Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8EhtBTkY88UPBwlH7PJcRmNEbF0.roa
File: 8EhtBTkY88UPBwlH7PJcRmNEbF0.roa (raw, json)
Hash identifier: IoBjbzApPCzmIqkUyGkFHFiBeX2/+CEVRgXEMrxFNGI=
Subject key identifier: F0:48:6D:05:39:18:F3:C5:0F:07:09:47:EC:F2:5C:46:63:44:6C:5D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB05D77FA0ADC8F06357E41412BAD092F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8EhtBTkY88UPBwlH7PJcRmNEbF0.roa
Signing time: Wed 20 Sep 2023 02:13:50 +0000
ROA not before: Wed 20 Sep 2023 02:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b0:5d:77:fa:0a:dc:8f:06:35:7e:41:41:2b:ad:09:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 02:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0486d053918f3c50f070947ecf25c4663446c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:40:dc:81:e8:d4:92:24:80:ef:71:eb:ed:2e:
91:24:98:5c:b3:4e:93:41:77:72:8e:7f:10:ad:96:
4c:2f:07:12:53:46:37:fa:d0:9a:c0:21:1e:ed:0a:
c7:1c:e6:ec:21:ed:8a:55:89:b7:d6:d6:b9:f7:e2:
9f:b4:65:d0:8b:49:a0:d6:2d:95:38:c9:5e:60:a4:
07:c8:89:ee:66:6a:73:10:39:a6:ab:6d:82:d7:24:
76:d7:da:58:58:85:a3:c6:bd:17:17:05:cb:12:c1:
ec:fc:8e:a3:d2:41:e2:83:51:37:30:59:dd:76:da:
5e:50:38:2c:cb:6a:09:1f:98:8e:f0:2e:7b:e1:40:
89:af:5a:01:c6:56:96:8e:8c:64:0e:ed:0d:41:cc:
6d:92:fa:a6:79:c7:9f:10:46:cc:88:e8:84:b7:2d:
0f:40:77:af:6e:1d:50:30:b1:19:cd:5d:13:12:5b:
27:d9:72:06:4c:20:45:97:8a:f1:ae:e8:57:fd:e4:
09:18:ed:c5:37:b9:a4:ca:23:62:de:4f:24:e0:a3:
e4:19:12:e6:26:bf:ce:16:58:e8:08:ac:9b:c0:62:
2e:6c:02:a2:f3:37:6c:4e:9d:c3:ce:77:f5:48:14:
75:95:12:e0:00:91:d9:6c:86:30:b4:fe:42:6e:82:
1f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:48:6D:05:39:18:F3:C5:0F:07:09:47:EC:F2:5C:46:63:44:6C:5D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/8EhtBTkY88UPBwlH7PJcRmNEbF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:03:79:71:67:dd:48:ba:f8:fa:3c:e2:18:27:8d:d3:7b:f5:
de:05:2d:5a:ff:26:84:df:8b:52:39:01:a0:9a:8c:28:bb:86:
5a:96:7f:a5:12:93:ed:69:fd:27:f5:e2:f7:27:2a:6f:6d:04:
2e:d4:72:09:35:75:44:7b:31:25:f1:65:68:7b:c3:17:89:67:
c2:b5:70:4c:3b:16:9a:94:6d:89:31:6d:e8:e9:6c:a7:29:f2:
b5:b6:02:4e:eb:5a:43:89:6f:15:61:92:49:89:d0:14:c1:1a:
32:19:29:2b:2e:17:f7:d4:1a:9d:02:6e:4c:ef:db:61:ef:be:
e2:1e:2a:1d:19:1d:f0:fe:9c:65:fe:c0:dc:e7:1c:c0:f9:81:
e2:08:ec:f8:7d:c4:06:72:1f:4f:bb:38:71:3c:a0:84:f3:0a:
44:38:ec:2b:26:b1:75:4a:e3:84:96:ec:42:46:e6:71:53:eb:
e4:bb:fe:0f:3e:f8:0f:b2:9e:f0:82:29:a7:2c:2e:79:92:6a:
78:f8:c5:0f:b3:12:42:a1:5e:35:30:4c:98:cf:34:85:5b:ae:
fb:9d:80:73:c8:ef:32:b3:2c:56:d1:65:46:b6:42:99:eb:89:
9f:5b:94:36:ff:cc:4e:8a:9c:53:41:a5:72:8d:d7:74:dd:4b:
f1:fc:8c:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqwXXf6CtyPBjV+QUErrQkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMDIxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ4NmQwNTM5MThmM2M1MGYwNzA5NDdlY2YyNWM0NjYzNDQ2YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0DcgejUkiSA73Hr7S6RJJhcs06T
QXdyjn8QrZZMLwcSU0Y3+tCawCEe7QrHHObsIe2KVYm31ta59+KftGXQi0mg1i2V
OMleYKQHyInuZmpzEDmmq22C1yR219pYWIWjxr0XFwXLEsHs/I6j0kHig1E3MFnd
dtpeUDgsy2oJH5iO8C574UCJr1oBxlaWjoxkDu0NQcxtkvqmecefEEbMiOiEty0P
QHevbh1QMLEZzV0TElsn2XIGTCBFl4rxruhX/eQJGO3FN7mkyiNi3k8k4KPkGRLm
Jr/OFljoCKybwGIubAKi8zdsTp3Dznf1SBR1lRLgAJHZbIYwtP5CboIfCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPBIbQU5GPPFDwcJR+zyXEZjRGxdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOEVodEJUa1k4OFVQQndsSDdQSmNSbU5FYkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIUDeXFn3Ui6+Po84hgn
jdN79d4FLVr/JoTfi1I5AaCajCi7hlqWf6USk+1p/Sf14vcnKm9tBC7Ucgk1dUR7
MSXxZWh7wxeJZ8K1cEw7FpqUbYkxbejpbKcp8rW2Ak7rWkOJbxVhkkmJ0BTBGjIZ
KSsuF/fUGp0Cbkzv22HvvuIeKh0ZHfD+nGX+wNznHMD5geII7Ph9xAZyH0+7OHE8
oITzCkQ47CsmsXVK44SW7EJG5nFT6+S7/g8++A+ynvCCKacsLnmSanj4xQ+zEkKh
XjUwTJjPNIVbrvudgHPI7zKzLFbRZUa2QpnriZ9blDb/zE6KnFNBpXKN13TdS/H8
jLM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:58:56 2025 by rpki-client