Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iehbETzWuxrbOamJwK_qK5DWPSE.roa
File: iehbETzWuxrbOamJwK_qK5DWPSE.roa (raw, json)
Hash identifier: 5aQwx4T4NCB/LsBwgKF4G5/EtfEPsrvPaFGCSq81/zE=
Subject key identifier: 89:E8:5B:11:3C:D6:BB:1A:DB:39:A9:89:C0:AF:EA:2B:90:D6:3D:21
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB9C94523B61DB1256066D0A1554D9214
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iehbETzWuxrbOamJwK_qK5DWPSE.roa
Signing time: Fri 10 Nov 2023 15:10:57 +0000
ROA not before: Fri 10 Nov 2023 15:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:c9:45:23:b6:1d:b1:25:60:66:d0:a1:55:4d:92:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 15:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89e85b113cd6bb1adb39a989c0afea2b90d63d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fa:c6:1b:81:2d:e3:83:e7:b4:a7:a4:5a:67:
8d:0f:f8:11:3c:b6:0c:11:54:d6:7a:1f:e4:55:1f:
ee:aa:c3:b7:80:ba:46:a7:df:06:b9:57:3d:c7:93:
68:f0:1f:47:11:ac:8d:81:2c:b3:c1:ac:dc:bf:a8:
d4:83:c0:63:c1:5d:80:ef:aa:32:ee:8c:51:5d:66:
47:53:5a:18:ca:90:97:f8:67:fb:6f:e3:64:7f:a4:
f6:b4:08:be:34:6e:47:f9:54:69:12:e5:81:e5:5f:
cb:96:f3:8e:7a:2d:72:0f:48:b0:76:cc:0f:c4:07:
b2:81:69:90:db:43:c0:0b:6a:6c:77:38:e8:9b:20:
12:8d:1f:7c:d1:fa:0e:3e:44:88:77:e5:5f:80:4e:
1f:2d:39:cd:da:c0:58:f7:b9:61:7f:60:00:6a:aa:
45:15:71:cf:cc:b1:60:65:60:ca:8c:e3:84:53:fc:
db:5c:49:c6:af:d0:93:b3:e2:4a:5d:f9:76:b3:02:
cf:1d:d0:c0:d9:66:26:85:1d:7f:f2:00:94:20:14:
86:a3:3e:d9:93:47:50:ad:56:8c:9c:ab:e8:86:1c:
8c:0e:6e:78:89:25:13:61:5a:46:9b:51:09:fe:82:
84:02:5c:86:c1:81:ac:2d:52:ae:5b:f4:9f:99:19:
07:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E8:5B:11:3C:D6:BB:1A:DB:39:A9:89:C0:AF:EA:2B:90:D6:3D:21
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iehbETzWuxrbOamJwK_qK5DWPSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:21:66:9c:74:d4:18:99:89:d0:01:1b:77:57:6e:7f:ac:22:
d1:e1:9d:10:cf:73:82:aa:f4:bb:5d:8d:f5:e3:e7:31:06:e3:
68:65:e3:53:bb:2a:ba:86:8f:a2:72:f0:b8:3b:75:ed:e1:e5:
4e:64:1a:84:a3:9c:b3:6f:6c:e3:9e:04:a2:b2:c1:a3:d2:56:
94:47:26:6e:1f:a8:a7:4a:74:83:10:54:d4:98:ee:91:35:39:
29:41:e4:f7:b1:30:fb:2b:39:fc:57:fd:ea:dd:ca:18:9c:36:
a9:be:60:5f:79:14:95:2b:ea:5c:e5:e4:13:c5:52:4f:12:0d:
6e:01:03:e4:c5:43:d6:96:e0:70:a5:f7:c2:15:9c:74:8b:fa:
63:d4:86:35:84:4a:69:e6:d8:df:67:d2:b0:0c:99:ed:7a:47:
b8:21:51:82:11:b5:3f:03:20:bc:47:23:74:b1:9c:35:3e:9c:
39:66:1f:71:16:15:64:e9:a9:f8:d7:d6:24:30:55:54:9b:4e:
c3:9a:32:19:50:53:fb:e0:4d:6a:04:1b:c7:2f:e6:93:16:a3:
8f:13:60:03:9f:9f:fb:14:0f:77:ce:ec:2e:ec:9f:a4:3f:3a:
95:9a:19:2d:58:28:67:fe:28:ba:62:34:7d:0f:7b:8f:a2:61:
76:7d:6f:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu5yUUjth2xJWBm0KFVTZIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMTUxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU4NWIxMTNjZDZiYjFhZGIzOWE5ODljMGFmZWEyYjkwZDYzZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPrGG4Et44PntKekWmeND/gRPLYM
EVTWeh/kVR/uqsO3gLpGp98GuVc9x5No8B9HEayNgSyzwazcv6jUg8BjwV2A76oy
7oxRXWZHU1oYypCX+Gf7b+Nkf6T2tAi+NG5H+VRpEuWB5V/LlvOOei1yD0iwdswP
xAeygWmQ20PAC2psdzjomyASjR980foOPkSId+VfgE4fLTnN2sBY97lhf2AAaqpF
FXHPzLFgZWDKjOOEU/zbXEnGr9CTs+JKXfl2swLPHdDA2WYmhR1/8gCUIBSGoz7Z
k0dQrVaMnKvohhyMDm54iSUTYVpGm1EJ/oKEAlyGwYGsLVKuW/SfmRkHPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFInoWxE81rsa2zmpicCv6iuQ1j0hMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaWVoYkVUeld1eHJiT2FtSndLX3FLNURXUFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHshZpx01BiZidABG3dX
bn+sItHhnRDPc4Kq9LtdjfXj5zEG42hl41O7KrqGj6Jy8Lg7de3h5U5kGoSjnLNv
bOOeBKKywaPSVpRHJm4fqKdKdIMQVNSY7pE1OSlB5PexMPsrOfxX/erdyhicNqm+
YF95FJUr6lzl5BPFUk8SDW4BA+TFQ9aW4HCl98IVnHSL+mPUhjWESmnm2N9n0rAM
me16R7ghUYIRtT8DILxHI3SxnDU+nDlmH3EWFWTpqfjX1iQwVVSbTsOaMhlQU/vg
TWoEG8cv5pMWo48TYAOfn/sUD3fO7C7sn6Q/OpWaGS1YKGf+KLpiNH0Pe4+iYXZ9
b8Q=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:00:13 2025 by rpki-client