
9f:53:3c:23:f5:f5:5d:c0:c6:f5:a9:17:84:19:e0:5a:14:bd:
0f:d5:f3:32:0f:43:f9:7c:28:04:76:c9:09:d8:b7:af:6e:2b:
e7:ef:be:df:42:86:0d:6e:d4:29:fd:71:04:a0:2f:54:00:da:
e7:a3:6f:28:65:57:9a:19:c4:ec:bc:e5:f8:00:4a:6e:03:1a:
ec:94:b8:b1:44:2c:fa:44:f2:04:c6:4b:51:d7:da:5a:c9:7b:
e7:15:26:30:b8:86:79:1f:14:4b:09:76:10:00:8c:2d:5e:a9:
4c:50:7e:75:89:17:72:95:e1:47:75:6c:a1:21:e4:a5:dd:4f:
38:87:14:38:20:92:93:04:3d:6e:57:1a:32:df:64:e4:fd:eb:
80:f6:4b:55:88:04:2c:d2:d9:c4:00:de:97:eb:4e:73:06:80:
e9:ca:b7:cb:9e:40:2c:c7:dc:ae:f7:f3:22:37:3d:57:1f:ab:
a4:f5:3a:d3:ba:fd:5b:dc:18:f2:b7:43:73:15:12:d3:aa:35:
14:9d:bd:a0:a1:61:6d:ec:db:bf:4b:19:3b:28:b1:2d:3d:7c:
66:80:9e:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7wBkKWv1eb6ZoQ2lnprNS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MDcwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJmYThiYzQxMTljNDM2NGUxY2IyNjJmYjc1ODAyZGM2ZTIzZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6+qgUO2sKtqWdEBoEgRp8ea68pi
z2p3Kjs/HY+P9q6TY9aY06EL4ROovJ7Qu8ukbM6DK/K/bqjjPg/FQqZlBH4tNI1v
VpmLMMPis0MO5sJK/At7oqtVHJFO4N8mNM1CDFtOD+unmD/rnOTkzI2bTwjZ1OrJ
paQt++BmUy4p1HXRkXE5MOjBopLJguMnGIILyt2UBzoa+g668NWyWilEAH5t1Cml
kRjp+AGgcQC17ghLzMdbXGkbySbgTJjaxTSH6H6QBSofrP0ILs+uAPLQnxOc2H2O
zTxjOV1fqovK4jj7ts/sajx3hKoPwGWnjuJ5QR/lKGlvHTg5NwSofC5OaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ8vqLxBGcQ2ThyyYvt1gC3G4j7oMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvbnktb3ZFRVp4RFpPSExKaS0zV0FMY2JpUHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEP5bQGjUIkGhlmGvGid
ieiwfky4wu1ofN/jviffWByTurRCAp9TPCP19V3AxvWpF4QZ4FoUvQ/V8zIPQ/l8
KAR2yQnYt69uK+fvvt9Chg1u1Cn9cQSgL1QA2uejbyhlV5oZxOy85fgASm4DGuyU
uLFELPpE8gTGS1HX2lrJe+cVJjC4hnkfFEsJdhAAjC1eqUxQfnWJF3KV4Ud1bKEh
5KXdTziHFDggkpMEPW5XGjLfZOT964D2S1WIBCzS2cQA3pfrTnMGgOnKt8ueQCzH
3K738yI3PVcfq6T1OtO6/VvcGPK3Q3MVEtOqNRSdvaChYW3s279LGTsosS09fGaA
nmk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:56:00 2025 by rpki-client