Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CIxQBdn_zyDxgkS0b9FATmTWTbA.roa
File: CIxQBdn_zyDxgkS0b9FATmTWTbA.roa (raw, json)
Hash identifier: y2CWSHgDZVq8zbbYxqjLMQAcECPKj+7kZ5uTnet87Js=
Subject key identifier: 08:8C:50:05:D9:FF:CF:20:F1:82:44:B4:6F:D1:40:4E:64:D6:4D:B0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6388E94CE47E60C3A68214F6E5897E7B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CIxQBdn_zyDxgkS0b9FATmTWTbA.roa
Signing time: Wed 13 Dec 2023 14:16:06 +0000
ROA not before: Wed 13 Dec 2023 14:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:88:e9:4c:e4:7e:60:c3:a6:82:14:f6:e5:89:7e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 14:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=088c5005d9ffcf20f18244b46fd1404e64d64db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a4:82:39:d5:cd:e3:17:81:91:83:81:54:0d:
9b:cd:43:33:74:e2:2e:fa:00:a4:54:5e:ac:65:99:
b1:c0:e0:66:3f:42:08:c5:3d:81:9f:35:59:f0:fd:
89:2e:0f:a3:df:6b:5a:3c:fc:95:b7:4f:20:f6:92:
2c:c1:70:bb:c5:c0:7b:a2:e4:16:3b:eb:fc:aa:ef:
ee:84:8e:84:26:58:25:eb:8d:38:0b:0e:c2:88:1c:
6e:8a:fa:ac:73:26:8f:ee:be:d3:3b:2f:7a:6e:ff:
d0:71:aa:79:a3:82:8d:7b:3c:90:7d:50:8d:11:b3:
78:bf:00:30:2c:6f:3b:3d:7b:f9:87:97:b8:d8:dd:
6a:a2:52:43:a7:38:8c:50:4f:21:9d:86:fa:ba:45:
27:91:f5:3c:1b:a3:ab:10:32:a2:af:94:c9:b7:0f:
ac:9e:c6:6d:e9:74:2c:7b:5c:a3:29:5d:90:39:69:
69:f9:b9:f6:c3:2f:40:db:49:89:2f:dd:be:44:4d:
7d:7f:61:ca:89:4b:7e:fd:58:40:e6:4c:84:ae:ab:
d0:be:28:5d:42:3f:f7:ab:f2:0c:86:0d:51:30:35:
01:73:ec:3b:3e:5c:fc:dd:3b:5e:f5:f3:fa:ea:2a:
d2:fb:6e:e3:2c:8a:22:c1:cb:9e:1b:15:6f:ef:a0:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:8C:50:05:D9:FF:CF:20:F1:82:44:B4:6F:D1:40:4E:64:D6:4D:B0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/CIxQBdn_zyDxgkS0b9FATmTWTbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:ce:e4:34:af:34:62:59:08:32:6f:64:ce:30:65:23:8b:39:
1f:8b:06:76:cc:94:08:d2:2f:a2:ba:80:d1:e7:ff:56:0f:93:
4a:1f:fa:90:18:d1:89:d8:05:63:67:a3:fa:2b:dd:0f:de:7c:
43:a5:c8:bc:a6:28:4d:40:3b:99:67:3a:61:33:58:4a:0c:61:
77:9e:19:28:34:d5:3b:5a:3f:db:e8:8b:10:ac:8f:d5:bb:51:
1a:cb:bc:90:74:6c:9e:b5:f9:6b:48:54:f7:63:37:6a:8c:b0:
c0:de:14:ec:0b:03:e4:80:15:76:1c:da:a3:12:3b:95:ea:c5:
c1:20:35:42:8d:48:f7:43:7f:8f:36:2b:9a:fb:dd:b5:23:0d:
80:f3:36:71:2b:72:f1:fb:ae:93:29:39:1f:cc:c6:46:9e:ba:
aa:06:a3:73:c0:df:7f:79:44:92:55:d1:f4:a4:d3:ea:c2:e0:
42:39:08:5c:a0:e4:77:b2:32:4f:0f:5f:84:a3:d4:24:c6:43:
ce:c0:d4:54:93:bc:5d:00:f7:ea:13:fe:af:a9:72:1c:b4:af:
98:e3:5f:95:4d:99:be:9b:02:2a:18:c9:5e:28:a4:27:5d:74:
4b:5f:69:d4:45:18:3b:51:2f:a8:3a:76:29:38:51:f7:23:42:
01:f0:78:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxjiOlM5H5gw6aCFPbliX57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMTQxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhjNTAwNWQ5ZmZjZjIwZjE4MjQ0YjQ2ZmQxNDA0ZTY0ZDY0ZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKSCOdXN4xeBkYOBVA2bzUMzdOIu
+gCkVF6sZZmxwOBmP0IIxT2BnzVZ8P2JLg+j32taPPyVt08g9pIswXC7xcB7ouQW
O+v8qu/uhI6EJlgl6404Cw7CiBxuivqscyaP7r7TOy96bv/Qcap5o4KNezyQfVCN
EbN4vwAwLG87PXv5h5e42N1qolJDpziMUE8hnYb6ukUnkfU8G6OrEDKir5TJtw+s
nsZt6XQse1yjKV2QOWlp+bn2wy9A20mJL92+RE19f2HKiUt+/VhA5kyErqvQvihd
Qj/3q/IMhg1RMDUBc+w7Plz83Tte9fP66irS+27jLIoiwcueGxVv76CqbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAiMUAXZ/88g8YJEtG/RQE5k1k2wMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ0l4UUJkbl96eUR4Z2tTMGI5RkFUbVRXVGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADrO5DSvNGJZCDJvZM4w
ZSOLOR+LBnbMlAjSL6K6gNHn/1YPk0of+pAY0YnYBWNno/or3Q/efEOlyLymKE1A
O5lnOmEzWEoMYXeeGSg01TtaP9voixCsj9W7URrLvJB0bJ61+WtIVPdjN2qMsMDe
FOwLA+SAFXYc2qMSO5XqxcEgNUKNSPdDf482K5r73bUjDYDzNnErcvH7rpMpOR/M
xkaeuqoGo3PA3395RJJV0fSk0+rC4EI5CFyg5HeyMk8PX4Sj1CTGQ87A1FSTvF0A
9+oT/q+pchy0r5jjX5VNmb6bAioYyV4opCdddEtfadRFGDtRL6g6dik4UfcjQgHw
eOo=
-----END CERTIFICATE-----
Generated at Sat May 10 13:02:33 2025 by rpki-client