Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_ibjOthDeRJuzXPJpGLjbZAGyxA.roa
File: _ibjOthDeRJuzXPJpGLjbZAGyxA.roa (raw, json)
Hash identifier: PkM+zgg4c+wXIXMxShIptl0FPrBiPvWiUHmmMcuntpk=
Subject key identifier: FE:26:E3:3A:D8:43:79:12:6E:CD:73:C9:A4:62:E3:6D:90:06:CB:10
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C66864AA7CDAD4C9A636CBAB4F70E68DA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_ibjOthDeRJuzXPJpGLjbZAGyxA.roa
Signing time: Thu 14 Dec 2023 04:12:06 +0000
ROA not before: Thu 14 Dec 2023 04:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:66:86:4a:a7:cd:ad:4c:9a:63:6c:ba:b4:f7:0e:68:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 04:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe26e33ad84379126ecd73c9a462e36d9006cb10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9e:d3:45:ba:e7:33:76:36:61:53:c2:7c:4b:
ea:c2:b2:de:1b:19:23:03:8f:a5:1a:8e:ab:8e:5f:
89:d7:91:ac:70:66:42:f8:ea:d3:99:a4:0f:66:e5:
72:0d:eb:41:e3:0c:0d:55:dd:93:2a:b6:c7:c5:b8:
31:a8:54:63:c9:d0:82:e2:ac:1f:aa:bd:3b:cd:3b:
1a:e3:24:ee:d8:72:5d:9c:c2:c8:cf:3d:04:a6:8d:
99:95:39:ae:14:81:5a:05:f0:4d:e0:06:9b:b8:3c:
92:46:8a:f9:c9:b8:1a:46:ac:30:d2:c0:f9:4d:0b:
0f:b9:29:3d:47:c6:93:54:e0:27:4a:a7:23:eb:0b:
43:b7:7d:9e:94:c1:0f:ac:31:a6:09:c3:15:a8:70:
fe:d1:92:fa:a7:aa:b1:8b:3e:5d:83:8c:f7:c2:27:
94:9a:0e:e9:34:99:ce:d6:07:f4:5c:eb:89:4e:ff:
8e:5b:55:73:69:95:38:36:f0:8b:34:89:30:39:03:
12:61:f5:56:d8:fd:48:88:6f:8b:81:ba:66:b6:76:
0c:23:6d:85:dc:25:e0:4d:7f:d0:0c:c6:7f:6b:5c:
ad:fa:e0:8c:f5:90:89:48:0e:8b:a1:59:db:a0:86:
d0:9d:2f:88:96:64:15:75:da:5b:ff:d6:a6:7d:0e:
9f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:26:E3:3A:D8:43:79:12:6E:CD:73:C9:A4:62:E3:6D:90:06:CB:10
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_ibjOthDeRJuzXPJpGLjbZAGyxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:4f:34:cc:37:7d:d0:88:4c:6a:76:10:38:9b:14:da:f2:3f:
ab:82:c5:33:c7:00:a0:a6:34:27:94:a7:12:b0:cb:38:82:79:
9b:de:a8:41:95:8f:16:aa:78:fa:c1:92:f9:65:e9:a8:8f:55:
d0:b4:ef:90:c8:9b:4e:61:a3:44:35:4c:e9:46:1c:6d:36:56:
b4:c5:65:87:03:93:56:27:a2:b4:f7:70:26:73:01:a8:95:9f:
85:3e:9c:d1:80:4e:10:d1:7d:d4:68:fb:43:cd:8d:85:79:8d:
af:cc:2f:e5:7c:68:8a:95:46:67:1c:cc:c4:3f:1d:b1:24:9c:
33:5a:15:49:16:c8:d8:92:de:6e:5b:f3:97:3a:5e:12:a7:26:
90:e6:e5:af:33:e1:41:06:9a:95:44:36:87:59:7d:fe:db:13:
fb:6b:c8:7a:51:33:a1:ac:5d:2c:d8:7e:f9:d0:15:32:b1:ef:
bb:b0:dc:3c:50:87:c5:3d:35:70:fd:af:cf:db:10:c2:0f:cd:
d7:75:71:39:1a:5a:49:9c:60:e2:2f:7e:0c:97:77:0f:d7:49:
52:50:0c:c2:1b:e7:ab:7c:0f:13:22:85:30:c1:32:29:dc:2b:
48:44:ce:35:4d:58:79:a4:2c:b6:b2:0e:ed:05:f4:ae:c0:e3:
8d:63:85:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxmhkqnza1MmmNsurT3DmjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MDQxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTI2ZTMzYWQ4NDM3OTEyNmVjZDczYzlhNDYyZTM2ZDkwMDZjYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp7TRbrnM3Y2YVPCfEvqwrLeGxkj
A4+lGo6rjl+J15GscGZC+OrTmaQPZuVyDetB4wwNVd2TKrbHxbgxqFRjydCC4qwf
qr07zTsa4yTu2HJdnMLIzz0Epo2ZlTmuFIFaBfBN4AabuDySRor5ybgaRqww0sD5
TQsPuSk9R8aTVOAnSqcj6wtDt32elMEPrDGmCcMVqHD+0ZL6p6qxiz5dg4z3wieU
mg7pNJnO1gf0XOuJTv+OW1VzaZU4NvCLNIkwOQMSYfVW2P1IiG+LgbpmtnYMI22F
3CXgTX/QDMZ/a1yt+uCM9ZCJSA6LoVnboIbQnS+IlmQVddpb/9amfQ6fbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP4m4zrYQ3kSbs1zyaRi422QBssQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX2liak90aERlUkp1elhQSnBHTGpiWkFHeXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJFPNMw3fdCITGp2EDib
FNryP6uCxTPHAKCmNCeUpxKwyziCeZveqEGVjxaqePrBkvll6aiPVdC075DIm05h
o0Q1TOlGHG02VrTFZYcDk1YnorT3cCZzAaiVn4U+nNGAThDRfdRo+0PNjYV5ja/M
L+V8aIqVRmcczMQ/HbEknDNaFUkWyNiS3m5b85c6XhKnJpDm5a8z4UEGmpVENodZ
ff7bE/tryHpRM6GsXSzYfvnQFTKx77uw3DxQh8U9NXD9r8/bEMIPzdd1cTkaWkmc
YOIvfgyXdw/XSVJQDMIb56t8DxMihTDBMincK0hEzjVNWHmkLLayDu0F9K7A441j
hd4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:06 2025 by rpki-client