Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IqNU2-2l-2zix20Rpofn3FlgUxk.roa
File: IqNU2-2l-2zix20Rpofn3FlgUxk.roa (raw, json)
Hash identifier: ev9QqwTV9sGDxS0UwtUsT88q0OQr3psPDh+2UprDtk4=
Subject key identifier: 22:A3:54:DB:ED:A5:FB:6C:E2:C7:6D:11:A6:87:E7:DC:59:60:53:19
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFE398925A790BB5D3F6181D903907EC4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IqNU2-2l-2zix20Rpofn3FlgUxk.roa
Signing time: Thu 05 Oct 2023 05:04:58 +0000
ROA not before: Thu 05 Oct 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:fe39:30e1/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:39:89:25:a7:90:bb:5d:3f:61:81:d9:03:90:7e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22a354dbeda5fb6ce2c76d11a687e7dc59605319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:02:4d:70:15:63:a6:8e:0c:a5:b7:cb:2d:4b:
d0:17:8a:dd:2b:ae:54:c6:fe:6f:1d:ab:10:32:dc:
8d:c3:57:a6:64:57:7c:24:3b:35:f2:fb:36:89:ec:
5b:09:9f:59:15:b7:12:a6:f6:2c:4c:6c:cb:cd:50:
79:09:08:81:d8:8c:09:5f:1b:91:69:32:a6:87:d5:
0c:f6:26:6c:89:ce:78:c0:7b:a6:20:b9:22:38:13:
56:dd:38:13:ff:94:14:2d:d4:bc:33:65:ea:d3:ef:
b4:0d:2c:2c:78:27:13:9d:ef:98:52:53:4c:38:2d:
da:f5:87:e0:04:ba:73:7a:38:82:dd:b9:6a:1d:af:
da:1e:54:96:b4:04:c4:0f:01:e7:38:12:e6:08:46:
06:ed:bd:7c:5c:e9:67:b2:d1:a4:00:91:6b:f3:7a:
d6:b2:9b:06:51:5d:29:ce:32:7c:c3:fa:9f:0e:b1:
4d:7b:7d:5a:16:0e:a0:8a:de:05:65:da:be:ba:1c:
35:55:ab:97:36:42:2f:37:d2:cc:5c:06:b8:72:af:
fc:4d:77:5f:d0:e9:33:34:63:25:3e:0b:ba:42:82:
53:a3:8c:dd:a8:f3:54:43:df:09:3b:80:17:0e:50:
ac:0e:7a:74:c1:95:58:7a:c3:af:1e:ab:f0:05:d6:
4c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A3:54:DB:ED:A5:FB:6C:E2:C7:6D:11:A6:87:E7:DC:59:60:53:19
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IqNU2-2l-2zix20Rpofn3FlgUxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:66:48:5a:8f:c9:dd:2a:7d:3b:45:d9:46:6b:a9:b2:01:d5:
47:dd:c4:f9:c4:b8:8a:49:f4:b2:a1:af:f8:ee:0b:bf:d4:94:
48:21:c0:32:33:ab:81:af:5c:c0:35:1f:40:e7:3b:8f:cd:28:
6e:32:f9:6a:eb:12:8b:3a:96:84:42:03:60:25:3e:c7:f4:79:
ae:ae:30:57:0c:92:95:5b:f6:b3:f6:a7:89:de:d6:fa:c5:a7:
cf:85:31:d5:22:d6:30:6f:f0:7a:92:99:be:47:4e:00:f8:30:
d4:9e:78:94:5f:af:7f:f8:d4:c1:71:ca:e3:02:c7:a3:a1:85:
95:08:4a:2e:8c:22:6b:68:ea:cb:99:51:53:28:b8:47:8d:dc:
2c:7b:28:10:ca:75:8a:4e:e7:e2:84:56:e6:64:08:be:59:9b:
90:51:ec:36:d0:9c:99:6e:57:ec:05:b9:43:7f:5f:fd:09:52:
f2:d3:b7:03:50:96:55:5f:da:31:03:3e:e5:f1:d1:a3:1c:9d:
a2:d6:7f:13:71:7e:b3:46:2f:6a:2e:0f:1b:3b:3f:dd:d0:71:
5a:fe:e4:74:5f:de:d7:80:d5:d0:b0:01:e1:7e:86:d2:4e:d4:
6c:58:1e:65:6c:f7:ed:b3:13:37:84:c4:f9:2b:bd:2c:ad:d0:
4a:ee:cc:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr+OYklp5C7XT9hgdkDkH7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmEzNTRkYmVkYTVmYjZjZTJjNzZkMTFhNjg3ZTdkYzU5NjA1MzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AJNcBVjpo4MpbfLLUvQF4rdK65U
xv5vHasQMtyNw1emZFd8JDs18vs2iexbCZ9ZFbcSpvYsTGzLzVB5CQiB2IwJXxuR
aTKmh9UM9iZsic54wHumILkiOBNW3TgT/5QULdS8M2Xq0++0DSwseCcTne+YUlNM
OC3a9YfgBLpzejiC3blqHa/aHlSWtATEDwHnOBLmCEYG7b18XOlnstGkAJFr83rW
spsGUV0pzjJ8w/qfDrFNe31aFg6git4FZdq+uhw1VauXNkIvN9LMXAa4cq/8TXdf
0OkzNGMlPgu6QoJTo4zdqPNUQ98JO4AXDlCsDnp0wZVYesOvHqvwBdZM2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCKjVNvtpfts4sdtEaaH59xZYFMZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSXFOVTItMmwtMnppeDIwUnBvZm4zRmxnVXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADZmSFqPyd0qfTtF2UZr
qbIB1UfdxPnEuIpJ9LKhr/juC7/UlEghwDIzq4GvXMA1H0DnO4/NKG4y+WrrEos6
loRCA2AlPsf0ea6uMFcMkpVb9rP2p4ne1vrFp8+FMdUi1jBv8HqSmb5HTgD4MNSe
eJRfr3/41MFxyuMCx6OhhZUISi6MImto6suZUVMouEeN3Cx7KBDKdYpO5+KEVuZk
CL5Zm5BR7DbQnJluV+wFuUN/X/0JUvLTtwNQllVf2jEDPuXx0aMcnaLWfxNxfrNG
L2ouDxs7P93QcVr+5HRf3teA1dCwAeF+htJO1GxYHmVs9+2zEzeExPkrvSyt0Eru
zEU=
-----END CERTIFICATE-----
Generated at Sun May 11 10:18:07 2025 by rpki-client