Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iFF6FwHs_HIuJmg0j6JwayemU7o.roa
File: iFF6FwHs_HIuJmg0j6JwayemU7o.roa (raw, json)
Hash identifier: q0OD61azsVQbaSt94H8VxQTP5d7suXK8tATwmYH5DeI=
Subject key identifier: 88:51:7A:17:01:EC:FC:72:2E:26:68:34:8F:A2:70:6B:27:A6:53:BA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA830EFD255E8118D9A621047FCB4C1BE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iFF6FwHs_HIuJmg0j6JwayemU7o.roa
Signing time: Tue 07 Nov 2023 05:11:01 +0000
ROA not before: Tue 07 Nov 2023 05:11:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:30:ef:d2:55:e8:11:8d:9a:62:10:47:fc:b4:c1:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 05:11:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88517a1701ecfc722e2668348fa2706b27a653ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:d9:51:72:e6:8a:74:2a:0f:f8:76:e7:f9:
bd:ad:ca:c4:ec:4a:02:be:1f:3d:3d:94:66:cf:e7:
26:32:39:75:87:45:52:c6:97:af:34:7e:8f:5e:4a:
b2:db:68:4d:35:f7:12:61:d6:8e:46:09:5e:64:4e:
6d:c5:e7:13:55:e1:75:68:28:40:b6:a4:52:83:9f:
9e:fb:9b:89:ba:70:fe:66:62:26:14:e4:44:9b:62:
56:b9:20:a6:c6:a5:63:c7:a8:10:51:01:cd:b3:d6:
50:b7:c1:b7:c2:1a:99:e9:08:10:c4:42:f3:f3:5a:
e9:eb:2f:f7:b4:f1:4a:2d:51:54:a1:4f:d0:27:e6:
74:77:d7:d3:d4:7c:b1:90:d3:b6:c9:7f:a1:c3:88:
39:c5:cb:d3:36:e7:bb:ce:95:fb:ab:70:e2:3c:2a:
8d:c0:67:df:7a:1d:9f:d6:33:4c:37:9f:44:5a:02:
0a:35:0c:fb:2c:fc:f1:cb:d8:12:2e:3a:fc:b5:63:
ea:cc:4d:6e:8c:b7:d3:59:0e:1b:a6:43:54:ee:f5:
89:c0:bf:cf:0b:ce:1b:7b:f4:a5:39:f5:00:9e:cc:
a3:f2:b0:36:15:6d:8c:e1:e1:62:88:34:49:97:3d:
b0:89:7a:ca:ef:51:2f:97:a4:96:b6:ed:a9:c1:02:
af:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:51:7A:17:01:EC:FC:72:2E:26:68:34:8F:A2:70:6B:27:A6:53:BA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iFF6FwHs_HIuJmg0j6JwayemU7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:54:9d:de:a3:b3:e8:0c:36:01:51:4a:d8:57:ae:23:1d:16:
69:ce:32:c3:e4:a9:d4:6f:9b:b1:fd:46:40:fe:db:97:7c:dd:
a2:97:31:89:d0:1f:7c:f8:46:a6:2d:6d:df:bc:46:5b:96:bb:
01:7a:d7:e0:2c:78:9c:d3:ed:de:a1:88:a2:b2:b6:fb:cb:3b:
c8:2d:68:29:4f:68:c4:13:8c:f0:ad:14:9d:e2:14:39:35:dd:
7f:f9:58:86:fc:41:80:d2:b7:2d:69:c9:1b:6c:ef:65:04:6b:
96:4d:7a:d1:3c:a9:5c:06:82:1e:5f:58:a9:c6:f3:09:5a:4f:
73:3c:9d:34:31:14:e0:ff:f6:6d:4e:fc:08:e0:c4:e2:6e:7f:
ec:dd:ea:1e:a9:7a:11:00:28:bb:cf:f0:61:8b:76:05:57:77:
72:0d:9a:40:22:da:c3:5f:44:86:a4:43:21:3e:fe:e2:0c:17:
ad:e0:5e:7d:53:12:c4:9e:be:77:b5:26:08:b7:ac:af:ac:d4:
71:83:4c:27:05:48:96:dd:b1:d6:55:c6:70:e9:b7:d8:ab:1f:
01:94:ec:b7:05:8b:88:fa:9d:43:1f:3f:2d:1c:3e:3c:67:31:
85:e6:1c:ca:58:1b:db:29:31:3b:c2:d6:04:fc:a0:cf:0f:57:
a3:f9:46:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuoMO/SVegRjZpiEEf8tMG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MDUxMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODUxN2ExNzAxZWNmYzcyMmUyNjY4MzQ4ZmEyNzA2YjI3YTY1M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNrZUXLminQqD/h25/m9rcrE7EoC
vh89PZRmz+cmMjl1h0VSxpevNH6PXkqy22hNNfcSYdaORgleZE5txecTVeF1aChA
tqRSg5+e+5uJunD+ZmImFOREm2JWuSCmxqVjx6gQUQHNs9ZQt8G3whqZ6QgQxELz
81rp6y/3tPFKLVFUoU/QJ+Z0d9fT1HyxkNO2yX+hw4g5xcvTNue7zpX7q3DiPCqN
wGffeh2f1jNMN59EWgIKNQz7LPzxy9gSLjr8tWPqzE1ujLfTWQ4bpkNU7vWJwL/P
C84be/SlOfUAnsyj8rA2FW2M4eFiiDRJlz2wiXrK71Evl6SWtu2pwQKvbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhRehcB7PxyLiZoNI+icGsnplO6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaUZGNkZ3SHNfSEl1Sm1nMGo2SndheWVtVTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpUnd6js+gMNgFRSthX
riMdFmnOMsPkqdRvm7H9RkD+25d83aKXMYnQH3z4RqYtbd+8RluWuwF61+AseJzT
7d6hiKKytvvLO8gtaClPaMQTjPCtFJ3iFDk13X/5WIb8QYDSty1pyRts72UEa5ZN
etE8qVwGgh5fWKnG8wlaT3M8nTQxFOD/9m1O/AjgxOJuf+zd6h6pehEAKLvP8GGL
dgVXd3INmkAi2sNfRIakQyE+/uIMF63gXn1TEsSevne1Jgi3rK+s1HGDTCcFSJbd
sdZVxnDpt9irHwGU7LcFi4j6nUMfPy0cPjxnMYXmHMpYG9spMTvC1gT8oM8PV6P5
RvU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:15:51 2025 by rpki-client