Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/emHOTwq-3xfQ6vfLVrc4iueQU6o.roa
File: emHOTwq-3xfQ6vfLVrc4iueQU6o.roa (raw, json)
Hash identifier: TPDL5XrFRACPiRDSiyCuYa6AWHlxIo9JQqFhv4eaBPg=
Subject key identifier: 7A:61:CE:4F:0A:BE:DF:17:D0:EA:F7:CB:56:B7:38:8A:E7:90:53:AA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED615A6B81EA4D50C584C3A56D705E775
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/emHOTwq-3xfQ6vfLVrc4iueQU6o.roa
Signing time: Sat 13 Apr 2024 06:12:06 +0000
ROA not before: Sat 13 Apr 2024 06:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:15:a6:b8:1e:a4:d5:0c:58:4c:3a:56:d7:05:e7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 13 06:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a61ce4f0abedf17d0eaf7cb56b7388ae79053aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:54:8e:43:4b:57:13:f5:48:07:56:6b:44:ab:
3c:28:79:b0:60:c0:d2:57:e5:94:36:b6:8f:d7:05:
a1:02:a2:5f:e2:b2:f0:db:29:7e:07:17:d4:e3:be:
48:41:cd:db:05:84:ce:ee:7e:05:96:98:26:81:fb:
50:0e:b1:ea:6a:09:68:5f:f8:30:cf:db:2e:8f:9f:
70:26:c3:a0:cc:cb:2f:9e:4f:55:70:71:a0:90:ce:
f0:a5:f9:07:6d:46:80:6f:ff:2f:ac:fe:0d:d7:f5:
f1:b7:8f:ba:8b:36:ee:43:33:67:56:37:d3:33:b8:
15:c0:65:bd:e0:10:2c:92:81:1d:0c:92:83:21:db:
f0:75:d0:04:6e:ba:8e:98:20:53:9b:00:8b:71:6d:
81:75:1a:af:24:ee:c1:e6:ae:51:e7:fd:3c:8c:81:
48:31:fe:2f:05:9c:3c:88:ba:74:8c:39:f2:05:80:
56:b7:eb:25:90:14:f1:d5:50:bc:24:26:a2:39:34:
2c:76:f3:14:62:0c:14:4c:b5:19:c2:f5:6a:4a:49:
5f:e7:fa:d8:ef:c9:e7:74:af:68:d5:8f:e8:1f:15:
ed:94:56:98:4a:39:1e:70:50:01:da:79:4f:2d:fc:
66:68:ca:dc:e5:7e:e2:9c:57:5b:c1:9d:10:3e:7d:
50:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:61:CE:4F:0A:BE:DF:17:D0:EA:F7:CB:56:B7:38:8A:E7:90:53:AA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/emHOTwq-3xfQ6vfLVrc4iueQU6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:a9:3d:ae:45:d2:6c:d3:8d:5f:93:8e:f5:3e:fa:f0:8e:8d:
0e:17:1d:76:a6:e6:0a:37:52:0a:59:e8:13:ed:0f:3d:43:80:
43:3c:a5:4a:90:3d:68:42:64:46:f2:aa:22:86:3f:b3:92:42:
5f:50:af:52:c7:b4:99:21:e2:ec:c2:6b:d1:fc:93:3f:56:47:
49:e3:de:85:8e:ba:1d:2d:d8:69:31:1e:98:92:e5:17:ba:2f:
e4:0d:17:da:28:e4:b0:3a:5c:91:55:52:9c:5a:f8:3d:5e:16:
fb:04:dc:e5:7e:68:70:13:fd:44:bb:b9:0c:c7:c4:61:cd:b8:
3d:38:46:ae:05:c5:f0:77:2d:d9:8c:f2:a5:74:8b:04:4d:fd:
f5:2f:b1:11:01:55:2e:e8:5b:d3:05:d2:e0:c2:3b:a0:83:0e:
9f:6a:df:96:ac:93:bb:3a:c9:b6:e8:1c:17:5a:a3:e6:30:3c:
46:a8:05:de:00:16:39:f0:f2:fb:b7:08:fe:05:3e:8d:bf:3f:
16:27:ed:24:13:c3:f8:fb:f1:ab:1d:db:e8:81:a6:5f:03:2f:
29:61:d4:3e:5f:1a:8b:10:82:c5:d0:8e:55:ce:f3:b1:89:22:
33:29:86:61:1d:a4:ce:07:c2:b5:49:06:e0:c1:4e:bb:44:13:
48:8f:13:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7WFaa4HqTVDFhMOlbXBed1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEzMDYxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYxY2U0ZjBhYmVkZjE3ZDBlYWY3Y2I1NmI3Mzg4YWU3OTA1M2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1SOQ0tXE/VIB1ZrRKs8KHmwYMDS
V+WUNraP1wWhAqJf4rLw2yl+BxfU475IQc3bBYTO7n4FlpgmgftQDrHqagloX/gw
z9suj59wJsOgzMsvnk9VcHGgkM7wpfkHbUaAb/8vrP4N1/Xxt4+6izbuQzNnVjfT
M7gVwGW94BAskoEdDJKDIdvwddAEbrqOmCBTmwCLcW2BdRqvJO7B5q5R5/08jIFI
Mf4vBZw8iLp0jDnyBYBWt+slkBTx1VC8JCaiOTQsdvMUYgwUTLUZwvVqSklf5/rY
78nndK9o1Y/oHxXtlFaYSjkecFAB2nlPLfxmaMrc5X7inFdbwZ0QPn1QHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHphzk8Kvt8X0Or3y1a3OIrnkFOqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZW1IT1R3cS0zeGZRNnZmTFZyYzRpdWVRVTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEGpPa5F0mzTjV+TjvU+
+vCOjQ4XHXam5go3UgpZ6BPtDz1DgEM8pUqQPWhCZEbyqiKGP7OSQl9Qr1LHtJkh
4uzCa9H8kz9WR0nj3oWOuh0t2GkxHpiS5Re6L+QNF9oo5LA6XJFVUpxa+D1eFvsE
3OV+aHAT/US7uQzHxGHNuD04Rq4FxfB3LdmM8qV0iwRN/fUvsREBVS7oW9MF0uDC
O6CDDp9q35ask7s6ybboHBdao+YwPEaoBd4AFjnw8vu3CP4FPo2/PxYn7SQTw/j7
8asd2+iBpl8DLylh1D5fGosQgsXQjlXO87GJIjMphmEdpM4HwrVJBuDBTrtEE0iP
E9c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:39 2025 by rpki-client