Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IBH35gXeOvwKr-5cYJRKDWbAphM.roa
File: IBH35gXeOvwKr-5cYJRKDWbAphM.roa (raw, json)
Hash identifier: KdHFn3dZKk+8n9Y1aguoOlCViFjsQWpeii/Kjs+lv/s=
Subject key identifier: 20:11:F7:E6:05:DE:3A:FC:0A:AF:EE:5C:60:94:4A:0D:66:C0:A6:13
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABBBCA613485461FB91CB1E5C896734B0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IBH35gXeOvwKr-5cYJRKDWbAphM.roa
Signing time: Fri 22 Sep 2023 07:13:37 +0000
ROA not before: Fri 22 Sep 2023 07:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:bc:a6:13:48:54:61:fb:91:cb:1e:5c:89:67:34:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 07:13:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2011f7e605de3afc0aafee5c60944a0d66c0a613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:46:5c:a2:4e:52:4f:72:74:00:f9:80:9b:8e:
ec:e3:ce:eb:8c:a5:98:39:b9:bd:7e:0e:b5:05:ae:
2f:ad:65:d7:08:24:97:b2:16:31:8c:34:72:6e:c1:
f9:55:fc:97:ef:ba:74:6c:ff:82:61:29:f8:8f:cc:
51:bb:f0:2b:8c:ce:f5:39:76:12:d2:17:09:ed:e6:
56:b0:08:15:39:2b:12:32:7d:bc:02:37:7a:09:6d:
10:55:3d:73:52:32:0f:97:34:08:0e:cf:4f:e8:51:
34:58:b4:66:6c:e5:0d:ef:e1:0a:f8:a4:6d:be:a6:
02:5e:65:04:29:65:1a:54:13:68:8b:fa:b9:a9:ff:
6d:2c:2f:42:fb:7c:34:6a:7f:2b:88:95:3a:bb:ac:
fd:e7:fb:1b:f2:36:38:d1:d2:44:3f:ee:c4:9e:e0:
5f:76:57:fd:ce:e6:40:0a:ac:06:05:db:05:2f:66:
04:26:73:58:86:a9:25:7c:53:c8:da:c3:ab:e9:19:
cf:72:64:2f:78:be:3d:82:5d:f4:b8:91:2f:4e:23:
2f:ef:16:57:8a:6c:5a:a2:13:75:fe:fc:20:76:07:
0e:2b:9b:c0:e9:66:2f:21:d3:2c:de:cf:fc:3d:a1:
2f:16:12:8d:5c:c2:90:2d:54:0c:11:0c:12:b3:34:
73:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:11:F7:E6:05:DE:3A:FC:0A:AF:EE:5C:60:94:4A:0D:66:C0:A6:13
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IBH35gXeOvwKr-5cYJRKDWbAphM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:3d:77:ab:19:d0:4e:6b:ba:ac:2f:b6:3a:97:94:a8:bc:9d:
a2:75:cb:24:68:be:de:8d:44:3c:fe:0d:7d:3e:25:d9:74:0a:
52:fa:43:0f:56:b6:17:7c:9a:8e:c6:2a:60:e7:8a:14:8a:12:
dc:3b:99:83:a8:69:df:1a:77:04:3b:09:1f:16:d9:d5:d7:eb:
89:c6:6e:54:a5:65:11:12:b1:20:83:fa:17:f4:52:46:76:13:
18:8c:d1:7e:c2:90:0d:18:4e:cb:8d:e1:6d:6d:90:9e:73:91:
c4:d3:09:ab:5c:5f:e9:a4:03:b8:c7:4e:17:c9:5f:08:e6:4e:
1f:68:4e:25:62:8d:5d:97:4c:8a:de:20:52:77:41:17:c1:df:
ea:c3:5d:ac:a9:a0:fc:fa:2e:fe:9a:37:6a:b9:51:d7:0d:c1:
62:e1:79:60:86:e6:46:ba:c1:12:e5:ed:c9:38:9f:32:1b:20:
dd:7c:4b:2b:d2:45:8d:19:15:7d:22:71:15:4d:e3:8d:50:cc:
eb:e1:2c:e4:b1:7a:a4:f0:b7:17:f4:df:18:0e:a6:95:10:1f:
69:9c:e0:cb:9e:3f:71:fa:94:9a:9e:8c:f4:54:5e:65:8d:ff:
f0:55:5f:cf:1c:10:6d:8a:66:c0:06:2d:d8:ab:3a:14:7b:04:
79:37:b9:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq7vKYTSFRh+5HLHlyJZzSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMDcxMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDExZjdlNjA1ZGUzYWZjMGFhZmVlNWM2MDk0NGEwZDY2YzBhNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEZcok5ST3J0APmAm47s487rjKWY
Obm9fg61Ba4vrWXXCCSXshYxjDRybsH5VfyX77p0bP+CYSn4j8xRu/ArjM71OXYS
0hcJ7eZWsAgVOSsSMn28Ajd6CW0QVT1zUjIPlzQIDs9P6FE0WLRmbOUN7+EK+KRt
vqYCXmUEKWUaVBNoi/q5qf9tLC9C+3w0an8riJU6u6z95/sb8jY40dJEP+7EnuBf
dlf9zuZACqwGBdsFL2YEJnNYhqklfFPI2sOr6RnPcmQveL49gl30uJEvTiMv7xZX
imxaohN1/vwgdgcOK5vA6WYvIdMs3s/8PaEvFhKNXMKQLVQMEQwSszRzXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCAR9+YF3jr8Cq/uXGCUSg1mwKYTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSUJIMzVnWGVPdndLci01Y1lKUktEV2JBcGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANI9d6sZ0E5ruqwvtjqX
lKi8naJ1yyRovt6NRDz+DX0+Jdl0ClL6Qw9Wthd8mo7GKmDnihSKEtw7mYOoad8a
dwQ7CR8W2dXX64nGblSlZRESsSCD+hf0UkZ2ExiM0X7CkA0YTsuN4W1tkJ5zkcTT
CatcX+mkA7jHThfJXwjmTh9oTiVijV2XTIreIFJ3QRfB3+rDXaypoPz6Lv6aN2q5
UdcNwWLheWCG5ka6wRLl7ck4nzIbIN18SyvSRY0ZFX0icRVN441QzOvhLOSxeqTw
txf03xgOppUQH2mc4MueP3H6lJqejPRUXmWN//BVX88cEG2KZsAGLdirOhR7BHk3
uVs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:55:10 2025 by rpki-client