Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Iiqxg5LXxH6hDglQ38tCRMSnAA0.roa
File: Iiqxg5LXxH6hDglQ38tCRMSnAA0.roa (raw, json)
Hash identifier: 4X/7vwOC/jtUJ9tQmLlv6W1GIqqsBdu+Pr1ZMDPtXqk=
Subject key identifier: 22:2A:B1:83:92:D7:C4:7E:A1:0E:09:50:DF:CB:42:44:C4:A7:00:0D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B81FEF8DCA77E3E8D679AD84326C67DA7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Iiqxg5LXxH6hDglQ38tCRMSnAA0.roa
Signing time: Mon 30 Oct 2023 19:10:52 +0000
ROA not before: Mon 30 Oct 2023 19:10:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:81f9:114d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:fe:f8:dc:a7:7e:3e:8d:67:9a:d8:43:26:c6:7d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 30 19:10:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=222ab18392d7c47ea10e0950dfcb4244c4a7000d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:05:28:a1:06:a1:5f:b6:f8:b7:a2:72:c5:b2:
ee:d7:c1:c9:6a:a7:8f:5f:c6:cc:36:63:64:12:f6:
62:89:88:de:ce:f5:c2:2b:c4:52:80:2e:dc:c5:7e:
e7:2b:10:9a:9c:7c:c8:a0:2c:ab:b2:cb:00:a4:3f:
48:6d:8e:52:04:ce:9e:52:f9:0c:ce:58:09:33:af:
6e:8f:08:79:98:3d:c1:0e:03:f7:e7:83:f6:67:5d:
c3:68:a6:ed:61:f7:44:11:50:11:33:59:6b:1d:8e:
79:de:f1:75:c6:dc:3c:a8:08:9b:43:23:36:e8:ef:
d2:e3:3b:2e:b7:cb:f2:60:5d:9b:5e:f6:03:40:10:
fb:67:58:ac:b2:2d:38:04:3a:23:5c:97:69:33:3a:
5f:79:80:28:f8:09:84:b5:61:48:3f:32:f7:03:da:
1f:42:50:0a:a4:26:85:ec:f4:b3:35:72:26:47:93:
e1:bd:c6:68:e9:c0:42:9f:f0:b1:37:68:11:f9:ef:
d5:75:6f:77:1e:a8:9f:c4:6e:70:d7:fe:62:42:8a:
84:21:f6:c8:42:9d:99:3d:8f:00:6c:d3:c7:60:35:
69:87:08:21:e2:d5:b2:46:24:44:5c:5f:95:76:89:
70:cb:6c:ed:c2:dd:64:56:4f:d3:d0:7a:d1:b5:94:
a4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2A:B1:83:92:D7:C4:7E:A1:0E:09:50:DF:CB:42:44:C4:A7:00:0D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Iiqxg5LXxH6hDglQ38tCRMSnAA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:30:ce:72:06:38:19:73:2a:5c:04:84:86:86:4e:88:d1:c9:
fa:ff:69:6c:a6:34:a4:a0:53:61:72:48:df:21:88:03:dd:65:
bd:3b:29:68:3a:b3:89:c7:18:67:f2:b6:f2:72:9b:d9:c5:2e:
4d:53:39:71:b1:94:d6:e3:08:b6:9e:32:6d:4b:77:f3:0b:bf:
16:9a:54:3e:d7:4f:1d:08:4f:31:bd:4e:89:29:a5:51:16:4f:
9f:8b:ee:6c:ba:5f:9a:3d:ff:d6:cb:f6:3b:3d:3b:ea:8f:b5:
dd:1e:28:3b:87:88:35:56:c5:38:dd:3f:9a:43:24:3e:42:61:
0a:2c:f4:85:bc:fa:d5:e7:a4:35:55:19:32:10:bd:97:58:da:
f8:0f:a4:47:ad:f4:33:68:35:54:1a:31:c4:d1:c8:09:5d:05:
ab:96:af:1d:61:e4:28:d8:cd:ef:19:c8:7d:5f:72:b1:99:b3:
71:79:ad:d6:67:78:c3:41:df:51:86:93:f8:39:d5:24:29:6a:
ec:9b:82:eb:9e:6a:10:86:b1:28:0a:8e:b5:18:6b:89:bf:67:
c7:ba:d3:c3:cb:43:19:eb:6d:57:a7:b7:70:95:6e:ce:09:80:
90:ef:ab:69:56:ff:01:2a:e3:62:ce:e9:6e:be:45:bf:31:7b:
a9:87:93:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuB/vjcp34+jWea2EMmxn2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMwMTkxMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJhYjE4MzkyZDdjNDdlYTEwZTA5NTBkZmNiNDI0NGM0YTcwMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwUooQahX7b4t6JyxbLu18HJaqeP
X8bMNmNkEvZiiYjezvXCK8RSgC7cxX7nKxCanHzIoCyrsssApD9IbY5SBM6eUvkM
zlgJM69ujwh5mD3BDgP354P2Z13DaKbtYfdEEVARM1lrHY553vF1xtw8qAibQyM2
6O/S4zsut8vyYF2bXvYDQBD7Z1issi04BDojXJdpMzpfeYAo+AmEtWFIPzL3A9of
QlAKpCaF7PSzNXImR5PhvcZo6cBCn/CxN2gR+e/VdW93HqifxG5w1/5iQoqEIfbI
Qp2ZPY8AbNPHYDVphwgh4tWyRiREXF+Vdolwy2ztwt1kVk/T0HrRtZSkzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCIqsYOS18R+oQ4JUN/LQkTEpwANMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSWlxeGc1TFh4SDZoRGdsUTM4dENSTVNuQUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEswznIGOBlzKlwEhIaG
TojRyfr/aWymNKSgU2FySN8hiAPdZb07KWg6s4nHGGfytvJym9nFLk1TOXGxlNbj
CLaeMm1Ld/MLvxaaVD7XTx0ITzG9TokppVEWT5+L7my6X5o9/9bL9js9O+qPtd0e
KDuHiDVWxTjdP5pDJD5CYQos9IW8+tXnpDVVGTIQvZdY2vgPpEet9DNoNVQaMcTR
yAldBauWrx1h5CjYze8ZyH1fcrGZs3F5rdZneMNB31GGk/g51SQpauybguueahCG
sSgKjrUYa4m/Z8e608PLQxnrbVent3CVbs4JgJDvq2lW/wEq42LO6W6+Rb8xe6mH
k/4=
-----END CERTIFICATE-----
Generated at Tue Jun 17 05:00:33 2025 by rpki-client