Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rIBFYL1n4_LkhMQnPPWaMCvX9Rg.roa
File: rIBFYL1n4_LkhMQnPPWaMCvX9Rg.roa (raw, json)
Hash identifier: L9aZXVH/h5qBZnOsbsLx2z1ohYPkS0XqZuPwDC4pVaA=
Subject key identifier: AC:80:45:60:BD:67:E3:F2:E4:84:C4:27:3C:F5:9A:30:2B:D7:F5:18
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7E57A8586D9CA30389414B1E00565479
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rIBFYL1n4_LkhMQnPPWaMCvX9Rg.roa
Signing time: Mon 30 Oct 2023 02:09:15 +0000
ROA not before: Mon 30 Oct 2023 02:09:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7e:57:a8:58:6d:9c:a3:03:89:41:4b:1e:00:56:54:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 30 02:09:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac804560bd67e3f2e484c4273cf59a302bd7f518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:73:bb:5e:e5:0f:2b:2f:35:0b:96:e5:fd:
c9:29:ff:1c:74:a1:14:9b:db:e3:10:0c:52:e1:13:
75:4a:5c:32:cb:58:17:74:0b:d0:3f:10:98:d2:a6:
42:c7:ac:e8:33:cb:97:36:63:83:7f:9d:11:da:b9:
9d:d9:a2:66:d5:ea:f5:29:a3:9e:bc:94:7f:6e:4f:
0f:91:96:21:d8:c6:a0:5f:4a:6d:f8:f9:8d:95:ed:
08:80:30:5f:bb:76:df:42:2e:fb:92:0e:a6:f0:d1:
a4:c3:c9:00:ec:5b:be:e7:cc:2d:27:03:d8:58:71:
54:f5:81:9d:bf:cf:de:82:48:bf:30:c0:8d:eb:e0:
6b:35:68:95:e7:3a:36:14:49:87:91:cf:d5:78:d2:
6d:e2:51:20:8e:b2:92:76:ab:f1:e2:41:6e:dc:5b:
40:73:c9:e3:b7:14:9d:ee:03:6e:6f:a3:19:0e:e3:
1d:fd:b9:2a:38:82:6a:0d:a3:60:80:73:a2:ed:a6:
09:1a:62:fa:79:09:11:4e:97:e3:59:59:58:ae:ec:
8b:a3:1a:26:15:93:10:c5:c7:6a:78:21:45:f5:15:
41:30:25:4a:80:f9:4c:5c:94:e0:f8:55:2e:37:d1:
d6:a8:4c:05:b1:18:87:b5:f1:1e:69:0f:b5:b3:67:
16:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:80:45:60:BD:67:E3:F2:E4:84:C4:27:3C:F5:9A:30:2B:D7:F5:18
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rIBFYL1n4_LkhMQnPPWaMCvX9Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:d2:c4:c9:39:b4:18:60:5d:68:54:2c:3f:ee:cc:9f:27:ce:
50:0e:ff:8f:b4:2f:cf:e9:6b:f1:b1:26:bb:d3:7a:76:69:c0:
b2:c5:c8:7e:5e:76:5f:24:d3:7c:58:9c:38:7a:e2:c3:d0:d7:
63:b9:a5:b6:f8:1d:77:f5:a2:43:18:ea:5a:65:c3:95:10:53:
52:2f:1f:33:85:90:f2:ae:df:f0:11:87:eb:c1:43:74:ad:89:
15:7f:65:97:33:00:1d:eb:5c:4c:dc:13:08:b9:70:82:ad:28:
46:ae:e9:ec:0b:68:9a:4b:a9:9e:ac:45:89:c0:f2:f3:cf:78:
e1:62:6f:79:e5:b2:08:eb:c7:67:0c:bc:70:12:1c:5d:e4:8d:
12:4c:22:1c:1d:e3:2f:0d:4f:54:e5:8f:e0:45:cd:d1:e4:c3:
ee:8c:c8:0a:52:63:9c:2a:1f:ab:82:33:70:a1:7d:ed:06:e0:
22:f2:3d:c4:d3:c7:88:fa:f4:b8:e3:aa:6f:b6:5a:24:73:43:
ae:fb:e2:c8:a3:59:eb:a0:56:42:9e:ce:71:40:bb:51:94:07:
ca:98:08:d2:da:ec:90:ee:f0:60:cb:9e:bd:65:57:88:0a:b0:
a4:36:10:53:56:79:e1:13:07:1e:5d:80:a8:de:45:fe:b5:01:
bd:05:17:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt+V6hYbZyjA4lBSx4AVlR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMwMDIwOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzgwNDU2MGJkNjdlM2YyZTQ4NGM0MjczY2Y1OWEzMDJiZDdmNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxNzu17lDysvNQuW5f3JKf8cdKEU
m9vjEAxS4RN1Slwyy1gXdAvQPxCY0qZCx6zoM8uXNmODf50R2rmd2aJm1er1KaOe
vJR/bk8PkZYh2MagX0pt+PmNle0IgDBfu3bfQi77kg6m8NGkw8kA7Fu+58wtJwPY
WHFU9YGdv8/egki/MMCN6+BrNWiV5zo2FEmHkc/VeNJt4lEgjrKSdqvx4kFu3FtA
c8njtxSd7gNub6MZDuMd/bkqOIJqDaNggHOi7aYJGmL6eQkRTpfjWVlYruyLoxom
FZMQxcdqeCFF9RVBMCVKgPlMXJTg+FUuN9HWqEwFsRiHtfEeaQ+1s2cWJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKyARWC9Z+Py5ITEJzz1mjAr1/UYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcklCRllMMW40X0xraE1RblBQV2FNQ3ZYOVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABfSxMk5tBhgXWhULD/u
zJ8nzlAO/4+0L8/pa/GxJrvTenZpwLLFyH5edl8k03xYnDh64sPQ12O5pbb4HXf1
okMY6lplw5UQU1IvHzOFkPKu3/ARh+vBQ3StiRV/ZZczAB3rXEzcEwi5cIKtKEau
6ewLaJpLqZ6sRYnA8vPPeOFib3nlsgjrx2cMvHASHF3kjRJMIhwd4y8NT1Tlj+BF
zdHkw+6MyApSY5wqH6uCM3Chfe0G4CLyPcTTx4j69Ljjqm+2WiRzQ6774sijWeug
VkKeznFAu1GUB8qYCNLa7JDu8GDLnr1lV4gKsKQ2EFNWeeETBx5dgKjeRf61Ab0F
F8M=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:35:27 2025 by rpki-client