Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IY7R077nRenzCfYukzcxSdYHkUU.roa
File: IY7R077nRenzCfYukzcxSdYHkUU.roa (raw, json)
Hash identifier: /MlB6zZt2thucmYdnL1sAH5LakPcQHSvhxzmNIHJEes=
Subject key identifier: 21:8E:D1:D3:BE:E7:45:E9:F3:09:F6:2E:93:37:31:49:D6:07:91:45
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6C8FA90719FEA6FE417E90CCAE6E1219
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IY7R077nRenzCfYukzcxSdYHkUU.roa
Signing time: Thu 26 Oct 2023 15:17:15 +0000
ROA not before: Thu 26 Oct 2023 15:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:8f:a9:07:19:fe:a6:fe:41:7e:90:cc:ae:6e:12:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 26 15:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=218ed1d3bee745e9f309f62e93373149d6079145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1e:d6:34:9b:b1:ec:5e:f2:64:67:d4:fa:1e:
77:22:b4:0f:6e:db:e5:06:18:d5:45:b6:68:fb:12:
0b:12:65:82:4f:c7:9e:3d:45:26:e5:2e:6e:3a:37:
80:5b:46:5c:0b:3e:f1:7c:8e:53:08:81:e2:95:38:
1a:d6:ee:6e:16:ea:9b:ef:48:db:da:09:a2:68:04:
8e:3b:3b:90:b1:de:31:79:7d:3f:ed:af:59:43:ed:
40:b1:32:36:7d:c7:08:7b:7d:9d:d0:47:de:20:d4:
70:d3:75:ce:02:04:02:96:0a:4a:05:0c:c3:84:71:
c7:f0:af:80:5b:a0:ce:56:e4:f6:b6:00:91:16:4e:
90:86:9c:7f:fc:5c:21:29:36:df:ae:cd:ca:38:e5:
a6:2f:5e:b3:65:21:64:13:5b:ff:30:a8:e2:a6:bc:
8e:88:2c:ff:2d:e3:33:b7:57:80:54:87:f9:b7:6a:
6a:b3:56:15:ce:41:a7:2a:87:4d:2b:4c:d3:fb:eb:
fd:0d:6f:3c:9b:90:17:71:25:c5:ee:66:ee:3a:c6:
64:f5:d1:93:e3:65:be:c2:27:39:d7:1b:cf:81:6c:
05:e2:bd:e4:01:d1:d2:7a:06:44:bb:1a:3a:c2:a7:
45:ab:46:00:bb:dd:6c:9c:3b:b4:8c:ee:4a:87:ce:
a6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8E:D1:D3:BE:E7:45:E9:F3:09:F6:2E:93:37:31:49:D6:07:91:45
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IY7R077nRenzCfYukzcxSdYHkUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:1e:4c:2a:52:bb:86:d9:eb:41:d7:c7:1c:82:26:6b:c7:cb:
d1:23:54:41:92:d7:e9:2c:b3:20:26:cd:e1:e5:d6:18:66:f3:
31:fa:2a:89:18:81:cc:98:6c:f4:cb:a3:a5:44:72:ff:a7:75:
09:33:c4:b1:90:99:5f:49:58:27:09:0e:f9:d5:7a:ce:82:c4:
c5:57:c5:7e:2c:1d:69:32:f2:e2:26:21:53:45:03:cd:ac:8e:
59:04:97:b2:3a:48:4c:4f:d9:75:bb:b3:b9:4a:33:81:65:ef:
c8:40:78:f5:89:70:4b:9d:a2:62:8d:cd:f6:12:76:66:b2:21:
59:07:3c:2d:7d:11:85:52:26:02:f9:98:7e:18:e1:b0:f4:b0:
dd:f4:11:bd:f8:f7:a2:8e:1c:86:8c:e8:8f:1a:65:56:18:03:
6a:fd:b7:43:81:79:ff:86:8d:f1:4c:b0:54:7d:ec:72:86:4d:
20:33:aa:74:99:22:85:93:ad:ab:48:b5:50:41:ee:97:64:9e:
4b:a1:31:61:bf:cf:5d:26:aa:88:30:60:f9:87:ef:34:26:93:
fb:36:6b:a4:22:4e:3c:f0:86:9e:09:1b:18:d7:24:94:48:14:
4c:ee:af:0b:ea:53:77:b1:04:15:01:08:f3:49:dc:c4:2a:54:
12:65:94:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtsj6kHGf6m/kF+kMyubhIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI2MTUxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThlZDFkM2JlZTc0NWU5ZjMwOWY2MmU5MzM3MzE0OWQ2MDc5MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR7WNJux7F7yZGfU+h53IrQPbtvl
BhjVRbZo+xILEmWCT8eePUUm5S5uOjeAW0ZcCz7xfI5TCIHilTga1u5uFuqb70jb
2gmiaASOOzuQsd4xeX0/7a9ZQ+1AsTI2fccIe32d0EfeINRw03XOAgQClgpKBQzD
hHHH8K+AW6DOVuT2tgCRFk6Qhpx//FwhKTbfrs3KOOWmL16zZSFkE1v/MKjipryO
iCz/LeMzt1eAVIf5t2pqs1YVzkGnKodNK0zT++v9DW88m5AXcSXF7mbuOsZk9dGT
42W+wic51xvPgWwF4r3kAdHSegZEuxo6wqdFq0YAu91snDu0jO5Kh86mbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCGO0dO+50Xp8wn2LpM3MUnWB5FFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSVk3UjA3N25SZW56Q2ZZdWt6Y3hTZFlIa1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEAeTCpSu4bZ60HXxxyC
JmvHy9EjVEGS1+kssyAmzeHl1hhm8zH6KokYgcyYbPTLo6VEcv+ndQkzxLGQmV9J
WCcJDvnVes6CxMVXxX4sHWky8uImIVNFA82sjlkEl7I6SExP2XW7s7lKM4Fl78hA
ePWJcEudomKNzfYSdmayIVkHPC19EYVSJgL5mH4Y4bD0sN30Eb3496KOHIaM6I8a
ZVYYA2r9t0OBef+GjfFMsFR97HKGTSAzqnSZIoWTratItVBB7pdknkuhMWG/z10m
qogwYPmH7zQmk/s2a6QiTjzwhp4JGxjXJJRIFEzurwvqU3exBBUBCPNJ3MQqVBJl
lFo=
-----END CERTIFICATE-----
Generated at Mon May 5 23:51:51 2025 by rpki-client