Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ibhtkSdZB885QCKkvEOu0z3546s.roa
File: ibhtkSdZB885QCKkvEOu0z3546s.roa (raw, json)
Hash identifier: cnT9nhDuEu/mku0E/U+g+SjGR4voUaEY7WOzc6Ghpmw=
Subject key identifier: 89:B8:6D:91:27:59:07:CF:39:40:22:A4:BC:43:AE:D3:3D:F9:E3:AB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5E96B2B2888E31B90BBEB69E1F85E660
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ibhtkSdZB885QCKkvEOu0z3546s.roa
Signing time: Mon 23 Oct 2023 22:10:16 +0000
ROA not before: Mon 23 Oct 2023 22:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5e:96:b2:b2:88:8e:31:b9:0b:be:b6:9e:1f:85:e6:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 23 22:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89b86d91275907cf394022a4bc43aed33df9e3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:46:a0:29:45:e3:b1:84:29:ce:a3:41:6f:
ee:08:8d:34:19:39:25:94:ed:a0:ce:22:1f:d1:dc:
de:9d:30:62:a8:0c:ed:9d:5e:ec:21:92:5e:5a:83:
89:8a:c9:81:39:39:cf:a7:b0:2e:a6:e1:f3:3f:29:
f1:2d:25:d1:8a:48:df:28:0c:96:01:3b:bd:79:4c:
63:ad:20:33:23:f6:11:87:f1:47:13:44:80:f0:fd:
a0:89:d3:25:2e:c5:41:15:a8:96:fe:fa:e3:08:08:
8f:eb:d3:85:c0:8d:45:a2:d5:a0:ba:bc:09:07:36:
ac:e7:5b:db:27:d7:8a:8a:47:7d:c3:83:21:9e:65:
6d:e6:b3:06:bc:0c:13:0a:06:0e:9a:ec:6c:11:b6:
00:d2:14:47:63:48:bc:68:be:7c:c2:70:6c:12:3e:
73:4e:62:cd:3d:b3:40:6c:3f:0f:b6:a6:70:68:81:
d9:98:3b:a5:0c:fc:71:41:9f:07:4a:3d:6a:95:3c:
b3:79:e7:03:30:db:c6:59:bb:22:69:c1:e4:54:b1:
f8:67:01:49:e7:dd:2b:06:c7:a2:5d:ae:c3:cb:ee:
9b:23:01:da:d6:8b:0e:37:82:10:d8:21:e1:1a:0a:
25:12:9c:b4:b9:f4:26:48:11:dd:ee:46:f0:8a:6e:
39:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B8:6D:91:27:59:07:CF:39:40:22:A4:BC:43:AE:D3:3D:F9:E3:AB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ibhtkSdZB885QCKkvEOu0z3546s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:f2:eb:5f:af:73:80:9a:2d:97:7a:7e:34:2a:3f:ca:e3:2a:
72:55:61:09:a3:3f:48:20:08:d8:35:f0:60:e3:59:dd:f4:05:
03:3f:40:20:39:80:59:fd:6b:fc:88:ee:21:44:66:e2:91:c8:
02:16:50:e6:98:e6:d4:9a:de:b9:d5:46:6f:a9:72:83:97:de:
30:ca:4c:84:6f:ee:32:f1:9a:76:34:27:5f:6e:5b:8e:04:ff:
eb:49:69:68:6c:f7:51:c8:3d:6c:34:bd:8d:25:d7:14:72:48:
fc:1c:dd:b1:5d:ec:e7:c4:62:59:f2:b6:50:6d:83:f3:6d:81:
0e:f7:43:e2:a9:8a:8b:ee:86:5e:67:35:b4:9a:a7:3d:0f:dc:
1d:ed:e0:5e:80:c3:67:92:b2:83:06:e6:c2:1c:c0:fd:48:ce:
0d:43:16:25:7e:95:fa:10:0c:d6:f4:91:47:91:9c:f1:7a:b9:
98:98:15:63:53:05:ac:ee:37:16:9e:16:25:94:fb:b4:05:fd:
c0:22:a8:06:8b:da:00:71:50:6d:99:23:af:c7:94:48:b4:3f:
37:b1:5e:9c:1f:44:78:56:1a:9d:ec:db:34:fc:de:ad:03:e3:
7b:f5:ec:6b:66:c8:81:51:3f:45:d9:35:98:d6:cd:c0:41:2c:
08:dc:fb:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtelrKyiI4xuQu+tp4fheZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIzMjIxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI4NmQ5MTI3NTkwN2NmMzk0MDIyYTRiYzQzYWVkMzNkZjllM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkJGoClF47GEKc6jQW/uCI00GTkl
lO2gziIf0dzenTBiqAztnV7sIZJeWoOJismBOTnPp7AupuHzPynxLSXRikjfKAyW
ATu9eUxjrSAzI/YRh/FHE0SA8P2gidMlLsVBFaiW/vrjCAiP69OFwI1FotWgurwJ
Bzas51vbJ9eKikd9w4MhnmVt5rMGvAwTCgYOmuxsEbYA0hRHY0i8aL58wnBsEj5z
TmLNPbNAbD8PtqZwaIHZmDulDPxxQZ8HSj1qlTyzeecDMNvGWbsiacHkVLH4ZwFJ
590rBseiXa7Dy+6bIwHa1osON4IQ2CHhGgolEpy0ufQmSBHd7kbwim45TQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIm4bZEnWQfPOUAipLxDrtM9+eOrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaWJodGtTZFpCODg1UUNLa3ZFT3UwejM1NDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHzy61+vc4CaLZd6fjQq
P8rjKnJVYQmjP0ggCNg18GDjWd30BQM/QCA5gFn9a/yI7iFEZuKRyAIWUOaY5tSa
3rnVRm+pcoOX3jDKTIRv7jLxmnY0J19uW44E/+tJaWhs91HIPWw0vY0l1xRySPwc
3bFd7OfEYlnytlBtg/NtgQ73Q+Kpiovuhl5nNbSapz0P3B3t4F6Aw2eSsoMG5sIc
wP1Izg1DFiV+lfoQDNb0kUeRnPF6uZiYFWNTBazuNxaeFiWU+7QF/cAiqAaL2gBx
UG2ZI6/HlEi0PzexXpwfRHhWGp3s2zT83q0D43v17GtmyIFRP0XZNZjWzcBBLAjc
+/g=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:41 2025 by rpki-client