Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IGTEu5nQ6FQT2C1sBqEvkCUIs_A.roa
File: IGTEu5nQ6FQT2C1sBqEvkCUIs_A.roa (raw, json)
Hash identifier: xAlrMZgYxdDXtkLUMVgWFn2HWFMDtWRY19JsuSu9bh8=
Subject key identifier: 20:64:C4:BB:99:D0:E8:54:13:D8:2D:6C:06:A1:2F:90:25:08:B3:F0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7DB946017600B1A209870B6F002AB568
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IGTEu5nQ6FQT2C1sBqEvkCUIs_A.roa
Signing time: Sun 29 Oct 2023 23:16:15 +0000
ROA not before: Sun 29 Oct 2023 23:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7d:b9:46:01:76:00:b1:a2:09:87:0b:6f:00:2a:b5:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 23:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2064c4bb99d0e85413d82d6c06a12f902508b3f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3b:ef:d8:3f:f9:79:0b:73:98:a2:fd:12:dc:
4a:e9:14:56:9e:ca:13:d8:55:d4:6c:c7:31:51:81:
27:8a:ab:f3:25:fe:5e:99:c7:88:b3:22:88:92:4e:
4c:cf:3d:35:3f:ab:b3:48:3a:d2:3f:00:3f:b7:8c:
00:bd:b1:51:ae:ae:17:de:87:03:86:51:a6:55:ce:
68:f6:70:b1:32:7f:86:9a:40:05:4c:f3:aa:c0:7b:
7a:85:e7:cb:90:ba:49:b5:a6:c8:3d:a5:cb:9f:82:
5a:40:7a:ab:4e:ac:7f:2a:79:71:9e:fe:71:4d:af:
8c:c4:de:01:5d:9d:48:e1:9b:0e:1f:a0:d4:7f:78:
22:c6:12:5d:4e:41:61:87:1c:d4:2b:8e:67:d5:e2:
d1:98:4e:3e:c9:a5:ac:6b:31:43:bf:85:d8:55:c6:
62:f2:39:7d:ce:94:cf:3d:61:8d:45:d0:1a:2c:96:
dc:cd:dd:e2:49:fd:16:1c:ce:f2:ba:9e:1e:eb:d9:
2d:60:9c:fa:a9:49:e4:21:c1:6f:99:f4:12:d4:be:
70:32:d1:53:75:be:26:b2:70:17:0c:f3:16:06:ec:
fc:4f:a1:c7:b8:d6:06:c9:66:f1:df:2f:ee:d6:2d:
ab:f6:66:26:7b:92:ae:6c:a8:1d:df:2f:47:5e:05:
51:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:64:C4:BB:99:D0:E8:54:13:D8:2D:6C:06:A1:2F:90:25:08:B3:F0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IGTEu5nQ6FQT2C1sBqEvkCUIs_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:d0:29:c8:88:63:8f:72:ba:9e:1c:ee:ab:08:4e:12:58:f7:
d2:5f:00:f1:0a:c9:43:03:62:65:ba:e5:bf:17:76:39:d3:5d:
a1:ec:89:37:1b:17:dd:59:ff:c3:ff:8c:fd:79:44:cb:81:92:
e1:71:85:e4:a3:d6:c7:6a:a1:28:72:d7:76:68:d3:1c:e4:f5:
96:ba:1e:ae:55:4b:73:25:77:55:b8:bb:51:e2:b6:2c:27:31:
24:1c:5a:1a:78:25:ef:80:1f:45:bd:0c:2d:3e:12:01:36:fa:
6a:b2:e2:f5:62:11:33:35:40:62:30:14:2c:26:a5:e1:39:fa:
93:f8:98:68:ac:25:00:2d:a3:f0:3c:a2:73:80:55:59:2b:25:
50:fd:db:d1:5e:67:d6:74:a8:11:30:aa:ed:e7:a7:ca:d7:ff:
e5:38:fe:ad:cf:e8:24:9e:6a:5d:10:5e:c4:a0:11:25:93:7b:
07:bb:52:96:e2:ae:9d:5c:ca:5b:34:87:b2:1f:1d:f5:f4:a0:
0b:95:36:60:fe:f9:c8:cc:99:2b:7d:98:dc:66:98:0a:b6:ce:
43:a1:d2:3b:5c:46:13:a0:05:75:5f:af:bf:2f:1c:9c:bf:ca:
52:15:85:2c:44:8b:d4:e2:01:1e:8f:6d:d8:ef:01:5d:1a:45:
97:bb:cb:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt9uUYBdgCxogmHC28AKrVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MjMxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY0YzRiYjk5ZDBlODU0MTNkODJkNmMwNmExMmY5MDI1MDhiM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTvv2D/5eQtzmKL9EtxK6RRWnsoT
2FXUbMcxUYEniqvzJf5emceIsyKIkk5Mzz01P6uzSDrSPwA/t4wAvbFRrq4X3ocD
hlGmVc5o9nCxMn+GmkAFTPOqwHt6hefLkLpJtabIPaXLn4JaQHqrTqx/Knlxnv5x
Ta+MxN4BXZ1I4ZsOH6DUf3gixhJdTkFhhxzUK45n1eLRmE4+yaWsazFDv4XYVcZi
8jl9zpTPPWGNRdAaLJbczd3iSf0WHM7yup4e69ktYJz6qUnkIcFvmfQS1L5wMtFT
db4msnAXDPMWBuz8T6HHuNYGyWbx3y/u1i2r9mYme5KubKgd3y9HXgVRdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCBkxLuZ0OhUE9gtbAahL5AlCLPwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSUdURXU1blE2RlFUMkMxc0JxRXZrQ1VJc19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3QKciIY49yup4c7qsI
ThJY99JfAPEKyUMDYmW65b8XdjnTXaHsiTcbF91Z/8P/jP15RMuBkuFxheSj1sdq
oShy13Zo0xzk9Za6Hq5VS3Mld1W4u1HitiwnMSQcWhp4Je+AH0W9DC0+EgE2+mqy
4vViETM1QGIwFCwmpeE5+pP4mGisJQAto/A8onOAVVkrJVD929FeZ9Z0qBEwqu3n
p8rX/+U4/q3P6CSeal0QXsSgESWTewe7Upbirp1cyls0h7IfHfX0oAuVNmD++cjM
mSt9mNxmmAq2zkOh0jtcRhOgBXVfr78vHJy/ylIVhSxEi9TiAR6PbdjvAV0aRZe7
y4U=
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:12:21 2025 by rpki-client