Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Il7Mfc2h8WcKS2QX58hcb3RHlAY.roa
File: Il7Mfc2h8WcKS2QX58hcb3RHlAY.roa (raw, json)
Hash identifier: mn/EeMs3M6n5tamS7sKoAo8oaiZMzSP+jQj0NCJyBq8=
Subject key identifier: 22:5E:CC:7D:CD:A1:F1:67:0A:4B:64:17:E7:C8:5C:6F:74:47:94:06
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2661F5DA20C745F0048267179C9F728E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Il7Mfc2h8WcKS2QX58hcb3RHlAY.roa
Signing time: Fri 13 Oct 2023 00:13:56 +0000
ROA not before: Fri 13 Oct 2023 00:13:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:26:61:f5:da:20:c7:45:f0:04:82:67:17:9c:9f:72:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 00:13:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=225ecc7dcda1f1670a4b6417e7c85c6f74479406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3b:7f:1f:fe:53:23:d2:84:76:3c:88:c6:32:
5d:36:9b:39:86:98:06:5a:92:a3:7b:c0:20:fa:c5:
50:68:d1:36:2e:69:a2:3c:25:44:14:49:21:28:7f:
01:a6:3d:78:6c:04:63:24:c7:cf:83:dd:27:b2:78:
bc:a5:c3:e2:3e:f5:5a:18:eb:cd:ac:12:db:c1:b5:
ad:b0:0f:60:d2:e2:dc:e2:91:4d:fd:7c:10:4d:97:
9e:76:9a:8b:67:00:20:5a:85:61:a0:93:aa:ac:3a:
45:e1:b4:99:2e:a8:2a:6c:45:e9:30:35:20:a3:c1:
1b:b4:d1:39:21:9e:25:43:17:55:c5:2d:52:53:7e:
91:2a:8a:9b:ff:9b:74:e5:fb:a9:b5:97:2b:0a:c6:
ba:1a:cb:72:95:6e:62:79:8e:9f:6f:0a:ae:70:bb:
b1:7c:5d:64:d5:03:94:9b:b7:53:f1:8e:27:f4:41:
86:f1:11:65:a4:a5:39:56:c5:d6:38:37:3c:d4:56:
d9:bc:70:38:80:0c:62:2f:8d:2c:0c:96:34:4a:77:
2c:06:0c:f9:4b:27:53:a0:33:cf:25:10:b2:f5:53:
1c:e8:f6:95:26:d3:ce:a7:2c:6d:dd:01:54:35:f3:
dd:03:7f:03:db:03:a3:67:18:0e:9f:27:f8:3e:b0:
5b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5E:CC:7D:CD:A1:F1:67:0A:4B:64:17:E7:C8:5C:6F:74:47:94:06
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Il7Mfc2h8WcKS2QX58hcb3RHlAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:bb:0d:36:45:b4:cb:96:fd:3f:3b:da:99:1c:b1:8a:f6:53:
da:74:a9:b6:a2:99:0a:d2:fc:9a:b4:eb:e7:6c:5c:23:2a:29:
d3:9b:90:34:2b:5c:6a:6b:c9:dd:ad:98:b9:db:a7:60:ce:77:
fb:21:57:af:b6:f9:2d:25:e3:97:46:12:a6:3b:5a:79:4e:25:
5d:aa:13:fc:4b:6c:4a:cf:ba:64:78:57:50:3e:7b:a4:b9:2d:
51:b1:87:6d:0a:8d:10:21:06:aa:9c:9e:2b:77:69:d1:60:b0:
65:cd:b8:b0:12:74:d0:8b:6c:4a:36:88:84:4e:da:28:05:7f:
74:9b:f4:05:3d:4a:0c:ad:79:5b:ef:f5:ba:a4:d3:91:fd:07:
5a:58:a8:2e:55:f2:b8:ac:24:f3:7f:ca:31:01:fd:d7:42:d3:
3b:6c:93:ba:06:de:d6:9f:3b:9d:93:6c:22:4c:64:91:65:df:
2a:09:64:bd:b9:cc:e2:49:42:d6:3e:92:53:47:61:1a:af:73:
b7:bf:22:39:18:a1:65:66:05:0a:9e:6b:75:74:60:0c:80:00:
ca:75:06:5a:7a:86:99:6b:fd:d0:71:8b:f4:41:af:22:f3:0e:
6d:8f:1a:9f:46:38:85:5a:41:01:e3:56:d8:fd:ca:1f:1b:d0:
35:c3:42:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsmYfXaIMdF8ASCZxecn3KOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMDAxMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVlY2M3ZGNkYTFmMTY3MGE0YjY0MTdlN2M4NWM2Zjc0NDc5NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjt/H/5TI9KEdjyIxjJdNps5hpgG
WpKje8Ag+sVQaNE2LmmiPCVEFEkhKH8Bpj14bARjJMfPg90nsni8pcPiPvVaGOvN
rBLbwbWtsA9g0uLc4pFN/XwQTZeedpqLZwAgWoVhoJOqrDpF4bSZLqgqbEXpMDUg
o8EbtNE5IZ4lQxdVxS1SU36RKoqb/5t05fuptZcrCsa6GstylW5ieY6fbwqucLux
fF1k1QOUm7dT8Y4n9EGG8RFlpKU5VsXWODc81FbZvHA4gAxiL40sDJY0SncsBgz5
SydToDPPJRCy9VMc6PaVJtPOpyxt3QFUNfPdA38D2wOjZxgOnyf4PrBbEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCJezH3NofFnCktkF+fIXG90R5QGMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSWw3TWZjMmg4V2NLUzJRWDU4aGNiM1JIbEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABy7DTZFtMuW/T872pkc
sYr2U9p0qbaimQrS/Jq06+dsXCMqKdObkDQrXGpryd2tmLnbp2DOd/shV6+2+S0l
45dGEqY7WnlOJV2qE/xLbErPumR4V1A+e6S5LVGxh20KjRAhBqqcnit3adFgsGXN
uLASdNCLbEo2iIRO2igFf3Sb9AU9SgyteVvv9bqk05H9B1pYqC5V8risJPN/yjEB
/ddC0ztsk7oG3tafO52TbCJMZJFl3yoJZL25zOJJQtY+klNHYRqvc7e/IjkYoWVm
BQqea3V0YAyAAMp1Blp6hplr/dBxi/RBryLzDm2PGp9GOIVaQQHjVtj9yh8b0DXD
Qmw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:15:13 2025 by rpki-client