Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IzxngWm537XG-Ng5DdZIfd4jHBM.roa
File: IzxngWm537XG-Ng5DdZIfd4jHBM.roa (raw, json)
Hash identifier: r4ZDq/NA6ut718wbDIGXEoQuDYggd4io3vT90URns+g=
Subject key identifier: 23:3C:67:81:69:B9:DF:B5:C6:F8:D8:39:0D:D6:48:7D:DE:23:1C:13
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6F8FC9C977117AF6932C1E986C57A89D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IzxngWm537XG-Ng5DdZIfd4jHBM.roa
Signing time: Fri 27 Oct 2023 05:16:16 +0000
ROA not before: Fri 27 Oct 2023 05:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:8f:c9:c9:77:11:7a:f6:93:2c:1e:98:6c:57:a8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 05:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=233c678169b9dfb5c6f8d8390dd6487dde231c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:14:f2:86:f9:07:b6:0b:24:5e:43:ae:36:50:
bc:83:04:51:66:e1:9b:40:c4:13:77:31:49:cc:48:
14:b4:82:c7:74:7c:b4:08:3e:b7:1f:95:83:91:09:
34:91:76:59:21:9e:75:68:bf:6b:ea:31:56:a1:e9:
08:30:b8:93:03:2c:ff:5f:e7:de:ad:1c:7e:f2:7e:
b7:1f:45:13:27:fa:62:28:c0:e3:f8:8b:9c:27:bd:
7a:a7:b6:0f:65:7c:85:f2:c1:f6:21:24:a8:f8:87:
3a:87:1a:e2:04:e5:00:6f:b3:51:21:23:4d:be:5d:
00:fb:e1:f5:36:eb:eb:63:20:32:53:85:84:71:80:
8c:44:db:65:2e:21:b0:36:48:35:dd:bd:49:84:7c:
67:eb:39:80:ca:cb:40:54:e9:7f:8c:ec:05:81:31:
7c:79:9b:f5:ed:34:c7:bd:65:78:1b:41:ac:df:4b:
1d:7e:c9:21:32:0e:29:7f:90:be:f7:5c:c9:61:8c:
0e:38:7c:02:4f:11:21:42:b2:c6:4d:58:c6:cf:4d:
29:88:b1:df:dc:09:fc:0b:75:b9:8c:44:81:1d:4b:
5f:4d:51:e2:ea:db:52:b7:63:e0:50:7e:a2:41:9a:
cf:1b:17:cd:93:3c:9b:31:e3:3f:e0:a7:49:de:5b:
79:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3C:67:81:69:B9:DF:B5:C6:F8:D8:39:0D:D6:48:7D:DE:23:1C:13
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IzxngWm537XG-Ng5DdZIfd4jHBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:50:1a:3a:d8:45:cd:de:fb:f3:d9:8d:bd:92:e3:ed:57:eb:
a1:b7:63:90:f4:e6:48:46:45:ae:26:e7:f1:44:59:5e:8c:b8:
87:c6:05:73:c4:bd:bc:d5:9e:70:a0:5f:98:65:c5:22:c6:50:
9e:6f:f9:63:6a:08:cc:be:2b:bf:a4:90:c3:16:9b:64:a5:35:
fb:43:67:01:3c:01:1f:7e:16:48:17:28:11:48:fc:2f:42:90:
f5:22:2e:f0:cc:3a:de:ed:94:66:e9:1b:14:d3:65:4e:d6:88:
d9:74:67:f4:25:b5:55:3b:42:8b:22:e5:f4:b2:4c:74:83:b4:
b4:e6:f0:77:23:20:0a:0f:63:6d:b7:20:7a:58:8e:2d:9c:1b:
89:f7:18:d7:62:71:ee:59:0a:e7:b3:b1:12:63:8d:7a:be:35:
e0:cf:94:bc:86:1a:02:b6:b5:dd:d8:fb:0f:d4:80:7f:21:5c:
91:67:86:f6:ca:56:97:9c:cc:2f:f5:b7:81:ba:1a:bb:cd:08:
d3:c0:c5:44:0d:fb:d0:2d:a7:89:d3:5e:d9:23:a9:38:c2:f0:
ee:c2:3f:a3:7e:9e:2f:5c:de:01:1f:23:cd:e1:1e:55:81:1e:
c3:27:67:e1:6d:95:1e:aa:a3:ce:23:05:fb:bb:41:ab:38:22:
58:03:c7:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtvj8nJdxF69pMsHphsV6idMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MDUxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNjNjc4MTY5YjlkZmI1YzZmOGQ4MzkwZGQ2NDg3ZGRlMjMxYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hTyhvkHtgskXkOuNlC8gwRRZuGb
QMQTdzFJzEgUtILHdHy0CD63H5WDkQk0kXZZIZ51aL9r6jFWoekIMLiTAyz/X+fe
rRx+8n63H0UTJ/piKMDj+IucJ716p7YPZXyF8sH2ISSo+Ic6hxriBOUAb7NRISNN
vl0A++H1NuvrYyAyU4WEcYCMRNtlLiGwNkg13b1JhHxn6zmAystAVOl/jOwFgTF8
eZv17TTHvWV4G0Gs30sdfskhMg4pf5C+91zJYYwOOHwCTxEhQrLGTVjGz00piLHf
3An8C3W5jESBHUtfTVHi6ttSt2PgUH6iQZrPGxfNkzybMeM/4KdJ3lt5GwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCM8Z4Fpud+1xvjYOQ3WSH3eIxwTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSXp4bmdXbTUzN1hHLU5nNURkWklmZDRqSEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF9QGjrYRc3e+/PZjb2S
4+1X66G3Y5D05khGRa4m5/FEWV6MuIfGBXPEvbzVnnCgX5hlxSLGUJ5v+WNqCMy+
K7+kkMMWm2SlNftDZwE8AR9+FkgXKBFI/C9CkPUiLvDMOt7tlGbpGxTTZU7WiNl0
Z/QltVU7Qosi5fSyTHSDtLTm8HcjIAoPY223IHpYji2cG4n3GNdice5ZCuezsRJj
jXq+NeDPlLyGGgK2td3Y+w/UgH8hXJFnhvbKVpeczC/1t4G6GrvNCNPAxUQN+9At
p4nTXtkjqTjC8O7CP6N+ni9c3gEfI83hHlWBHsMnZ+FtlR6qo84jBfu7Qas4IlgD
x7g=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:24:23 2025 by rpki-client