Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EKRI0zmy1hh2AGY9zyvrbQgBwMI.roa
File: EKRI0zmy1hh2AGY9zyvrbQgBwMI.roa (raw, json)
Hash identifier: TNIwHQXMN/qOFWW05R6hr9YLFwGcS0yGMZ/DMv/l/lw=
Subject key identifier: 10:A4:48:D3:39:B2:D6:18:76:00:66:3D:CF:2B:EB:6D:08:01:C0:C2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2A08B5D2D0BB4DCC2D719B15DEBBB85B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EKRI0zmy1hh2AGY9zyvrbQgBwMI.roa
Signing time: Fri 13 Oct 2023 17:14:55 +0000
ROA not before: Fri 13 Oct 2023 17:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2a:08:b5:d2:d0:bb:4d:cc:2d:71:9b:15:de:bb:b8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 17:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10a448d339b2d6187600663dcf2beb6d0801c0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:22:4f:3b:22:0f:56:d4:dc:8c:d4:67:e6:9a:
dc:fb:4a:a8:bb:ed:47:b6:8d:c6:53:50:76:fc:65:
e9:89:c4:cc:95:42:46:60:57:e3:93:8a:bf:85:69:
36:08:af:e0:a3:ae:96:a5:d4:97:90:a1:2b:d8:2b:
f4:6c:7e:87:8c:eb:7e:a1:34:f2:ab:fd:a3:82:e7:
e4:13:21:d5:87:54:6c:f4:3e:31:80:fe:70:e5:3e:
ec:35:bb:03:d8:c5:49:fa:02:99:52:39:57:ca:0c:
d9:d7:44:67:01:aa:fc:53:d5:e9:d9:c3:f6:d4:94:
41:16:e0:10:01:fc:5f:5a:89:2c:c7:b3:de:d1:d3:
ce:22:85:92:72:3d:32:1c:de:a0:9f:8a:68:db:a3:
c8:15:1e:41:fc:70:bd:41:be:ab:2d:9b:65:bb:31:
32:c3:a5:46:3d:1a:c6:12:44:f4:36:f2:a6:e1:9c:
6e:62:82:d6:8f:e9:ab:f0:17:8a:4d:8e:69:25:e9:
55:1d:14:9a:ad:96:f8:68:11:e1:9f:7f:5b:f5:70:
05:47:28:10:38:23:97:55:61:89:8f:97:73:8e:3c:
fa:37:ce:1e:63:a9:b1:1e:53:8b:9d:df:19:c7:95:
0e:82:8c:23:6b:c8:1a:82:de:b3:77:06:ba:7c:99:
23:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A4:48:D3:39:B2:D6:18:76:00:66:3D:CF:2B:EB:6D:08:01:C0:C2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EKRI0zmy1hh2AGY9zyvrbQgBwMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:eb:1c:4c:e5:c4:ae:30:e0:fa:3b:be:2d:59:ce:92:de:81:
ba:7f:6c:ce:d5:45:74:b1:e9:39:22:ad:86:95:c6:51:41:da:
14:49:a0:95:0e:ee:2c:e9:16:33:3a:57:17:e4:15:67:2f:bd:
64:e8:a8:f0:82:00:18:c1:ce:47:0f:a9:f0:fc:a6:a6:2f:e6:
55:a8:d5:c2:67:b6:fc:bf:b3:78:38:f3:ec:e8:ca:81:07:dd:
35:31:4b:ef:d4:eb:ac:36:c3:cc:7e:88:99:97:4d:c1:b0:1b:
44:e6:1b:bb:0a:bc:d4:11:9e:de:76:e9:a1:7f:87:95:0c:6a:
f6:7f:32:54:f3:84:e3:73:04:60:53:b7:38:c7:ab:3c:1d:91:
68:aa:51:37:00:d4:3b:f3:c9:31:04:d5:1a:d2:3f:e5:f0:91:
d9:14:d0:68:0f:b7:39:88:81:78:da:04:58:38:68:bf:17:f9:
5f:71:36:e0:75:a2:8c:9d:91:cc:03:f6:a9:16:60:44:d5:ce:
54:1f:3a:d9:a0:69:59:07:e3:ab:69:7e:1a:99:ff:b5:ef:dd:
ad:31:cd:11:a5:45:fd:3c:62:78:fb:d5:06:50:ce:44:a6:d0:
96:a2:af:bf:fc:00:28:02:6f:df:93:b6:30:f1:31:c8:79:f9:
64:2d:ca:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsqCLXS0LtNzC1xmxXeu7hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMTcxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGE0NDhkMzM5YjJkNjE4NzYwMDY2M2RjZjJiZWI2ZDA4MDFjMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSJPOyIPVtTcjNRn5prc+0qou+1H
to3GU1B2/GXpicTMlUJGYFfjk4q/hWk2CK/go66WpdSXkKEr2Cv0bH6HjOt+oTTy
q/2jgufkEyHVh1Rs9D4xgP5w5T7sNbsD2MVJ+gKZUjlXygzZ10RnAar8U9Xp2cP2
1JRBFuAQAfxfWoksx7Pe0dPOIoWScj0yHN6gn4po26PIFR5B/HC9Qb6rLZtluzEy
w6VGPRrGEkT0NvKm4ZxuYoLWj+mr8BeKTY5pJelVHRSarZb4aBHhn39b9XAFRygQ
OCOXVWGJj5dzjjz6N84eY6mxHlOLnd8Zx5UOgowja8gagt6zdwa6fJkjoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBCkSNM5stYYdgBmPc8r620IAcDCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRUtSSTB6bXkxaGgyQUdZOXp5dnJiUWdCd01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABDrHEzlxK4w4Po7vi1Z
zpLegbp/bM7VRXSx6TkirYaVxlFB2hRJoJUO7izpFjM6VxfkFWcvvWToqPCCABjB
zkcPqfD8pqYv5lWo1cJntvy/s3g48+zoyoEH3TUxS+/U66w2w8x+iJmXTcGwG0Tm
G7sKvNQRnt526aF/h5UMavZ/MlTzhONzBGBTtzjHqzwdkWiqUTcA1DvzyTEE1RrS
P+XwkdkU0GgPtzmIgXjaBFg4aL8X+V9xNuB1ooydkcwD9qkWYETVzlQfOtmgaVkH
46tpfhqZ/7Xv3a0xzRGlRf08Ynj71QZQzkSm0Jair7/8ACgCb9+TtjDxMch5+WQt
yo4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:52:20 2025 by rpki-client