Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IJBwJ206jNeIO2QeaeK6RbQusXw.roa
File: IJBwJ206jNeIO2QeaeK6RbQusXw.roa (raw, json)
Hash identifier: ri0MSeRvIPHOSqzNRMhItAbwA3Xyf9Oih8U0HJBNgfQ=
Subject key identifier: 20:90:70:27:6D:3A:8C:D7:88:3B:64:1E:69:E2:BA:45:B4:2E:B1:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B98C2A888F21F2BD3B29B41DB91174FDC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IJBwJ206jNeIO2QeaeK6RbQusXw.roa
Signing time: Sat 04 Nov 2023 05:16:15 +0000
ROA not before: Sat 04 Nov 2023 05:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:98:c2:a8:88:f2:1f:2b:d3:b2:9b:41:db:91:17:4f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 05:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=209070276d3a8cd7883b641e69e2ba45b42eb17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a6:88:b5:19:f3:ed:0f:f5:9e:91:ed:ee:95:
a4:7d:f6:19:62:e6:f3:f3:87:66:6e:41:a2:e5:8f:
af:8f:2d:37:a5:82:c9:ac:4f:b6:a1:66:6a:45:11:
95:d8:cd:eb:7f:9c:6f:77:94:57:72:b7:f2:84:ca:
b1:94:90:3b:43:19:46:9d:ce:68:7d:b6:3e:95:0a:
d5:07:35:8a:52:c1:5b:74:5f:fe:73:29:e0:48:08:
e7:3b:ae:07:9c:41:64:f0:de:fc:64:c9:81:33:5d:
55:cb:bc:cc:44:4f:23:94:2c:3a:88:1b:b3:e6:0e:
fe:0a:24:56:c4:88:dc:9d:45:ac:99:de:35:c1:b7:
2e:48:fc:9c:de:81:90:7c:c3:82:fd:bd:92:09:44:
9b:e3:69:b8:de:06:74:9b:c4:f0:ef:a5:d0:1b:39:
1d:16:d7:60:1b:80:e1:51:cd:2a:0c:79:92:be:99:
ef:5f:c8:66:f7:28:26:d0:9b:b6:5a:62:6a:77:eb:
77:25:95:d7:ca:6f:0f:ff:ee:43:ef:d6:83:3a:c7:
6a:ed:c4:c0:79:85:fa:c7:10:22:54:c8:f2:89:e5:
96:01:0e:9f:86:43:b6:6f:81:3d:2d:bd:58:30:05:
af:94:f3:a7:db:91:3b:60:41:4f:9e:b1:37:fb:76:
1c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:90:70:27:6D:3A:8C:D7:88:3B:64:1E:69:E2:BA:45:B4:2E:B1:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IJBwJ206jNeIO2QeaeK6RbQusXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:3a:b1:f9:77:41:8d:d0:96:df:a4:72:cd:35:0e:f4:c9:6b:
8e:16:38:7b:6c:f4:af:8b:bb:8e:1f:0e:1e:a3:69:19:19:55:
d3:b4:4c:64:af:15:b4:fb:9a:8f:fd:2b:b1:a4:74:51:d7:ce:
7e:53:d8:93:8c:64:11:24:c7:77:a8:bf:b1:95:c1:fb:49:5f:
7f:04:ab:05:8d:28:d4:fe:2e:f5:6a:2d:37:78:7b:18:8e:b1:
2f:f2:38:d1:fa:bf:0d:3e:87:b8:fa:8a:31:2a:69:18:09:86:
bb:c9:d0:9d:03:af:2a:7c:0f:a4:f2:35:1d:39:fb:21:ee:bc:
07:4a:82:28:04:d2:38:08:93:97:9d:63:0e:6e:83:8b:ab:59:
6b:1c:82:16:e0:83:59:26:93:c0:2d:a6:0c:bc:53:ee:6e:17:
7d:7a:d9:8f:a2:84:83:2d:4a:74:1f:ad:27:08:f4:05:22:8f:
2b:0f:a3:ec:95:a8:15:7d:47:f6:eb:97:8f:f6:19:33:e7:d5:
70:2f:d8:6a:9e:46:5c:b0:f4:2b:7e:90:e3:32:f2:3c:66:a9:
2e:51:7c:93:e4:6a:e8:2e:c3:ad:3d:2e:17:47:28:ce:4b:65:
e5:2f:97:c1:70:de:22:00:6d:7f:b4:09:ec:b1:df:97:2c:c2:
a0:2b:d5:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuYwqiI8h8r07KbQduRF0/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MDUxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDkwNzAyNzZkM2E4Y2Q3ODgzYjY0MWU2OWUyYmE0NWI0MmViMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaaItRnz7Q/1npHt7pWkffYZYubz
84dmbkGi5Y+vjy03pYLJrE+2oWZqRRGV2M3rf5xvd5RXcrfyhMqxlJA7QxlGnc5o
fbY+lQrVBzWKUsFbdF/+cyngSAjnO64HnEFk8N78ZMmBM11Vy7zMRE8jlCw6iBuz
5g7+CiRWxIjcnUWsmd41wbcuSPyc3oGQfMOC/b2SCUSb42m43gZ0m8Tw76XQGzkd
FtdgG4DhUc0qDHmSvpnvX8hm9ygm0Ju2WmJqd+t3JZXXym8P/+5D79aDOsdq7cTA
eYX6xxAiVMjyieWWAQ6fhkO2b4E9Lb1YMAWvlPOn25E7YEFPnrE3+3YcawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCCQcCdtOozXiDtkHmniukW0LrF8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSUpCd0oyMDZqTmVJTzJRZWFlSzZSYlF1c1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKE6sfl3QY3Qlt+kcs01
DvTJa44WOHts9K+Lu44fDh6jaRkZVdO0TGSvFbT7mo/9K7GkdFHXzn5T2JOMZBEk
x3eov7GVwftJX38EqwWNKNT+LvVqLTd4exiOsS/yONH6vw0+h7j6ijEqaRgJhrvJ
0J0Dryp8D6TyNR05+yHuvAdKgigE0jgIk5edYw5ug4urWWscghbgg1kmk8Atpgy8
U+5uF3162Y+ihIMtSnQfrScI9AUijysPo+yVqBV9R/brl4/2GTPn1XAv2GqeRlyw
9Ct+kOMy8jxmqS5RfJPkauguw609LhdHKM5LZeUvl8Fw3iIAbX+0Ceyx35cswqAr
1cA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:58:28 2025 by rpki-client