Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1eK7d7Bv20Aow4rqzQOjEr8vm4A.roa
File: 1eK7d7Bv20Aow4rqzQOjEr8vm4A.roa (raw, json)
Hash identifier: 1h2SADhCoOjAj8OjUQLAxfqvl9TBZkKWGgx6MbPhfRA=
Subject key identifier: D5:E2:BB:77:B0:6F:DB:40:28:C3:8A:EA:CD:03:A3:12:BF:2F:9B:80
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEA8242855999F02ADC4C58163BA9248A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1eK7d7Bv20Aow4rqzQOjEr8vm4A.roa
Signing time: Sun 01 Oct 2023 09:11:59 +0000
ROA not before: Sun 01 Oct 2023 09:11:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:82:42:85:59:99:f0:2a:dc:4c:58:16:3b:a9:24:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 09:11:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5e2bb77b06fdb4028c38aeacd03a312bf2f9b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:46:7c:84:d3:fd:73:ad:fb:04:98:1f:da:0d:
bc:91:3f:c1:f4:d3:99:26:7a:dd:a0:24:da:2a:b0:
37:39:12:9c:41:63:01:86:9e:2a:26:d8:ad:33:db:
0b:f4:d0:d4:85:eb:7a:e4:af:60:ef:a4:24:2e:8b:
71:bb:54:59:ad:30:1e:17:05:d6:e1:c3:31:51:18:
e6:6b:9b:ff:09:96:d0:ca:a8:6d:b4:46:70:8c:c8:
60:11:01:78:f3:3d:a6:d9:25:9c:0b:dd:11:f3:cb:
4c:b0:80:c2:ef:2f:e6:8f:a4:1c:51:05:9e:60:49:
1c:21:c0:90:85:e9:cd:f0:77:4a:96:fa:b4:f5:24:
fa:da:9d:54:fe:27:1c:2f:17:ea:ae:02:3d:01:5f:
d8:ed:01:16:5b:c8:a9:b1:78:88:13:2a:46:4b:d9:
a6:06:99:62:19:99:01:93:45:85:6f:90:d9:8d:2b:
b4:2e:d2:4c:c3:cb:cf:7a:4e:6a:0e:15:72:b7:ab:
6a:81:be:3b:06:95:2d:57:4d:eb:8f:2a:50:43:f9:
5b:da:f8:99:a9:2c:a8:3b:c8:fa:07:a8:75:0b:a2:
f3:2c:ee:97:b1:36:e8:1d:1c:98:0a:d0:16:6a:07:
b0:46:a6:73:04:51:89:af:2d:c9:82:7b:c2:68:8f:
c1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E2:BB:77:B0:6F:DB:40:28:C3:8A:EA:CD:03:A3:12:BF:2F:9B:80
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1eK7d7Bv20Aow4rqzQOjEr8vm4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:9a:39:3f:b2:9e:05:1c:80:1d:99:2b:68:1a:ba:a2:b4:87:
29:e0:2c:0d:67:07:43:25:d7:28:ec:87:a4:0d:f2:f2:ff:92:
5d:dd:9c:c9:b5:9d:5b:4c:d0:d2:24:10:f9:a0:8d:93:77:61:
98:1f:69:1d:51:6c:c3:0e:41:2a:87:74:65:d0:5d:a5:21:2c:
80:12:0d:fc:a2:4b:76:1b:e0:7d:a7:ed:7d:9e:a5:7d:2d:02:
04:15:73:68:45:ee:0d:97:19:ca:43:85:ac:40:93:23:f5:bc:
3f:03:02:14:3c:31:f9:85:09:b2:5f:d3:2a:4b:85:ad:68:7b:
3f:d2:ae:9b:b1:c4:7e:e1:cd:7b:82:50:7d:ee:0d:be:e4:8b:
1e:18:db:ac:00:31:5b:9b:a0:39:c9:fc:a8:8c:35:14:64:e2:
bf:b2:be:cb:bc:04:43:cd:d9:d8:49:5c:93:72:c8:8a:93:9c:
31:9b:86:6f:70:0a:44:f6:32:21:0b:36:47:1f:14:12:d1:26:
30:88:a1:60:4a:2d:42:53:21:dd:c6:07:6b:32:86:a8:8f:05:
14:2d:2e:cb:06:55:8f:62:93:a1:1b:03:fa:a5:92:ee:0a:66:
64:87:98:27:26:4f:e1:3f:6f:6b:58:a7:52:36:58:20:0b:02:
c5:59:56:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrqgkKFWZnwKtxMWBY7qSSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMDkxMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUyYmI3N2IwNmZkYjQwMjhjMzhhZWFjZDAzYTMxMmJmMmY5YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUZ8hNP9c637BJgf2g28kT/B9NOZ
JnrdoCTaKrA3ORKcQWMBhp4qJtitM9sL9NDUhet65K9g76QkLotxu1RZrTAeFwXW
4cMxURjma5v/CZbQyqhttEZwjMhgEQF48z2m2SWcC90R88tMsIDC7y/mj6QcUQWe
YEkcIcCQhenN8HdKlvq09ST62p1U/iccLxfqrgI9AV/Y7QEWW8ipsXiIEypGS9mm
BpliGZkBk0WFb5DZjSu0LtJMw8vPek5qDhVyt6tqgb47BpUtV03rjypQQ/lb2viZ
qSyoO8j6B6h1C6LzLO6XsTboHRyYCtAWagewRqZzBFGJry3JgnvCaI/B5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNXiu3ewb9tAKMOK6s0DoxK/L5uAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMWVLN2Q3QnYyMEFvdzRycXpRT2pFcjh2bTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH2aOT+yngUcgB2ZK2ga
uqK0hyngLA1nB0Ml1yjsh6QN8vL/kl3dnMm1nVtM0NIkEPmgjZN3YZgfaR1RbMMO
QSqHdGXQXaUhLIASDfyiS3Yb4H2n7X2epX0tAgQVc2hF7g2XGcpDhaxAkyP1vD8D
AhQ8MfmFCbJf0ypLha1oez/SrpuxxH7hzXuCUH3uDb7kix4Y26wAMVuboDnJ/KiM
NRRk4r+yvsu8BEPN2dhJXJNyyIqTnDGbhm9wCkT2MiELNkcfFBLRJjCIoWBKLUJT
Id3GB2syhqiPBRQtLssGVY9ik6EbA/qlku4KZmSHmCcmT+E/b2tYp1I2WCALAsVZ
Vl4=
-----END CERTIFICATE-----
Generated at Sun May 11 13:24:27 2025 by rpki-client