Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EWxXK67vTOk-avLdB420QMIKYqk.roa
File: EWxXK67vTOk-avLdB420QMIKYqk.roa (raw, json)
Hash identifier: Cty3ssJqsS5sRB7Z/8sdbP9iLEXIvwpHmv2iOy86vlQ=
Subject key identifier: 11:6C:57:2B:AE:EF:4C:E9:3E:6A:F2:DD:07:8D:B4:40:C2:0A:62:A9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C15630A8F21209111A8B0750D8A8E92DE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EWxXK67vTOk-avLdB420QMIKYqk.roa
Signing time: Tue 28 Nov 2023 10:04:21 +0000
ROA not before: Tue 28 Nov 2023 10:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:1562:e19f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:63:0a:8f:21:20:91:11:a8:b0:75:0d:8a:8e:92:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 10:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=116c572baeef4ce93e6af2dd078db440c20a62a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2c:be:83:a3:2a:e3:28:a3:5d:3b:16:1a:c2:
05:b7:13:f6:ce:48:4f:56:9d:9c:88:14:e2:e7:64:
47:63:5d:9a:93:cf:6e:30:8e:a3:7d:e4:47:02:84:
d7:60:74:ba:67:61:68:c7:57:9e:71:d2:cf:54:a8:
1b:eb:0b:9e:4c:05:8d:66:f6:2c:51:c6:1c:78:35:
0b:b2:c0:6c:e9:1f:20:15:df:3c:f0:10:38:81:e1:
3f:3a:4f:a2:d8:97:2a:35:c6:85:de:a0:90:05:a7:
56:2c:f5:18:ac:e9:46:18:92:6a:64:52:5b:5c:80:
d7:c5:fe:bd:81:ae:b0:97:2d:d8:89:b1:3d:33:bf:
c8:95:57:c7:ca:d4:f9:6b:d5:eb:3a:55:1c:df:86:
80:8f:c9:da:04:c6:62:a6:85:b5:be:ec:03:48:55:
f5:4c:91:a3:52:02:53:df:41:9b:20:4e:a4:56:ac:
73:75:a2:7a:d7:29:ae:16:00:b2:c2:2e:eb:96:6c:
e2:9e:7e:b9:00:d4:da:30:cb:9b:04:b5:48:d3:1d:
18:5c:71:19:1a:de:20:8b:43:ca:da:15:4e:dd:d5:
b6:5c:d3:0f:e9:0c:24:bf:89:5c:80:e8:76:7b:96:
d6:92:4a:b6:e5:57:24:3a:93:e5:b8:d0:ee:85:21:
90:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6C:57:2B:AE:EF:4C:E9:3E:6A:F2:DD:07:8D:B4:40:C2:0A:62:A9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EWxXK67vTOk-avLdB420QMIKYqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:d0:ef:51:6d:20:bf:74:3c:0d:51:f1:a4:e3:6d:ce:ba:c1:
00:f8:ac:4c:28:d7:4e:3b:95:93:cf:bf:8e:67:ee:db:a2:20:
af:96:6f:98:dd:87:5b:b5:5b:cc:c2:8c:1f:49:fc:4d:86:e8:
2e:a7:19:cd:f8:ba:19:48:ac:e3:05:c2:c9:44:21:02:6c:74:
6a:a8:a8:69:d3:c5:55:d5:b8:ca:0e:65:f0:6b:5e:6c:6f:fe:
67:89:b3:c2:7d:65:e0:2a:6b:f0:83:78:74:02:0e:34:a6:d3:
9b:e2:da:60:5b:85:7a:22:52:a6:3e:7f:c1:7b:30:20:98:87:
7a:b7:73:82:c1:c2:90:cd:ca:b2:d6:13:e3:d9:67:5d:88:5c:
12:e1:5f:70:af:d3:6b:4d:ef:e2:04:da:b3:83:23:b4:d5:46:
ba:da:8c:24:71:dd:f8:c6:88:7e:2e:88:c8:20:7c:1e:8c:38:
38:e4:14:5f:b7:56:eb:b2:64:bf:83:9e:e0:7e:c4:7d:6e:b7:
d4:eb:6a:c7:11:9e:79:81:f4:9c:02:d4:7c:73:c4:4f:8d:4d:
0d:2b:98:d5:bc:9f:72:ca:7a:cc:1b:58:f5:a2:28:5a:44:70:
7c:a9:2f:7c:c0:75:4c:36:ca:b8:7e:9c:ff:66:ed:bd:ae:01:
c6:02:46:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwVYwqPISCREaiwdQ2KjpLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MTAwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTZjNTcyYmFlZWY0Y2U5M2U2YWYyZGQwNzhkYjQ0MGMyMGE2MmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cy+g6Mq4yijXTsWGsIFtxP2zkhP
Vp2ciBTi52RHY12ak89uMI6jfeRHAoTXYHS6Z2Fox1eecdLPVKgb6wueTAWNZvYs
UcYceDULssBs6R8gFd888BA4geE/Ok+i2JcqNcaF3qCQBadWLPUYrOlGGJJqZFJb
XIDXxf69ga6wly3YibE9M7/IlVfHytT5a9XrOlUc34aAj8naBMZipoW1vuwDSFX1
TJGjUgJT30GbIE6kVqxzdaJ61ymuFgCywi7rlmzinn65ANTaMMubBLVI0x0YXHEZ
Gt4gi0PK2hVO3dW2XNMP6Qwkv4lcgOh2e5bWkkq25VckOpPluNDuhSGQFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBFsVyuu70zpPmry3QeNtEDCCmKpMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRVd4WEs2N3ZUT2stYXZMZEI0MjBRTUlLWXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD/Q71FtIL90PA1R8aTj
bc66wQD4rEwo1047lZPPv45n7tuiIK+Wb5jdh1u1W8zCjB9J/E2G6C6nGc34uhlI
rOMFwslEIQJsdGqoqGnTxVXVuMoOZfBrXmxv/meJs8J9ZeAqa/CDeHQCDjSm05vi
2mBbhXoiUqY+f8F7MCCYh3q3c4LBwpDNyrLWE+PZZ12IXBLhX3Cv02tN7+IE2rOD
I7TVRrrajCRx3fjGiH4uiMggfB6MODjkFF+3VuuyZL+DnuB+xH1ut9TrascRnnmB
9JwC1HxzxE+NTQ0rmNW8n3LKeswbWPWiKFpEcHypL3zAdUw2yrh+nP9m7b2uAcYC
Rro=
-----END CERTIFICATE-----
Generated at Sun May 11 19:56:10 2025 by rpki-client