Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/i6sy2zFoYL26iU_vscSAG8Vgpao.roa
File: i6sy2zFoYL26iU_vscSAG8Vgpao.roa (raw, json)
Hash identifier: S9zds1lc8/7kKCGH4VchNYrnRM1JyfbhKHsdnDraD64=
Subject key identifier: 8B:AB:32:DB:31:68:60:BD:BA:89:4F:EF:B1:C4:80:1B:C5:60:A5:AA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4F934F08F17D4E65C7810859BCBD545E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/i6sy2zFoYL26iU_vscSAG8Vgpao.roa
Signing time: Sat 21 Oct 2023 00:12:15 +0000
ROA not before: Sat 21 Oct 2023 00:12:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4f:93:4f:08:f1:7d:4e:65:c7:81:08:59:bc:bd:54:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 00:12:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bab32db316860bdba894fefb1c4801bc560a5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:99:7b:f3:87:34:4d:d4:68:15:13:76:48:fe:
7c:01:56:68:22:50:b0:91:73:e7:45:e1:50:f7:dc:
f3:89:37:cf:80:fa:f4:f6:a0:a8:3e:4f:a3:b8:ae:
46:3e:1f:e9:e5:a2:80:96:d9:e8:d4:4f:46:0d:85:
d5:0a:72:d9:3c:f1:4a:6d:3d:6c:bb:82:9f:f8:2d:
5b:24:f5:6b:7f:94:fb:61:cc:dc:70:dd:4f:ab:26:
dd:4a:c7:29:0d:eb:9e:28:a6:c5:ea:e6:56:88:0c:
d7:87:d3:c3:12:25:c9:eb:39:f8:4c:05:d2:43:03:
72:e6:b9:cc:45:55:c0:f4:52:be:f0:6a:be:f8:b5:
b5:5c:46:a3:95:cb:c7:d1:99:b1:27:ab:45:82:fc:
85:f0:97:6b:38:b1:17:88:22:93:40:7c:95:34:b6:
0b:fc:2f:5e:8a:42:52:31:25:06:45:94:58:e3:4a:
ab:52:8d:da:9b:2b:68:8c:81:38:c3:c8:2d:2c:ee:
d1:9f:aa:52:98:a5:0b:1c:37:81:80:74:d9:df:6e:
8c:71:bb:bc:e2:14:c3:c9:8c:4c:9d:c6:f9:df:3c:
c9:d4:e5:78:c0:c5:6f:14:5c:bc:84:e3:67:94:91:
a9:31:7b:7c:fb:84:ea:a3:a9:3b:f5:68:4a:f5:4c:
db:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:AB:32:DB:31:68:60:BD:BA:89:4F:EF:B1:C4:80:1B:C5:60:A5:AA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/i6sy2zFoYL26iU_vscSAG8Vgpao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:99:57:02:3a:eb:98:53:04:8b:a4:1f:c2:6c:8e:de:d0:46:
d9:74:95:c5:4b:51:62:49:eb:e6:8b:be:5f:bb:b3:36:c2:5b:
fc:ca:47:b8:84:bd:74:8b:23:1f:c8:ba:cb:98:5c:00:ca:0e:
06:16:89:31:85:24:d8:fa:0c:95:60:fd:a4:ec:de:84:ef:8d:
95:98:e2:3d:8e:63:f8:4f:e1:0e:b7:18:6b:6b:eb:71:95:49:
c1:a1:5e:e8:3f:26:17:19:54:47:31:1c:75:05:26:7c:46:bd:
41:a9:74:1f:a0:ad:8e:e5:dd:58:9e:87:d7:f0:d9:c8:23:0b:
e8:b0:d7:93:9c:95:53:db:1d:49:e2:fe:fc:81:99:08:57:16:
6f:96:6a:fa:e0:3c:8d:b8:d7:28:06:87:0c:55:90:84:55:b6:
ac:ec:12:a4:b7:d5:24:1a:f6:a1:1f:95:2e:06:1b:e5:e3:4e:
bd:43:10:16:18:be:86:37:4e:86:7a:21:ee:72:90:8d:a3:b9:
88:e6:e8:38:2f:a7:d2:2a:de:4f:22:a3:f2:c5:6e:81:10:bf:
1a:1d:6e:e3:5e:a2:9e:c3:50:c6:94:b0:4b:72:f7:36:09:8d:
56:26:06:61:01:c6:28:8e:31:5c:05:f4:36:d6:46:95:59:08:
54:46:a2:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtPk08I8X1OZceBCFm8vVReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMDAxMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmFiMzJkYjMxNjg2MGJkYmE4OTRmZWZiMWM0ODAxYmM1NjBhNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Jl784c0TdRoFRN2SP58AVZoIlCw
kXPnReFQ99zziTfPgPr09qCoPk+juK5GPh/p5aKAltno1E9GDYXVCnLZPPFKbT1s
u4Kf+C1bJPVrf5T7YczccN1PqybdSscpDeueKKbF6uZWiAzXh9PDEiXJ6zn4TAXS
QwNy5rnMRVXA9FK+8Gq++LW1XEajlcvH0ZmxJ6tFgvyF8JdrOLEXiCKTQHyVNLYL
/C9eikJSMSUGRZRY40qrUo3amytojIE4w8gtLO7Rn6pSmKULHDeBgHTZ326Mcbu8
4hTDyYxMncb53zzJ1OV4wMVvFFy8hONnlJGpMXt8+4Tqo6k79WhK9Uzb7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIurMtsxaGC9uolP77HEgBvFYKWqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaTZzeTJ6Rm9ZTDI2aVVfdnNjU0FHOFZncGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACeZVwI665hTBIukH8Js
jt7QRtl0lcVLUWJJ6+aLvl+7szbCW/zKR7iEvXSLIx/IusuYXADKDgYWiTGFJNj6
DJVg/aTs3oTvjZWY4j2OY/hP4Q63GGtr63GVScGhXug/JhcZVEcxHHUFJnxGvUGp
dB+grY7l3Vieh9fw2cgjC+iw15OclVPbHUni/vyBmQhXFm+WavrgPI241ygGhwxV
kIRVtqzsEqS31SQa9qEflS4GG+XjTr1DEBYYvoY3ToZ6Ie5ykI2juYjm6Dgvp9Iq
3k8io/LFboEQvxodbuNeop7DUMaUsEty9zYJjVYmBmEBxiiOMVwF9DbWRpVZCFRG
ogw=
-----END CERTIFICATE-----
Generated at Sun May 11 20:00:41 2025 by rpki-client