Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iqbhum1YOU8CvzuIgbQlFKFouKs.roa
File: iqbhum1YOU8CvzuIgbQlFKFouKs.roa (raw, json)
Hash identifier: Nms+UkVXVMd1ryY1RCgRnzn9MnTNK/pTvPehThzr+uc=
Subject key identifier: 8A:A6:E1:BA:6D:58:39:4F:02:BF:3B:88:81:B4:25:14:A1:68:B8:AB
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A653B433AA05AFD533090EE6D80E99877
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iqbhum1YOU8CvzuIgbQlFKFouKs.roa
Signing time: Tue 05 Sep 2023 12:04:57 +0000
ROA not before: Tue 05 Sep 2023 12:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:653a:cf0b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:3b:43:3a:a0:5a:fd:53:30:90:ee:6d:80:e9:98:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 12:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aa6e1ba6d58394f02bf3b8881b42514a168b8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1b:e5:c8:8b:82:22:9b:7c:9f:32:f8:0a:d2:
4c:61:73:b1:ec:f1:6f:ae:05:20:21:66:fc:db:f1:
25:6e:ed:f5:56:21:5b:59:df:53:d2:36:8e:c7:ad:
aa:ea:9f:ce:d0:4f:2e:e4:95:44:35:60:df:1c:00:
b3:a7:c5:28:f1:1f:b3:3d:8e:78:38:a0:d0:53:35:
90:37:fa:55:cd:71:df:91:a3:92:b0:ab:4e:ce:60:
f6:c4:b9:b9:3f:4e:e9:43:62:82:c1:53:02:5e:2d:
b3:42:16:b3:12:e7:28:26:fd:8b:28:3b:c3:19:d2:
82:65:ae:ad:04:b3:b9:d2:25:2f:33:6e:e0:df:15:
60:df:90:78:9a:42:64:fb:1a:5f:10:55:40:d1:87:
61:8b:a5:26:f1:6d:b7:e1:f0:28:6f:cd:91:c5:f5:
31:d0:8f:3f:f3:9d:1c:de:24:a2:ab:a5:29:2d:7a:
3b:64:6b:2d:11:2a:7f:40:e0:b7:7e:fd:2a:d7:2f:
61:72:80:85:0e:85:b0:ac:f2:eb:2a:1b:17:be:1f:
17:0b:4d:5f:00:5f:db:cc:f8:ce:cd:2c:54:0d:37:
cf:d8:ea:e9:a5:d8:e6:7c:06:0c:01:bb:f3:48:c8:
32:80:c2:2b:97:37:b8:81:87:25:4b:5f:67:de:33:
ae:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A6:E1:BA:6D:58:39:4F:02:BF:3B:88:81:B4:25:14:A1:68:B8:AB
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iqbhum1YOU8CvzuIgbQlFKFouKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:ab:8e:78:75:07:41:32:14:da:25:38:3c:f1:88:a0:cc:57:
94:74:d2:86:f8:62:c3:ca:57:2f:39:02:a9:cd:98:bc:e3:08:
05:da:33:c0:a6:66:e1:07:dd:44:8f:26:4a:76:12:d3:09:58:
bb:3b:18:33:16:2b:63:1f:1e:58:45:72:71:8a:36:3b:d8:a4:
03:9e:da:10:00:36:19:cb:5f:9b:b4:43:03:7a:9a:64:1a:df:
b6:15:88:3c:62:6a:19:8b:3d:49:fe:ad:11:6d:7b:97:8c:34:
96:6a:a0:1d:86:bb:e3:a1:0f:ab:84:5e:c6:92:09:d0:00:d7:
cf:be:2a:f2:e2:de:fc:65:3f:21:26:e8:5f:d2:1d:fe:2a:35:
52:73:c4:0d:37:0c:ca:86:b3:cb:bf:aa:bc:91:d2:bc:bd:82:
78:40:7b:2c:90:56:cb:ac:a7:64:d1:09:a1:50:b2:f5:aa:0c:
b2:81:89:ea:32:14:22:94:88:ad:7d:e9:c7:b1:d0:76:4e:1f:
e1:b4:b8:c6:44:30:34:35:b7:5b:7a:5f:11:35:57:b0:7e:0d:
14:8f:8e:8c:b6:b2:88:b1:4d:90:f4:d2:b0:58:94:f6:16:b5:
08:66:9c:2c:9a:e8:a2:7c:30:91:81:4f:d0:84:a5:a5:18:18:
d5:68:41:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYplO0M6oFr9UzCQ7m2A6Zh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE2ZTFiYTZkNTgzOTRmMDJiZjNiODg4MWI0MjUxNGExNjhiOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxvlyIuCIpt8nzL4CtJMYXOx7PFv
rgUgIWb82/Elbu31ViFbWd9T0jaOx62q6p/O0E8u5JVENWDfHACzp8Uo8R+zPY54
OKDQUzWQN/pVzXHfkaOSsKtOzmD2xLm5P07pQ2KCwVMCXi2zQhazEucoJv2LKDvD
GdKCZa6tBLO50iUvM27g3xVg35B4mkJk+xpfEFVA0Ydhi6Um8W234fAob82RxfUx
0I8/850c3iSiq6UpLXo7ZGstESp/QOC3fv0q1y9hcoCFDoWwrPLrKhsXvh8XC01f
AF/bzPjOzSxUDTfP2OrppdjmfAYMAbvzSMgygMIrlze4gYclS19n3jOudQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIqm4bptWDlPAr87iIG0JRShaLirMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaXFiaHVtMVlPVThDdnp1SWdiUWxGS0ZvdUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAarjnh1B0EyFNolODzx
iKDMV5R00ob4YsPKVy85AqnNmLzjCAXaM8CmZuEH3USPJkp2EtMJWLs7GDMWK2Mf
HlhFcnGKNjvYpAOe2hAANhnLX5u0QwN6mmQa37YViDxiahmLPUn+rRFte5eMNJZq
oB2Gu+OhD6uEXsaSCdAA18++KvLi3vxlPyEm6F/SHf4qNVJzxA03DMqGs8u/qryR
0ry9gnhAeyyQVsusp2TRCaFQsvWqDLKBieoyFCKUiK196cex0HZOH+G0uMZEMDQ1
t1t6XxE1V7B+DRSPjoy2soixTZD00rBYlPYWtQhmnCya6KJ8MJGBT9CEpaUYGNVo
QZA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:30:26 2025 by rpki-client