Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eU6EM9qrGJJifug5Ymk9fdKTmXE.roa
File: eU6EM9qrGJJifug5Ymk9fdKTmXE.roa (raw, json)
Hash identifier: mfKa7RE/NZ5wCuPCJIN7wD9ejmkJt1uZnVm8Rh3eSEE=
Subject key identifier: 79:4E:84:33:DA:AB:18:92:62:7E:E8:39:62:69:3D:7D:D2:93:99:71
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0660B80A631460215D851ECEBE197406
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eU6EM9qrGJJifug5Ymk9fdKTmXE.roa
Signing time: Fri 06 Oct 2023 19:04:43 +0000
ROA not before: Fri 06 Oct 2023 19:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:660:4fe5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:06:60:b8:0a:63:14:60:21:5d:85:1e:ce:be:19:74:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 19:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=794e8433daab1892627ee83962693d7dd2939971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:41:76:59:fd:07:82:8b:0a:51:42:b3:cb:54:
e4:5c:9c:85:3f:84:ef:28:47:09:b1:23:6e:83:fb:
34:2a:0a:68:9e:24:a5:5e:d7:24:e9:cc:f5:1e:f7:
31:40:d9:29:80:ea:cf:1d:f8:d1:7d:72:70:42:db:
a9:e6:1d:57:a8:2f:b4:ed:85:73:17:1e:ac:7f:b2:
81:d2:c3:48:0a:a7:92:36:58:c9:55:bd:65:40:d1:
ac:36:75:c8:57:65:ae:58:da:61:07:1e:66:cd:b4:
b6:df:f2:7c:43:cf:d1:61:37:67:e2:66:e2:12:99:
69:e1:3a:81:37:23:ec:a5:75:a6:ab:58:13:87:56:
92:fc:4f:e8:cb:6e:1a:53:90:d5:62:f2:4a:db:66:
8a:2f:17:0d:dd:81:75:34:37:31:1e:a7:c9:95:6a:
d6:2f:3a:01:c1:30:2e:ae:f0:22:17:ad:d2:f6:f5:
54:b3:c8:f9:f1:f2:62:08:90:78:0e:3e:f3:b0:13:
10:4b:e5:92:68:88:35:59:46:f3:f8:4e:51:50:1e:
a2:86:84:1e:e1:01:f4:07:e5:f5:87:db:3c:38:88:
b6:ce:c7:3d:f0:64:d5:7d:76:df:dd:a0:b5:ac:ba:
e5:5e:00:22:e2:12:f5:82:d3:4f:49:bd:1a:05:61:
2e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4E:84:33:DA:AB:18:92:62:7E:E8:39:62:69:3D:7D:D2:93:99:71
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eU6EM9qrGJJifug5Ymk9fdKTmXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:d1:07:5b:d2:17:9b:ee:42:0c:90:f9:f0:73:07:99:18:15:
5e:b1:37:86:7e:5e:aa:10:6b:af:66:f3:43:81:52:f5:0e:8c:
f6:e0:fd:5f:d9:f6:fc:7e:8e:ea:1c:6b:08:65:93:a4:a9:c7:
14:40:0d:c1:64:7f:5b:a8:c5:60:31:67:e1:5b:d3:d6:d0:2a:
7d:ed:3e:5d:62:5b:dd:e1:7f:fb:80:fc:dc:20:a7:cf:4e:57:
af:b8:13:36:98:cb:5c:fa:22:6c:16:6d:d8:fd:e9:4a:6a:9c:
79:24:93:82:60:dd:8b:22:21:b4:27:63:29:2a:d2:03:09:e3:
39:ac:07:fa:40:c9:a3:c5:4d:7b:00:4d:09:f2:39:0b:ba:21:
f6:0e:b2:8c:71:1e:d4:4f:f1:7e:3f:7a:cf:6b:cd:6c:97:36:
ae:a4:34:64:d9:9e:be:d2:08:a3:67:1d:f4:38:50:07:b5:22:
5c:a6:5a:2f:97:76:ca:93:23:67:79:2a:d8:b9:d0:eb:a2:00:
0a:6b:29:d0:08:ab:f7:f3:de:32:50:0b:2f:4a:af:68:3d:72:
d0:c9:aa:25:4e:2f:48:ba:ba:a8:67:8f:14:37:16:83:8a:a3:
38:ae:cc:00:2c:32:89:c7:23:9e:cc:c9:40:e3:17:54:fc:52:
d4:c4:47:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsGYLgKYxRgIV2FHs6+GXQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MTkwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTRlODQzM2RhYWIxODkyNjI3ZWU4Mzk2MjY5M2Q3ZGQyOTM5OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0F2Wf0HgosKUUKzy1TkXJyFP4Tv
KEcJsSNug/s0KgponiSlXtck6cz1HvcxQNkpgOrPHfjRfXJwQtup5h1XqC+07YVz
Fx6sf7KB0sNICqeSNljJVb1lQNGsNnXIV2WuWNphBx5mzbS23/J8Q8/RYTdn4mbi
Eplp4TqBNyPspXWmq1gTh1aS/E/oy24aU5DVYvJK22aKLxcN3YF1NDcxHqfJlWrW
LzoBwTAurvAiF63S9vVUs8j58fJiCJB4Dj7zsBMQS+WSaIg1WUbz+E5RUB6ihoQe
4QH0B+X1h9s8OIi2zsc98GTVfXbf3aC1rLrlXgAi4hL1gtNPSb0aBWEukQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHlOhDPaqxiSYn7oOWJpPX3Sk5lxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZVU2RU05cXJHSkppZnVnNVltazlmZEtUbVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAfRB1vSF5vuQgyQ+fBz
B5kYFV6xN4Z+XqoQa69m80OBUvUOjPbg/V/Z9vx+juocawhlk6SpxxRADcFkf1uo
xWAxZ+Fb09bQKn3tPl1iW93hf/uA/Nwgp89OV6+4EzaYy1z6ImwWbdj96UpqnHkk
k4Jg3YsiIbQnYykq0gMJ4zmsB/pAyaPFTXsATQnyOQu6IfYOsoxxHtRP8X4/es9r
zWyXNq6kNGTZnr7SCKNnHfQ4UAe1IlymWi+XdsqTI2d5Kti50OuiAAprKdAIq/fz
3jJQCy9Kr2g9ctDJqiVOL0i6uqhnjxQ3FoOKoziuzAAsMonHI57MyUDjF1T8UtTE
R/Q=
-----END CERTIFICATE-----
Generated at Mon May 12 16:21:47 2025 by rpki-client