Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eMVxYRhnt28DD_Eh0vKSc-vGAg0.roa
File: eMVxYRhnt28DD_Eh0vKSc-vGAg0.roa (raw, json)
Hash identifier: c9kzA/GMUESzV0M1yRDWRb9B5U9Uhbre8Wzgu/Af19E=
Subject key identifier: 78:C5:71:61:18:67:B7:6F:03:0F:F1:21:D2:F2:92:73:EB:C6:02:0D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC943146FB2A5CE428E0A1660D1BC66CC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eMVxYRhnt28DD_Eh0vKSc-vGAg0.roa
Signing time: Sun 24 Sep 2023 22:15:31 +0000
ROA not before: Sun 24 Sep 2023 22:15:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c9:43:14:6f:b2:a5:ce:42:8e:0a:16:60:d1:bc:66:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 22:15:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78c571611867b76f030ff121d2f29273ebc6020d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:0f:5d:62:1a:15:3b:9f:5e:9f:7c:26:b6:
cf:4f:21:97:de:0b:2a:1b:e6:cf:3a:85:db:47:b8:
b3:af:7c:e2:f2:d3:83:8b:07:a4:a7:28:2f:fd:5d:
e4:5d:c6:2d:4b:66:c9:45:92:9c:ce:b3:55:ca:ad:
2f:dd:3b:44:3b:1c:6e:0c:de:ea:94:b0:ed:69:a0:
23:90:d2:e4:a7:6d:2b:e7:25:6a:79:da:5f:63:6f:
77:8b:85:03:97:a8:f0:87:60:a5:2c:4c:20:9d:71:
60:81:5f:6f:82:73:a2:03:f6:82:e5:61:55:bc:f2:
18:e2:60:99:e2:65:fb:4f:9d:3f:49:f7:d1:26:5a:
9d:e8:a1:f1:df:67:b5:7f:4d:24:69:55:5a:2b:1f:
3b:81:db:af:9d:6e:e2:d7:f2:9b:36:58:18:c6:60:
3f:d4:3f:de:35:f1:9b:37:03:ae:5a:54:32:a2:65:
28:26:10:17:e2:01:19:5a:bc:42:e9:8c:32:96:78:
c8:8b:7f:2a:99:4d:a5:ff:e8:ca:3f:58:5c:96:60:
77:ef:ce:b5:e2:d9:2d:48:10:de:14:56:47:95:82:
d3:c3:71:5d:90:8e:90:ad:af:88:87:c0:d1:b3:9d:
3d:ff:3e:49:d2:17:6a:58:b2:b3:4c:b9:56:b3:d4:
32:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C5:71:61:18:67:B7:6F:03:0F:F1:21:D2:F2:92:73:EB:C6:02:0D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eMVxYRhnt28DD_Eh0vKSc-vGAg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:a7:34:a0:ea:81:71:da:e2:11:f3:63:8f:01:a5:bc:08:a3:
47:ff:54:0e:81:06:e7:31:f8:eb:6a:86:ab:44:d0:cb:b5:59:
7b:ce:2e:96:82:45:57:2e:de:df:44:f2:27:71:60:76:9a:f9:
3b:27:b0:8b:d8:05:06:90:41:66:80:97:d7:ba:58:91:ae:94:
03:2d:fa:b6:ed:ff:ef:75:a8:8b:07:1e:8c:0e:03:d9:b1:1b:
a7:60:3e:21:38:77:7d:55:10:5d:b3:01:4c:31:04:57:69:19:
72:7f:e8:3e:e8:fa:90:10:2d:c8:ab:4b:74:95:03:00:0a:4b:
e2:8c:de:33:1b:b3:f4:14:28:f5:69:5c:55:31:3b:20:b8:ff:
f9:21:9c:01:8f:b6:24:67:9b:4b:bb:a1:c9:52:b7:16:54:51:
29:8c:94:d8:cf:2b:67:ca:c8:95:2a:6d:a6:8a:c1:45:08:24:
c2:84:24:d1:37:6d:54:e5:a4:52:01:8d:f3:64:74:70:0d:b0:
dd:b8:3a:ed:17:bc:64:60:9b:4a:a0:c9:52:52:35:ae:64:e1:
7c:cf:03:70:6c:d4:50:ab:dc:4a:00:ac:65:8c:e7:8e:3c:5c:
5b:38:bc:e1:b2:07:87:7d:28:f8:b7:9a:ad:1a:68:aa:61:b2:
4d:7b:1d:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrJQxRvsqXOQo4KFmDRvGbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MjIxNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGM1NzE2MTE4NjdiNzZmMDMwZmYxMjFkMmYyOTI3M2ViYzYwMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmAPXWIaFTufXp98JrbPTyGX3gsq
G+bPOoXbR7izr3zi8tODiwekpygv/V3kXcYtS2bJRZKczrNVyq0v3TtEOxxuDN7q
lLDtaaAjkNLkp20r5yVqedpfY293i4UDl6jwh2ClLEwgnXFggV9vgnOiA/aC5WFV
vPIY4mCZ4mX7T50/SffRJlqd6KHx32e1f00kaVVaKx87gduvnW7i1/KbNlgYxmA/
1D/eNfGbNwOuWlQyomUoJhAX4gEZWrxC6YwylnjIi38qmU2l/+jKP1hclmB37861
4tktSBDeFFZHlYLTw3FdkI6Qra+Ih8DRs509/z5J0hdqWLKzTLlWs9QygwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHjFcWEYZ7dvAw/xIdLyknPrxgINMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZU1WeFlSaG50MjhERF9FaDB2S1NjLXZHQWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIanNKDqgXHa4hHzY48B
pbwIo0f/VA6BBucx+OtqhqtE0Mu1WXvOLpaCRVcu3t9E8idxYHaa+TsnsIvYBQaQ
QWaAl9e6WJGulAMt+rbt/+91qIsHHowOA9mxG6dgPiE4d31VEF2zAUwxBFdpGXJ/
6D7o+pAQLcirS3SVAwAKS+KM3jMbs/QUKPVpXFUxOyC4//khnAGPtiRnm0u7oclS
txZUUSmMlNjPK2fKyJUqbaaKwUUIJMKEJNE3bVTlpFIBjfNkdHANsN24Ou0XvGRg
m0qgyVJSNa5k4XzPA3Bs1FCr3EoArGWM5448XFs4vOGyB4d9KPi3mq0aaKphsk17
HaI=
-----END CERTIFICATE-----
Generated at Sat May 10 12:49:48 2025 by rpki-client