Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iGY8IwKEn_ro2WANdrbjv2QCtqE.roa
File: iGY8IwKEn_ro2WANdrbjv2QCtqE.roa (raw, json)
Hash identifier: YWBUKfERpUh5rm8zp3wlBhvneE4Uir3KYetqqMtu2kI=
Subject key identifier: 88:66:3C:23:02:84:9F:FA:E8:D9:60:0D:76:B6:E3:BF:64:02:B6:A1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3C7FBDB8AA4CADCE58B882A30369E4C2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iGY8IwKEn_ro2WANdrbjv2QCtqE.roa
Signing time: Tue 17 Oct 2023 07:18:06 +0000
ROA not before: Tue 17 Oct 2023 07:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:7f:bd:b8:aa:4c:ad:ce:58:b8:82:a3:03:69:e4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 17 07:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88663c2302849ffae8d9600d76b6e3bf6402b6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e2:15:10:7c:85:b9:fe:ca:1d:97:42:20:17:
c1:73:43:65:14:23:ac:78:0f:ef:4a:3f:bc:7e:22:
4e:06:22:d4:80:b5:31:f0:2c:d3:f2:79:1d:dc:68:
32:5e:64:94:28:39:50:45:37:85:bc:13:04:1c:04:
5e:b3:b3:c9:72:da:df:fc:fa:3d:aa:11:99:29:16:
a9:31:c0:03:06:8b:47:15:e8:5a:78:b9:a4:78:2b:
77:09:0d:3a:b3:30:5c:5b:39:82:1f:25:6c:96:3c:
fa:1e:c1:af:fe:f5:33:30:aa:f3:7a:1a:49:c8:9d:
94:51:50:17:e4:c2:f8:c9:96:10:7f:37:d3:af:c7:
ea:74:c2:90:6b:0c:6e:f8:a1:b9:55:95:63:c9:12:
ce:b7:71:39:fc:40:e2:a4:ca:69:d6:b9:cd:98:8e:
77:da:a9:f7:6e:44:53:be:0c:51:64:5a:9c:2a:ab:
cb:c6:ee:b4:3d:18:6e:e9:74:93:ed:6f:5e:93:48:
08:53:37:dc:92:9d:93:9d:b5:37:43:40:97:5a:2b:
45:ed:fe:8a:7f:e0:cf:5b:25:11:3e:89:ee:0a:21:
88:41:56:1f:88:d1:77:f7:8a:42:48:ae:f9:25:19:
85:df:60:a7:06:08:69:d1:16:5f:d1:40:f2:1f:35:
a9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:66:3C:23:02:84:9F:FA:E8:D9:60:0D:76:B6:E3:BF:64:02:B6:A1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/iGY8IwKEn_ro2WANdrbjv2QCtqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:ec:d0:82:f0:6f:fe:aa:90:69:3a:68:4f:9c:7e:04:ee:a9:
6d:58:51:9a:78:91:a8:e1:f9:94:72:d8:13:4d:34:00:91:ff:
2d:05:90:0a:ba:8f:86:83:1a:cc:22:23:6e:01:bd:27:ca:09:
ed:de:03:64:cc:1f:94:e3:7f:af:da:5c:6f:5a:70:54:49:ae:
d1:4e:f5:d4:d4:88:38:3a:45:6a:a0:d2:af:8f:95:01:58:37:
ed:e9:70:3f:be:de:3d:b1:55:45:f0:2c:42:56:06:07:f0:5d:
2e:53:28:b5:ab:68:7c:e0:0f:ab:7b:e0:ae:97:f3:f1:c2:85:
d2:8c:ba:5c:d8:d2:86:68:e5:7f:c4:94:da:0f:d8:36:2d:12:
75:d2:39:78:f6:19:98:7e:18:af:d8:3b:98:ca:a5:03:39:41:
e6:05:14:34:fe:dc:99:2e:21:c6:95:cc:a1:fc:ae:35:c9:fc:
87:09:b2:ef:88:69:dd:48:c1:29:66:a7:92:8b:3e:fb:a6:bb:
ee:ec:e9:38:b3:19:89:96:b7:07:a6:68:33:73:69:3b:30:9d:
97:e1:30:91:bb:3f:79:63:11:43:15:4f:33:31:ad:fb:34:1b:
52:c7:eb:e8:33:a5:22:0b:cd:72:5d:de:b6:d0:85:76:bc:f4:
98:a7:95:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs8f724qkytzli4gqMDaeTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE3MDcxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODY2M2MyMzAyODQ5ZmZhZThkOTYwMGQ3NmI2ZTNiZjY0MDJiNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuIVEHyFuf7KHZdCIBfBc0NlFCOs
eA/vSj+8fiJOBiLUgLUx8CzT8nkd3GgyXmSUKDlQRTeFvBMEHARes7PJctrf/Po9
qhGZKRapMcADBotHFehaeLmkeCt3CQ06szBcWzmCHyVsljz6HsGv/vUzMKrzehpJ
yJ2UUVAX5ML4yZYQfzfTr8fqdMKQawxu+KG5VZVjyRLOt3E5/EDipMpp1rnNmI53
2qn3bkRTvgxRZFqcKqvLxu60PRhu6XST7W9ek0gIUzfckp2TnbU3Q0CXWitF7f6K
f+DPWyURPonuCiGIQVYfiNF394pCSK75JRmF32CnBghp0RZf0UDyHzWpQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhmPCMChJ/66NlgDXa2479kArahMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaUdZOEl3S0VuX3JvMldBTmRyYmp2MlFDdHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABfs0ILwb/6qkGk6aE+c
fgTuqW1YUZp4kajh+ZRy2BNNNACR/y0FkAq6j4aDGswiI24BvSfKCe3eA2TMH5Tj
f6/aXG9acFRJrtFO9dTUiDg6RWqg0q+PlQFYN+3pcD++3j2xVUXwLEJWBgfwXS5T
KLWraHzgD6t74K6X8/HChdKMulzY0oZo5X/ElNoP2DYtEnXSOXj2GZh+GK/YO5jK
pQM5QeYFFDT+3JkuIcaVzKH8rjXJ/IcJsu+Iad1IwSlmp5KLPvumu+7s6TizGYmW
twemaDNzaTswnZfhMJG7P3ljEUMVTzMxrfs0G1LH6+gzpSILzXJd3rbQhXa89Jin
lds=
-----END CERTIFICATE-----
Generated at Tue May 13 02:12:35 2025 by rpki-client