Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EMMDI1Y_tZUvQxJy_b0LODObPnk.roa
File: EMMDI1Y_tZUvQxJy_b0LODObPnk.roa (raw, json)
Hash identifier: 5a5ZKY4kAjVF6+DIAmLMY807eBZTt4kiXGOASUbDskY=
Subject key identifier: 10:C3:03:23:56:3F:B5:95:2F:43:12:72:FD:BD:0B:38:33:9B:3E:79
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6274617ED9A63C556F3F885D990F0750
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EMMDI1Y_tZUvQxJy_b0LODObPnk.roa
Signing time: Tue 24 Oct 2023 16:11:16 +0000
ROA not before: Tue 24 Oct 2023 16:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:74:61:7e:d9:a6:3c:55:6f:3f:88:5d:99:0f:07:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 16:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10c30323563fb5952f431272fdbd0b38339b3e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:75:ac:21:2c:5c:be:64:64:b7:2f:8d:46:63:
bb:21:46:2c:f7:a3:4f:a5:3a:30:fd:35:72:4e:68:
ae:88:48:73:d8:7c:8f:8c:69:89:2e:05:de:5b:9b:
47:1d:28:13:88:ca:74:f4:55:61:76:0c:b0:47:d6:
92:58:c5:08:20:9a:2d:ac:ee:ca:69:25:52:ea:85:
84:63:57:b1:a3:cc:f5:58:27:e4:b0:d1:f0:02:e3:
14:29:c3:a7:89:64:b0:22:2a:6e:bb:1f:f9:5d:70:
1a:4a:a5:cf:70:4c:f3:b2:27:96:64:c1:45:2d:55:
65:df:f0:15:83:52:53:36:68:89:97:0d:44:0a:be:
ee:1c:f7:1a:73:3e:f4:46:c3:1d:e1:a2:0d:43:42:
c5:bf:d2:9c:da:8b:60:2d:63:fe:17:eb:56:fd:6e:
87:b7:dc:be:14:0d:83:2d:44:2d:fc:58:7e:44:e2:
b5:c9:2d:66:b9:87:2d:a0:3f:6e:bf:38:6f:76:18:
b0:43:2f:03:38:9d:4e:4c:35:7e:3c:9c:43:59:25:
76:c1:e2:bd:eb:7e:b3:8e:58:30:9f:12:7e:11:73:
35:3c:9e:df:e3:bb:3f:87:f5:c1:07:f3:ee:c7:66:
d4:d4:9b:92:23:8b:e0:c3:ab:7e:a8:d6:42:a1:8d:
db:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C3:03:23:56:3F:B5:95:2F:43:12:72:FD:BD:0B:38:33:9B:3E:79
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EMMDI1Y_tZUvQxJy_b0LODObPnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:5d:3b:73:26:64:b0:cc:94:36:86:eb:a2:3a:29:64:55:0f:
fe:9f:73:58:34:ae:83:c6:cc:e3:81:ab:fa:1d:3f:ff:f5:55:
41:16:20:88:04:35:bf:fa:93:cd:72:b9:ef:7b:91:6c:60:6c:
e6:04:81:a0:64:a3:70:15:b0:55:fe:b1:1b:96:a6:e7:09:a1:
df:0c:fc:70:4a:7a:c6:98:29:dd:2c:ee:60:33:17:8a:bb:1f:
50:cf:49:56:b7:92:a1:d0:b3:da:50:46:0b:43:53:af:7c:92:
93:13:d2:a2:87:ba:ca:8b:25:ca:11:ad:b4:4c:30:58:0d:c3:
5d:1b:1b:10:39:2a:4f:ab:65:4d:99:ce:8c:97:fe:3f:e7:32:
30:5b:e2:a3:5c:52:cb:64:1e:f1:19:fa:ff:0c:27:ce:c9:0a:
67:bb:b2:56:90:bb:a4:61:90:38:23:f5:89:27:a2:f5:dd:aa:
d3:77:df:4b:79:e9:d5:7f:57:a3:b3:23:41:a2:cb:70:36:46:
a2:85:65:5b:c7:21:68:2d:b4:e6:fd:c7:01:4d:6b:00:90:2e:
8f:78:19:ea:55:d2:65:0a:e6:db:a3:d0:0f:36:73:ca:fd:d6:
40:45:ec:5c:f6:a0:49:51:2a:80:6e:8f:1d:b5:e8:f3:be:2e:
d4:b2:92:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtidGF+2aY8VW8/iF2ZDwdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MTYxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGMzMDMyMzU2M2ZiNTk1MmY0MzEyNzJmZGJkMGIzODMzOWIzZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinWsISxcvmRkty+NRmO7IUYs96NP
pTow/TVyTmiuiEhz2HyPjGmJLgXeW5tHHSgTiMp09FVhdgywR9aSWMUIIJotrO7K
aSVS6oWEY1exo8z1WCfksNHwAuMUKcOniWSwIipuux/5XXAaSqXPcEzzsieWZMFF
LVVl3/AVg1JTNmiJlw1ECr7uHPcacz70RsMd4aINQ0LFv9Kc2otgLWP+F+tW/W6H
t9y+FA2DLUQt/Fh+ROK1yS1muYctoD9uvzhvdhiwQy8DOJ1OTDV+PJxDWSV2weK9
636zjlgwnxJ+EXM1PJ7f47s/h/XBB/Pux2bU1JuSI4vgw6t+qNZCoY3bFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBDDAyNWP7WVL0MScv29Czgzmz55MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRU1NREkxWV90WlV2UXhKeV9iMExPRE9iUG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEpdO3MmZLDMlDaG66I6
KWRVD/6fc1g0roPGzOOBq/odP//1VUEWIIgENb/6k81yue97kWxgbOYEgaBko3AV
sFX+sRuWpucJod8M/HBKesaYKd0s7mAzF4q7H1DPSVa3kqHQs9pQRgtDU698kpMT
0qKHusqLJcoRrbRMMFgNw10bGxA5Kk+rZU2ZzoyX/j/nMjBb4qNcUstkHvEZ+v8M
J87JCme7slaQu6RhkDgj9YknovXdqtN330t56dV/V6OzI0Giy3A2RqKFZVvHIWgt
tOb9xwFNawCQLo94GepV0mUK5tuj0A82c8r91kBF7Fz2oElRKoBujx216PO+LtSy
kjw=
-----END CERTIFICATE-----
Generated at Sun May 11 16:07:26 2025 by rpki-client