Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4eb-IcG8Az7hPODLrRlRJ1lazSw.roa
File: 4eb-IcG8Az7hPODLrRlRJ1lazSw.roa (raw, json)
Hash identifier: RsODpyDrGkv4+KUOfYOKSnqNHlXXr3xKi0xJMS8UWc0=
Subject key identifier: E1:E6:FE:21:C1:BC:03:3E:E1:3C:E0:CB:AD:19:51:27:59:5A:CD:2C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6270C2ACB3B3A91B60B052B715522871
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4eb-IcG8Az7hPODLrRlRJ1lazSw.roa
Signing time: Wed 13 Dec 2023 09:10:06 +0000
ROA not before: Wed 13 Dec 2023 09:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:70:c2:ac:b3:b3:a9:1b:60:b0:52:b7:15:52:28:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 09:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1e6fe21c1bc033ee13ce0cbad195127595acd2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5e:40:d1:28:53:71:f9:a9:8e:35:a8:c0:49:
5c:ed:4f:db:2e:8f:0f:53:8a:34:b3:45:73:01:b5:
ac:ef:43:24:85:4c:8b:9e:36:e7:94:63:0b:e5:86:
be:07:ab:a0:11:f3:e6:dd:f7:ea:dd:85:1a:1f:cc:
a2:9e:a1:a7:a4:7e:f6:0c:13:d4:2a:23:2e:a5:5e:
d8:76:8c:c3:83:f8:c6:f0:4c:25:5c:c0:d5:12:b4:
e8:85:4e:fb:dc:f5:1b:13:16:8b:f5:44:69:2f:01:
08:f2:c3:e5:5f:91:3a:db:f7:04:52:da:cd:16:9e:
13:7e:a1:cb:91:df:f7:6c:85:91:a5:88:b8:96:58:
55:4d:72:6c:e6:90:dd:98:3e:11:46:ab:f1:81:4b:
fb:97:d1:f7:e6:03:65:df:75:76:e6:24:8a:c0:e1:
88:91:18:29:d5:da:59:66:79:c1:87:0c:cf:60:2c:
c4:91:c3:3a:75:54:2e:a4:04:78:3f:55:61:1c:bb:
3d:32:5a:84:52:81:d5:f3:18:5e:b2:8f:9f:b5:c7:
3e:0d:8b:35:9b:14:28:3e:bf:0c:7d:fa:bf:db:3b:
49:4c:37:50:1b:78:b5:cc:6d:4e:c2:f7:10:43:a6:
80:62:ec:d2:a0:be:a2:39:5b:2a:de:34:b3:d9:95:
d9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E6:FE:21:C1:BC:03:3E:E1:3C:E0:CB:AD:19:51:27:59:5A:CD:2C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4eb-IcG8Az7hPODLrRlRJ1lazSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:f8:c0:6c:6e:09:88:3d:ce:ae:71:6e:52:04:ff:c3:27:9e:
7e:31:ec:77:76:08:3f:54:66:33:2f:53:d9:01:68:65:3f:ad:
2e:0a:1c:41:6e:d5:77:8f:c4:83:72:af:1d:e2:ae:a6:e9:89:
bc:6f:05:d7:6c:25:1d:73:ea:57:cc:33:65:3d:4f:b4:93:c2:
7a:b7:9d:87:8d:7c:fb:eb:fb:2a:06:f8:94:2c:42:1c:7b:82:
57:94:5c:a3:6b:48:c1:18:b6:61:b4:2c:ff:45:51:7b:ce:90:
dd:22:65:02:39:9d:83:92:06:d1:29:15:48:b1:e6:df:57:5a:
0d:00:02:d5:12:5f:a9:f7:09:d6:9d:b5:d2:84:d3:54:c0:15:
ee:6f:80:db:f2:aa:e1:13:cd:dd:81:99:65:99:01:e8:71:da:
b5:c6:78:c8:1c:dd:f6:b0:09:66:b2:27:44:b0:bf:3a:d9:7a:
c9:cf:71:d2:c3:68:60:a8:5c:84:84:d0:78:87:40:73:12:a6:
9c:7f:c8:43:e7:c2:9a:ba:ac:08:8c:c3:66:e8:65:a1:42:cd:
b4:b6:67:42:39:58:f6:5c:72:b1:d9:5f:b5:f9:0d:3b:5e:be:
74:4b:11:fa:2f:65:65:0d:7b:1a:3c:01:da:99:c6:75:8d:eb:
11:4e:81:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxicMKss7OpG2CwUrcVUihxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMDkxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU2ZmUyMWMxYmMwMzNlZTEzY2UwY2JhZDE5NTEyNzU5NWFjZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV5A0ShTcfmpjjWowElc7U/bLo8P
U4o0s0VzAbWs70MkhUyLnjbnlGML5Ya+B6ugEfPm3ffq3YUaH8yinqGnpH72DBPU
KiMupV7YdozDg/jG8EwlXMDVErTohU773PUbExaL9URpLwEI8sPlX5E62/cEUtrN
Fp4TfqHLkd/3bIWRpYi4llhVTXJs5pDdmD4RRqvxgUv7l9H35gNl33V25iSKwOGI
kRgp1dpZZnnBhwzPYCzEkcM6dVQupAR4P1VhHLs9MlqEUoHV8xheso+ftcc+DYs1
mxQoPr8Mffq/2ztJTDdQG3i1zG1OwvcQQ6aAYuzSoL6iOVsq3jSz2ZXZ8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOHm/iHBvAM+4Tzgy60ZUSdZWs0sMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNGViLUljRzhBejdoUE9ETHJSbFJKMWxhelN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEv4wGxuCYg9zq5xblIE
/8Mnnn4x7Hd2CD9UZjMvU9kBaGU/rS4KHEFu1XePxINyrx3irqbpibxvBddsJR1z
6lfMM2U9T7STwnq3nYeNfPvr+yoG+JQsQhx7gleUXKNrSMEYtmG0LP9FUXvOkN0i
ZQI5nYOSBtEpFUix5t9XWg0AAtUSX6n3CdadtdKE01TAFe5vgNvyquETzd2BmWWZ
Aehx2rXGeMgc3fawCWayJ0SwvzrZesnPcdLDaGCoXISE0HiHQHMSppx/yEPnwpq6
rAiMw2boZaFCzbS2Z0I5WPZccrHZX7X5DTtevnRLEfovZWUNexo8AdqZxnWN6xFO
gfE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:27:03 2025 by rpki-client