Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ishL1HJ5EIpvbOr4qS_TK5F2C28.roa
File: ishL1HJ5EIpvbOr4qS_TK5F2C28.roa (raw, json)
Hash identifier: QEHc2TW6IS/i+6dV3yKXG1EZ3uvn574GOpn+QVBun10=
Subject key identifier: 8A:C8:4B:D4:72:79:10:8A:6F:6C:EA:F8:A9:2F:D3:2B:91:76:0B:6F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6798E7C9D5B9EB3647DDEC8B9ABE0DC8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ishL1HJ5EIpvbOr4qS_TK5F2C28.roa
Signing time: Wed 25 Oct 2023 16:09:15 +0000
ROA not before: Wed 25 Oct 2023 16:09:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:98:e7:c9:d5:b9:eb:36:47:dd:ec:8b:9a:be:0d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 25 16:09:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ac84bd47279108a6f6ceaf8a92fd32b91760b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3f:35:83:ad:87:b5:4b:fe:14:65:a8:d7:10:
88:7d:d2:59:f2:a8:c5:9f:49:f3:d6:3d:85:ee:98:
61:88:e1:ed:f9:29:66:d6:d1:fc:32:e5:bf:23:72:
48:33:8c:80:d5:4c:80:91:9b:f9:35:16:fd:76:7b:
67:65:52:4a:de:dc:92:17:50:b3:0c:1b:96:da:a4:
b1:e5:27:71:13:49:a3:69:4e:ed:9c:0d:b3:dd:26:
ef:86:cd:7f:07:81:79:1f:dd:69:1b:1b:84:5f:65:
46:24:71:29:26:4f:e4:83:fc:ea:37:72:eb:3f:4b:
3b:f7:f8:74:84:21:59:19:d2:c8:bc:e6:ba:b8:5f:
09:cd:41:0f:62:39:71:ac:88:85:9e:e1:82:12:b0:
74:62:89:94:78:d1:22:44:4d:0e:5f:01:7f:e7:fd:
52:49:1d:a4:9f:da:4b:1e:be:3a:8e:65:d6:45:e6:
c3:b5:5d:a9:9a:18:de:30:ee:19:0e:2e:b6:62:db:
9d:27:c8:88:74:28:2b:21:c8:cc:a5:0e:05:e9:8c:
d0:d9:46:79:c0:4d:d8:9d:b6:36:37:61:c2:c0:06:
21:49:d8:c5:50:1d:7b:d5:68:9e:70:1a:f1:d2:03:
15:58:80:e8:c8:8f:38:b4:87:1d:d9:50:a9:d2:ad:
94:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C8:4B:D4:72:79:10:8A:6F:6C:EA:F8:A9:2F:D3:2B:91:76:0B:6F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ishL1HJ5EIpvbOr4qS_TK5F2C28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:2b:18:a6:13:28:dc:12:bd:b9:c7:c5:10:68:dd:fd:e3:03:
4c:43:b0:a4:cd:ce:31:d2:c2:a3:b1:c5:f8:d2:59:4b:0d:4a:
6f:94:a7:ca:53:69:b0:00:ce:a5:2f:c1:1a:67:5e:88:f6:22:
6a:31:ce:3b:d6:79:0d:59:fa:54:db:5c:f5:72:35:6e:2a:9f:
f7:15:c7:e7:09:eb:3b:85:ba:4a:6e:41:b1:9b:58:a4:0a:8d:
b6:c6:01:d7:30:f9:0e:7d:09:9f:43:13:5c:8b:c7:d1:71:0d:
1f:53:c3:1a:ff:6d:1d:e2:20:13:26:4b:18:6b:39:5d:2c:8d:
7a:f8:2b:25:31:c5:c3:c3:af:4c:07:90:af:55:e9:5a:77:72:
79:b2:db:1d:0e:d5:2d:da:f0:9d:a5:e3:3f:48:54:d3:2b:7d:
d8:33:8d:7f:8a:4a:b4:89:37:f2:9b:3d:f7:73:84:a2:0f:30:
94:8b:b8:07:02:dc:60:d7:6f:09:af:b8:b8:25:d6:a1:f8:89:
5f:2c:39:11:cc:02:97:f9:0d:fc:5d:db:ec:58:c1:f5:26:49:
ed:07:2f:ba:a7:06:27:69:3e:b0:9c:93:92:dc:04:b7:f8:73:
65:17:2f:88:df:5c:d4:52:b6:7e:e4:3a:40:99:4a:51:24:2d:
1a:ff:84:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtnmOfJ1bnrNkfd7Iuavg3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI1MTYwOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWM4NGJkNDcyNzkxMDhhNmY2Y2VhZjhhOTJmZDMyYjkxNzYwYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz81g62HtUv+FGWo1xCIfdJZ8qjF
n0nz1j2F7phhiOHt+Slm1tH8MuW/I3JIM4yA1UyAkZv5NRb9dntnZVJK3tySF1Cz
DBuW2qSx5SdxE0mjaU7tnA2z3Sbvhs1/B4F5H91pGxuEX2VGJHEpJk/kg/zqN3Lr
P0s79/h0hCFZGdLIvOa6uF8JzUEPYjlxrIiFnuGCErB0YomUeNEiRE0OXwF/5/1S
SR2kn9pLHr46jmXWRebDtV2pmhjeMO4ZDi62YtudJ8iIdCgrIcjMpQ4F6YzQ2UZ5
wE3YnbY2N2HCwAYhSdjFUB171WiecBrx0gMVWIDoyI84tIcd2VCp0q2UwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrIS9RyeRCKb2zq+Kkv0yuRdgtvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaXNoTDFISjVFSXB2Yk9yNHFTX1RLNUYyQzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEsrGKYTKNwSvbnHxRBo
3f3jA0xDsKTNzjHSwqOxxfjSWUsNSm+Up8pTabAAzqUvwRpnXoj2ImoxzjvWeQ1Z
+lTbXPVyNW4qn/cVx+cJ6zuFukpuQbGbWKQKjbbGAdcw+Q59CZ9DE1yLx9FxDR9T
wxr/bR3iIBMmSxhrOV0sjXr4KyUxxcPDr0wHkK9V6Vp3cnmy2x0O1S3a8J2l4z9I
VNMrfdgzjX+KSrSJN/KbPfdzhKIPMJSLuAcC3GDXbwmvuLgl1qH4iV8sORHMApf5
Dfxd2+xYwfUmSe0HL7qnBidpPrCck5LcBLf4c2UXL4jfXNRStn7kOkCZSlEkLRr/
hHM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:17 2025 by rpki-client