Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EGdqkTQ8GFnBXP3pZw6KZ5PNr2A.roa
File: EGdqkTQ8GFnBXP3pZw6KZ5PNr2A.roa (raw, json)
Hash identifier: l1O89mF1WYV83et2dzrUXkUomvrt29m/jYrs1e02ygs=
Subject key identifier: 10:67:6A:91:34:3C:18:59:C1:5C:FD:E9:67:0E:8A:67:93:CD:AF:60
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C61CEB706AC36668078340E10348F12A1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EGdqkTQ8GFnBXP3pZw6KZ5PNr2A.roa
Signing time: Wed 13 Dec 2023 06:13:06 +0000
ROA not before: Wed 13 Dec 2023 06:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:61:ce:b7:06:ac:36:66:80:78:34:0e:10:34:8f:12:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 06:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10676a91343c1859c15cfde9670e8a6793cdaf60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1d:4f:8c:2d:f2:c9:00:76:82:4a:60:f9:cf:
5b:4d:59:13:4f:69:f5:bb:e7:33:4c:f3:27:26:29:
b1:c4:ed:c0:74:52:6f:7e:f9:55:89:ec:f4:6d:c0:
d9:43:eb:cc:7e:54:15:c0:22:1d:f7:ea:4a:64:8a:
a5:6a:2e:b1:a3:c5:4f:10:8f:84:d9:50:5f:13:74:
91:55:21:47:fc:4d:04:78:61:80:b6:0a:64:c7:0f:
6e:3c:b4:dc:4c:3c:df:e1:e2:0a:0c:7f:1f:5c:fa:
a6:97:16:ef:67:76:ff:55:39:c1:46:34:b0:68:1f:
10:e2:08:e2:ae:e0:67:6d:9e:09:75:57:16:bd:86:
5f:5a:79:0f:31:02:2b:ff:76:46:80:ad:b7:2e:27:
f2:bb:2f:ac:99:d6:f5:5a:95:0a:27:4c:25:93:01:
c1:71:ef:cd:a5:e8:23:ba:71:18:38:17:e0:67:4f:
9c:be:dc:41:dd:a4:57:98:2e:e5:5d:57:5b:cd:26:
d5:48:21:92:b3:51:34:6d:d4:91:37:53:6f:cb:97:
10:76:bb:5a:e1:da:32:46:08:54:45:b3:2f:f5:d8:
10:0d:01:46:20:4a:5a:e1:3c:83:75:d8:1b:8f:3b:
5c:5e:2f:43:61:5a:bc:ad:a5:17:d9:7f:d6:4e:c8:
67:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:67:6A:91:34:3C:18:59:C1:5C:FD:E9:67:0E:8A:67:93:CD:AF:60
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EGdqkTQ8GFnBXP3pZw6KZ5PNr2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:db:e8:19:61:fc:1c:3f:04:a2:d6:c1:b1:f0:28:0b:fa:01:
e0:f3:62:c7:ab:1a:7a:ab:45:85:bc:e6:73:d3:4e:38:29:e4:
ca:06:3f:ff:45:95:9d:ef:6e:24:ad:c1:09:d1:9a:33:4a:3c:
0a:f2:86:a9:8d:4a:a8:61:a2:ee:42:6f:b8:85:82:11:e3:15:
dd:5f:e9:a3:e6:39:f8:b8:e8:bd:ae:9d:4c:89:24:57:42:0c:
b0:b9:14:c1:34:fa:2e:72:65:85:e7:86:38:ed:3f:5c:5e:e6:
13:d0:22:60:ac:ca:e9:b3:b7:cf:48:db:8d:4e:f0:23:fd:9c:
95:b2:c4:4f:c5:36:86:6c:f1:4e:55:39:18:7e:ec:9e:f7:03:
f8:f4:b1:f9:d5:2f:1e:20:82:4e:2a:a8:fe:0b:5b:40:19:00:
06:e0:a8:cd:44:99:43:7b:3d:c8:e4:c4:0c:e2:ae:63:b7:af:
3b:3c:a5:eb:84:a2:67:b6:b8:e2:7b:c7:a5:c5:ef:82:4c:43:
2e:37:e3:42:00:7c:47:78:04:fe:4c:4e:e4:ad:c7:27:68:57:
0a:bd:05:43:84:8f:64:13:4e:1e:df:ee:20:fe:11:10:f6:52:
ec:83:2d:80:3e:98:b4:72:44:a9:13:cf:66:7f:16:ac:e8:1a:
09:93:25:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxhzrcGrDZmgHg0DhA0jxKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMDYxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDY3NmE5MTM0M2MxODU5YzE1Y2ZkZTk2NzBlOGE2NzkzY2RhZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh1PjC3yyQB2gkpg+c9bTVkTT2n1
u+czTPMnJimxxO3AdFJvfvlViez0bcDZQ+vMflQVwCId9+pKZIqlai6xo8VPEI+E
2VBfE3SRVSFH/E0EeGGAtgpkxw9uPLTcTDzf4eIKDH8fXPqmlxbvZ3b/VTnBRjSw
aB8Q4gjiruBnbZ4JdVcWvYZfWnkPMQIr/3ZGgK23Lifyuy+smdb1WpUKJ0wlkwHB
ce/NpegjunEYOBfgZ0+cvtxB3aRXmC7lXVdbzSbVSCGSs1E0bdSRN1Nvy5cQdrta
4doyRghURbMv9dgQDQFGIEpa4TyDddgbjztcXi9DYVq8raUX2X/WTshnFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBBnapE0PBhZwVz96WcOimeTza9gMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRUdkcWtUUThHRm5CWFAzcFp3NktaNVBOcjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPb6Blh/Bw/BKLWwbHw
KAv6AeDzYserGnqrRYW85nPTTjgp5MoGP/9FlZ3vbiStwQnRmjNKPAryhqmNSqhh
ou5Cb7iFghHjFd1f6aPmOfi46L2unUyJJFdCDLC5FME0+i5yZYXnhjjtP1xe5hPQ
ImCsyumzt89I241O8CP9nJWyxE/FNoZs8U5VORh+7J73A/j0sfnVLx4ggk4qqP4L
W0AZAAbgqM1EmUN7PcjkxAzirmO3rzs8peuEome2uOJ7x6XF74JMQy4340IAfEd4
BP5MTuStxydoVwq9BUOEj2QTTh7f7iD+ERD2UuyDLYA+mLRyRKkTz2Z/FqzoGgmT
JQ0=
-----END CERTIFICATE-----
Generated at Wed May 14 14:02:03 2025 by rpki-client