Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/12IyZy6KxP4eb0rs4PeET0RtmCY.roa
File: 12IyZy6KxP4eb0rs4PeET0RtmCY.roa (raw, json)
Hash identifier: fp0cGYrAE/regJmvkHTxGtqFMK5RikFjWd/zwQTSKaY=
Subject key identifier: D7:62:32:67:2E:8A:C4:FE:1E:6F:4A:EC:E0:F7:84:4F:44:6D:98:26
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EE8FAAC26657602FE010ED4E56767A100
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/12IyZy6KxP4eb0rs4PeET0RtmCY.roa
Signing time: Tue 16 Apr 2024 22:15:25 +0000
ROA not before: Tue 16 Apr 2024 22:15:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e8:fa:ac:26:65:76:02:fe:01:0e:d4:e5:67:67:a1:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 16 22:15:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d76232672e8ac4fe1e6f4aece0f7844f446d9826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2a:56:d6:e7:42:e5:f3:19:2e:f5:d4:6d:c1:
dc:53:e9:f5:69:96:d1:71:23:3f:17:4c:ba:1d:3b:
59:56:bd:a3:60:39:8a:0e:19:f1:ac:f1:9e:0e:b5:
4a:c7:dd:a6:ab:7d:31:71:b3:85:5c:e8:81:5d:b8:
8d:2c:7f:96:b2:1d:ed:0c:31:00:62:91:e7:ec:c3:
3b:1b:4f:61:4c:59:96:10:cc:6f:fb:78:e2:78:a9:
e6:db:2e:97:1b:44:79:b0:d1:43:ab:6c:0e:cf:4b:
47:85:be:a1:0c:f8:14:5b:79:79:27:c3:28:36:73:
dc:16:60:20:13:0f:94:d3:00:63:86:7a:32:a7:72:
27:9b:df:2e:bc:53:13:d8:86:94:22:78:5b:41:57:
62:d0:2b:0d:6e:fe:99:62:2e:1f:2c:18:e4:ba:d2:
01:0f:49:c8:76:27:89:7d:48:c4:47:87:72:83:97:
9a:5c:97:43:fc:e1:2a:37:e5:cd:f4:8b:a2:d0:ab:
aa:35:da:8a:78:8a:ac:c6:1e:c4:93:3e:5f:9f:b3:
be:21:ad:78:b9:56:49:c9:d8:b6:96:62:1d:b8:76:
10:97:0f:a3:20:34:33:89:04:84:97:d8:a3:57:7c:
57:7d:be:e7:d8:c9:6c:f4:e3:f5:62:a1:86:0a:11:
4d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:62:32:67:2E:8A:C4:FE:1E:6F:4A:EC:E0:F7:84:4F:44:6D:98:26
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/12IyZy6KxP4eb0rs4PeET0RtmCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:1a:1c:77:86:33:66:7d:41:e8:cd:6a:6f:ae:14:23:2d:09:
17:cd:17:60:58:5b:26:32:10:9b:53:e5:4c:42:3d:39:da:d5:
8a:f5:45:95:a5:48:7c:4d:20:30:6b:44:08:30:3c:0b:c6:04:
47:d1:e3:8e:16:8e:64:74:55:6f:f8:95:5e:bc:e4:21:40:24:
50:9a:21:7e:96:a3:c8:85:c5:1c:c9:28:7d:17:0c:06:29:6f:
ec:22:c3:f0:fc:7b:41:80:3c:38:5d:e5:53:5a:53:78:c1:2a:
d3:ec:38:7d:ee:0c:e3:6e:36:e7:c3:85:44:31:39:60:7b:6a:
82:cc:00:cf:59:9b:c7:ee:d8:ff:e7:6b:63:f2:21:4a:07:e0:
a8:be:d7:d3:5d:ce:44:a2:40:a6:a6:8e:db:ec:ea:bc:5c:d6:
e3:ab:c8:f6:62:23:8e:ed:c1:7d:1f:8a:10:a4:42:c5:d5:cc:
67:55:af:ab:c8:fc:35:a2:28:47:d1:52:3a:6d:53:d2:fd:80:
0e:f6:27:4f:73:99:8c:95:a0:10:b4:47:1c:ce:30:f8:44:69:
f0:17:69:6c:68:43:c3:44:58:0e:b2:f2:d3:cf:93:75:47:a5:
2c:14:ff:9a:32:9e:3b:cf:2c:a0:a0:06:cd:57:7b:3b:1f:ab:
fd:ed:73:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7o+qwmZXYC/gEO1OVnZ6EAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE2MjIxNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzYyMzI2NzJlOGFjNGZlMWU2ZjRhZWNlMGY3ODQ0ZjQ0NmQ5ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCpW1udC5fMZLvXUbcHcU+n1aZbR
cSM/F0y6HTtZVr2jYDmKDhnxrPGeDrVKx92mq30xcbOFXOiBXbiNLH+Wsh3tDDEA
YpHn7MM7G09hTFmWEMxv+3jieKnm2y6XG0R5sNFDq2wOz0tHhb6hDPgUW3l5J8Mo
NnPcFmAgEw+U0wBjhnoyp3Inm98uvFMT2IaUInhbQVdi0CsNbv6ZYi4fLBjkutIB
D0nIdieJfUjER4dyg5eaXJdD/OEqN+XN9Iui0KuqNdqKeIqsxh7Ekz5fn7O+Ia14
uVZJydi2lmIduHYQlw+jIDQziQSEl9ijV3xXfb7n2Mls9OP1YqGGChFNtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNdiMmcuisT+Hm9K7OD3hE9EbZgmMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvMTJJeVp5Nkt4UDRlYjByczRQZUVUMFJ0bUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADEaHHeGM2Z9QejNam+u
FCMtCRfNF2BYWyYyEJtT5UxCPTna1Yr1RZWlSHxNIDBrRAgwPAvGBEfR444WjmR0
VW/4lV685CFAJFCaIX6Wo8iFxRzJKH0XDAYpb+wiw/D8e0GAPDhd5VNaU3jBKtPs
OH3uDONuNufDhUQxOWB7aoLMAM9Zm8fu2P/na2PyIUoH4Ki+19NdzkSiQKamjtvs
6rxc1uOryPZiI47twX0fihCkQsXVzGdVr6vI/DWiKEfRUjptU9L9gA72J09zmYyV
oBC0RxzOMPhEafAXaWxoQ8NEWA6y8tPPk3VHpSwU/5oynjvPLKCgBs1Xezsfq/3t
c48=
-----END CERTIFICATE-----
Generated at Tue May 13 19:31:25 2025 by rpki-client