Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ib_wNUnPUoR1GCO95Tp0v400u6M.roa
File: ib_wNUnPUoR1GCO95Tp0v400u6M.roa (raw, json)
Hash identifier: K4+V2hS6tb2k7DHCzr0enKVuD4agF4y5nmatPHUKyaY=
Subject key identifier: 89:BF:F0:35:49:CF:52:84:75:18:23:BD:E5:3A:74:BF:8D:34:BB:A3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF837D6F91097D8EE2A1C11371213BA48
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ib_wNUnPUoR1GCO95Tp0v400u6M.roa
Signing time: Wed 04 Oct 2023 01:05:23 +0000
ROA not before: Wed 04 Oct 2023 01:05:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:f837:d45f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f8:37:d6:f9:10:97:d8:ee:2a:1c:11:37:12:13:ba:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 01:05:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89bff03549cf5284751823bde53a74bf8d34bba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cb:af:b5:b0:c2:f4:67:10:30:51:d7:17:af:
14:a8:2a:5b:7d:93:2b:f7:e9:a8:20:2d:10:2c:d6:
e2:7f:b4:9d:ea:ca:01:cb:88:ae:e4:f9:f2:03:02:
c0:1d:9b:24:4b:a2:90:b5:a6:be:72:cd:0f:fb:6c:
bd:b7:f7:9d:cb:60:ff:d9:8c:58:ca:c1:de:a3:8f:
f5:cf:69:f3:ec:0f:4a:44:1c:9e:b4:05:47:e7:f8:
0f:09:bd:2d:f3:a7:dd:2b:c0:78:49:0d:2f:e5:63:
06:5e:0f:6e:0b:d9:e4:b5:23:e9:7e:30:80:cb:73:
67:88:1e:b7:a5:38:ad:d9:d8:c7:0f:08:85:7c:f8:
20:fe:e0:23:5c:f2:87:64:36:24:ad:95:b0:34:ed:
9a:3f:71:d6:ea:85:37:64:8b:44:31:f1:6a:82:7b:
1f:0b:b1:ab:d4:c8:04:b8:69:34:45:64:7c:2b:48:
fc:7e:f9:af:7d:fb:6e:c0:bb:57:c5:ac:c3:af:85:
c4:ce:c7:c7:37:79:07:9f:e0:28:b1:5d:32:6b:5a:
e0:91:51:72:25:38:c4:5c:a8:a0:6d:ae:c7:43:b7:
a3:9a:b6:0e:fd:28:be:6f:b4:bb:8f:26:16:e0:68:
2f:10:d3:03:19:3d:99:eb:23:38:f5:4c:67:21:bc:
da:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BF:F0:35:49:CF:52:84:75:18:23:BD:E5:3A:74:BF:8D:34:BB:A3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ib_wNUnPUoR1GCO95Tp0v400u6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cf:81:83:8c:cf:de:ca:d4:f0:73:e7:7c:d9:2a:71:cb:4b:5e:
7b:ec:fe:c0:47:cb:b8:97:3b:06:be:5f:8a:bd:78:86:cc:e7:
5e:7e:e9:f1:a0:f1:c3:97:e8:ba:4a:75:b4:1d:fa:6d:b9:09:
cc:0d:89:f9:cc:24:9e:e5:46:6c:92:8b:08:8a:fd:37:67:3e:
92:72:8b:8d:74:e0:e5:8d:27:b0:aa:cc:2b:ed:bd:39:9d:29:
25:5d:af:48:a8:fc:ec:c8:b5:4e:e8:50:ce:54:94:3f:d9:5e:
39:28:6e:f2:b2:e0:a5:8f:c3:ed:19:4f:3b:b7:62:52:23:31:
50:d7:c5:65:d1:35:b8:dd:3c:14:4a:ab:52:8c:80:8f:59:57:
d8:99:1c:71:ee:34:ec:28:5c:23:db:17:dc:f5:eb:9d:89:c4:
5a:c6:0e:98:e3:f8:9b:c4:00:fc:f9:65:02:17:92:e3:88:90:
fb:5b:d2:8d:8e:4e:11:3f:74:41:43:4c:01:6d:f1:8b:e4:db:
60:e9:7e:91:fc:9f:0c:a0:4e:d0:32:3a:a1:18:66:b0:88:05:
f1:f6:23:fa:32:11:f9:79:b7:3b:2a:88:82:9f:3f:77:ca:00:
18:7d:9c:79:bb:15:d3:f8:ed:e1:d6:a8:38:f3:72:3c:f2:94:
fe:8d:91:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr4N9b5EJfY7iocETcSE7pIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MDEwNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJmZjAzNTQ5Y2Y1Mjg0NzUxODIzYmRlNTNhNzRiZjhkMzRiYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsuvtbDC9GcQMFHXF68UqCpbfZMr
9+moIC0QLNbif7Sd6soBy4iu5PnyAwLAHZskS6KQtaa+cs0P+2y9t/edy2D/2YxY
ysHeo4/1z2nz7A9KRByetAVH5/gPCb0t86fdK8B4SQ0v5WMGXg9uC9nktSPpfjCA
y3NniB63pTit2djHDwiFfPgg/uAjXPKHZDYkrZWwNO2aP3HW6oU3ZItEMfFqgnsf
C7Gr1MgEuGk0RWR8K0j8fvmvfftuwLtXxazDr4XEzsfHN3kHn+AosV0ya1rgkVFy
JTjEXKigba7HQ7ejmrYO/Si+b7S7jyYW4GgvENMDGT2Z6yM49UxnIbza5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIm/8DVJz1KEdRgjveU6dL+NNLujMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaWJfd05VblBVb1IxR0NPOTVUcDB2NDAwdTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM+Bg4zP3srU8HPnfNkq
cctLXnvs/sBHy7iXOwa+X4q9eIbM515+6fGg8cOX6LpKdbQd+m25CcwNifnMJJ7l
RmySiwiK/TdnPpJyi4104OWNJ7CqzCvtvTmdKSVdr0io/OzItU7oUM5UlD/ZXjko
bvKy4KWPw+0ZTzu3YlIjMVDXxWXRNbjdPBRKq1KMgI9ZV9iZHHHuNOwoXCPbF9z1
652JxFrGDpjj+JvEAPz5ZQIXkuOIkPtb0o2OThE/dEFDTAFt8Yvk22DpfpH8nwyg
TtAyOqEYZrCIBfH2I/oyEfl5tzsqiIKfP3fKABh9nHm7FdP47eHWqDjzcjzylP6N
kas=
-----END CERTIFICATE-----
Generated at Thu Jun 19 18:57:37 2025 by rpki-client