Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IUKgQbXIGR_XA9K6lsq8YXH8nas.roa
File: IUKgQbXIGR_XA9K6lsq8YXH8nas.roa (raw, json)
Hash identifier: 2oTy/H/qbPWfIUMhl+I5OLy4jPecvsc6ZhHvKZFLZ7Q=
Subject key identifier: 21:42:A0:41:B5:C8:19:1F:D7:03:D2:BA:96:CA:BC:61:71:FC:9D:AB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B36411159C4687D9FF4E8C2D4C0FCACF0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IUKgQbXIGR_XA9K6lsq8YXH8nas.roa
Signing time: Mon 16 Oct 2023 02:11:55 +0000
ROA not before: Mon 16 Oct 2023 02:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:36:41:11:59:c4:68:7d:9f:f4:e8:c2:d4:c0:fc:ac:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 02:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2142a041b5c8191fd703d2ba96cabc6171fc9dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7e:bf:0a:e5:e7:99:cb:cf:77:df:90:4d:8b:
c5:99:d4:3f:db:5b:e4:83:34:ab:6f:5f:0d:dc:c8:
55:05:66:62:8b:28:22:6e:55:10:dc:46:14:f1:d0:
a6:92:37:2c:e5:fa:a5:7a:26:7f:8b:ac:83:93:36:
6b:37:56:08:9f:9c:20:ce:76:d5:4c:e1:bc:6e:88:
f9:cd:24:12:ff:c3:d9:f0:79:ad:ae:4e:6c:85:7d:
63:07:d7:06:ad:aa:f8:f3:e2:e0:c6:97:f1:84:99:
96:70:04:ec:4f:f3:94:c3:2c:70:d8:1e:de:17:15:
cc:8f:0d:ef:31:ed:3f:e6:b6:75:17:c7:4e:07:c3:
74:79:0f:2b:62:d8:0c:d7:37:78:5c:64:8a:2f:26:
12:19:b7:54:c6:da:84:2c:5d:cf:87:37:8e:e2:e8:
3e:43:51:ca:5d:c9:2d:a5:e4:85:fa:3f:45:9a:66:
a9:b5:ea:df:4e:c6:f9:d5:ea:eb:de:44:c7:3a:30:
60:ae:45:f3:90:5c:af:3b:a6:a7:a8:09:63:8b:57:
50:96:0f:ba:cd:da:7d:ee:1f:54:81:05:e9:4f:ed:
85:b2:7c:31:dc:b9:0e:cc:20:20:a1:bb:17:54:69:
e2:71:9f:97:fc:be:f6:06:8b:cf:ed:24:2e:4f:ca:
fb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:42:A0:41:B5:C8:19:1F:D7:03:D2:BA:96:CA:BC:61:71:FC:9D:AB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IUKgQbXIGR_XA9K6lsq8YXH8nas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:09:2d:85:81:bd:5a:d2:1a:53:45:da:65:e0:b6:70:a6:a6:
dd:33:b7:29:9a:d2:75:52:c2:ab:06:b2:6a:73:7f:e2:11:db:
72:d4:fa:95:04:2b:5c:cd:2a:35:eb:02:cc:78:c1:c8:03:6d:
91:0c:c7:79:bf:e6:88:e1:3e:16:4c:29:c3:4d:dd:0b:c1:c8:
40:a7:94:9b:df:91:bb:c3:0e:63:a9:7a:68:7b:57:e7:ec:5c:
2c:24:26:44:0a:56:f4:e3:93:8f:58:09:b2:28:96:90:07:20:
a5:44:b8:1c:4a:47:0a:31:96:1a:2d:20:0a:a7:ad:21:40:a3:
25:9d:5d:d5:bd:75:27:72:d0:75:70:6b:07:f6:42:47:ff:01:
73:dc:d5:83:6d:52:e1:d2:73:e1:56:12:8b:a9:65:4c:99:9e:
12:1a:92:a9:e1:0c:8d:c8:5d:9c:42:52:1d:9f:a5:80:43:c2:
e1:3c:ce:9e:95:72:b2:ee:fb:b6:43:83:e7:aa:b0:28:9f:dd:
d9:90:8b:f0:a8:2c:6b:66:31:33:ea:49:3f:3e:0e:3f:07:d2:
11:24:33:3f:01:d6:ee:23:f2:4e:97:ba:1a:b4:8a:88:0c:4c:
c5:85:6c:f1:1f:2d:c5:d2:a6:2d:4f:75:f8:57:18:64:50:b4:
4f:c4:76:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs2QRFZxGh9n/TowtTA/KzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MDIxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQyYTA0MWI1YzgxOTFmZDcwM2QyYmE5NmNhYmM2MTcxZmM5ZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln6/CuXnmcvPd9+QTYvFmdQ/21vk
gzSrb18N3MhVBWZiiygiblUQ3EYU8dCmkjcs5fqleiZ/i6yDkzZrN1YIn5wgznbV
TOG8boj5zSQS/8PZ8Hmtrk5shX1jB9cGrar48+LgxpfxhJmWcATsT/OUwyxw2B7e
FxXMjw3vMe0/5rZ1F8dOB8N0eQ8rYtgM1zd4XGSKLyYSGbdUxtqELF3PhzeO4ug+
Q1HKXcktpeSF+j9FmmapterfTsb51err3kTHOjBgrkXzkFyvO6anqAlji1dQlg+6
zdp97h9UgQXpT+2Fsnwx3LkOzCAgobsXVGnicZ+X/L72BovP7SQuT8r7XwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCFCoEG1yBkf1wPSupbKvGFx/J2rMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSVVLZ1FiWElHUl9YQTlLNmxzcThZWEg4bmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4JLYWBvVrSGlNF2mXg
tnCmpt0ztyma0nVSwqsGsmpzf+IR23LU+pUEK1zNKjXrAsx4wcgDbZEMx3m/5ojh
PhZMKcNN3QvByECnlJvfkbvDDmOpemh7V+fsXCwkJkQKVvTjk49YCbIolpAHIKVE
uBxKRwoxlhotIAqnrSFAoyWdXdW9dSdy0HVwawf2Qkf/AXPc1YNtUuHSc+FWEoup
ZUyZnhIakqnhDI3IXZxCUh2fpYBDwuE8zp6VcrLu+7ZDg+eqsCif3dmQi/CoLGtm
MTPqST8+Dj8H0hEkMz8B1u4j8k6Xuhq0iogMTMWFbPEfLcXSpi1PdfhXGGRQtE/E
dgg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:11:04 2025 by rpki-client