Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iCpg097lX5GkcNZEvrT4MZVd1TQ.roa
File: iCpg097lX5GkcNZEvrT4MZVd1TQ.roa (raw, json)
Hash identifier: bVB5jHVwZJlagvM3vqG9u4D1N3yhzL03xRRJMH6Y2A0=
Subject key identifier: 88:2A:60:D3:DE:E5:5F:91:A4:70:D6:44:BE:B4:F8:31:95:5D:D5:34
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B58CC2C71FD9E35A46D92D757FE6838E8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iCpg097lX5GkcNZEvrT4MZVd1TQ.roa
Signing time: Sun 22 Oct 2023 19:10:57 +0000
ROA not before: Sun 22 Oct 2023 19:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:58c6:2abb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:58:cc:2c:71:fd:9e:35:a4:6d:92:d7:57:fe:68:38:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 19:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=882a60d3dee55f91a470d644beb4f831955dd534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:33:d5:62:90:11:ee:16:8c:c0:0f:77:d8:af:
92:04:ce:53:30:cb:fa:65:12:2f:f8:35:08:91:00:
d5:31:79:30:b6:f9:05:86:56:73:ac:b4:eb:16:aa:
c1:4e:0b:41:de:32:17:c2:75:83:b9:0b:3b:60:85:
12:c9:df:27:4b:86:4c:33:8e:f4:6b:5a:ee:19:bf:
8b:49:e1:b3:cb:23:f3:96:fa:f8:84:60:ff:b6:1f:
cc:fb:5a:98:45:20:a5:9e:10:c9:7e:75:d8:95:94:
a3:59:7c:90:7b:15:42:d7:88:3f:2b:7c:8c:1a:27:
66:81:05:02:18:ef:92:c1:0d:61:5e:7c:47:20:b2:
d6:7b:58:87:2f:e4:bc:cd:99:79:5a:6b:89:f7:2a:
4e:be:6f:34:90:4a:31:78:87:c5:b0:58:a8:25:ce:
75:9e:b2:90:94:3f:d0:db:fc:9d:5a:23:b4:8c:85:
9a:e4:20:ad:b6:a8:68:0c:20:51:28:50:56:49:b7:
e2:8f:39:35:ce:0d:3d:05:b4:85:c1:34:61:0a:66:
82:53:6a:94:79:f8:d4:4a:99:17:0d:a0:61:8d:10:
92:2c:17:0c:c5:6a:67:04:87:19:4e:3d:98:66:e7:
bd:bb:36:6b:f0:53:13:ac:dd:23:38:e1:13:4d:54:
59:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2A:60:D3:DE:E5:5F:91:A4:70:D6:44:BE:B4:F8:31:95:5D:D5:34
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iCpg097lX5GkcNZEvrT4MZVd1TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:4c:84:b7:94:05:99:5c:35:d6:98:a5:32:ed:b9:72:05:8e:
eb:3d:c1:76:9a:41:69:98:4b:09:b9:3c:61:57:4c:df:66:b4:
02:09:81:1f:61:33:51:27:ae:90:a1:7f:53:05:ed:ba:34:f4:
c2:1d:5c:1c:89:09:8f:74:10:10:d3:fb:ce:d3:a0:87:af:57:
49:79:f8:62:19:58:b6:47:3a:07:3e:98:e7:ae:2e:38:ba:02:
a3:12:73:e4:bf:ca:11:0c:c0:5c:13:73:f9:8f:4a:4a:87:b7:
d0:a1:2d:22:f7:cf:7f:68:37:d3:4e:c9:ca:99:3d:a6:fc:42:
85:fc:0d:02:af:3b:28:60:c7:bc:c7:27:b0:b5:5c:c1:e7:3c:
aa:c8:0c:27:4c:8e:74:9e:ff:a5:92:45:b8:0c:53:e7:3d:c4:
62:8d:e4:2a:aa:3b:a5:22:df:47:94:c9:7b:0b:10:db:e5:36:
be:15:9d:1d:15:28:38:6a:f6:96:59:be:05:52:84:9c:62:62:
f0:a5:19:75:bb:1b:65:c1:cd:7a:1f:5f:98:d6:61:98:cc:e2:
eb:ba:0d:38:3c:f2:84:80:7b:b1:e1:33:58:22:56:9d:3a:af:
d8:c0:3e:2d:4a:d9:8f:41:0e:fe:df:d4:38:d8:8d:cc:f3:37:
96:e3:2c:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtYzCxx/Z41pG2S11f+aDjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMTkxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJhNjBkM2RlZTU1ZjkxYTQ3MGQ2NDRiZWI0ZjgzMTk1NWRkNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjPVYpAR7haMwA932K+SBM5TMMv6
ZRIv+DUIkQDVMXkwtvkFhlZzrLTrFqrBTgtB3jIXwnWDuQs7YIUSyd8nS4ZMM470
a1ruGb+LSeGzyyPzlvr4hGD/th/M+1qYRSClnhDJfnXYlZSjWXyQexVC14g/K3yM
GidmgQUCGO+SwQ1hXnxHILLWe1iHL+S8zZl5WmuJ9ypOvm80kEoxeIfFsFioJc51
nrKQlD/Q2/ydWiO0jIWa5CCttqhoDCBRKFBWSbfijzk1zg09BbSFwTRhCmaCU2qU
efjUSpkXDaBhjRCSLBcMxWpnBIcZTj2YZue9uzZr8FMTrN0jOOETTVRZJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIgqYNPe5V+RpHDWRL60+DGVXdU0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaUNwZzA5N2xYNUdrY05aRXZyVDRNWlZkMVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHhMhLeUBZlcNdaYpTLt
uXIFjus9wXaaQWmYSwm5PGFXTN9mtAIJgR9hM1EnrpChf1MF7bo09MIdXByJCY90
EBDT+87ToIevV0l5+GIZWLZHOgc+mOeuLji6AqMSc+S/yhEMwFwTc/mPSkqHt9Ch
LSL3z39oN9NOycqZPab8QoX8DQKvOyhgx7zHJ7C1XMHnPKrIDCdMjnSe/6WSRbgM
U+c9xGKN5CqqO6Ui30eUyXsLENvlNr4VnR0VKDhq9pZZvgVShJxiYvClGXW7G2XB
zXofX5jWYZjM4uu6DTg88oSAe7HhM1giVp06r9jAPi1K2Y9BDv7f1DjYjczzN5bj
LPA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:02 2025 by rpki-client