Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EWZYbmz6A3zKLuVUdCmD2z6af3c.roa
File: EWZYbmz6A3zKLuVUdCmD2z6af3c.roa (raw, json)
Hash identifier: My7Fx4Sxjk/Lfnf/dUE0/VQJwGbS/KbRm0mELGPhQvg=
Subject key identifier: 11:66:58:6E:6C:FA:03:7C:CA:2E:E5:54:74:29:83:DB:3E:9A:7F:77
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAFB37C182B1FFC86418BE5C75115C20E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EWZYbmz6A3zKLuVUdCmD2z6af3c.roa
Signing time: Wed 08 Nov 2023 16:10:57 +0000
ROA not before: Wed 08 Nov 2023 16:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:b3:7c:18:2b:1f:fc:86:41:8b:e5:c7:51:15:c2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 16:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1166586e6cfa037cca2ee554742983db3e9a7f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5e:8d:ac:f1:8b:c3:1d:ca:c7:76:5e:5f:f5:
aa:3c:9c:ab:5b:bf:bb:c7:0d:ba:87:7b:14:b9:84:
89:74:e8:6f:31:6c:5d:b2:fa:84:a1:2a:5e:46:1d:
65:cb:c7:77:de:7a:72:cc:1a:c3:8c:b1:19:38:1d:
8e:d2:8c:4c:08:05:9d:de:2c:45:44:7f:f1:e3:a9:
97:23:b4:3a:b5:2b:69:2e:51:8e:75:f8:0b:c1:60:
12:49:8f:1f:31:52:7a:fc:f8:04:05:4d:cb:a1:86:
0b:8b:6c:ee:0c:73:4f:1d:7a:e0:90:eb:0b:1f:ab:
75:7c:29:d4:2b:1d:1d:34:d2:2c:35:14:04:ae:36:
4b:fc:46:90:f1:54:38:6a:a6:d4:8f:76:ee:ef:0e:
ac:35:82:81:ed:25:52:58:d4:d5:30:fb:b4:72:ee:
42:68:06:82:de:aa:16:51:05:e0:56:59:d6:57:4e:
32:a1:3d:1b:6b:13:e9:d0:da:bf:a7:82:8a:4a:c2:
23:a4:2d:66:95:1b:ca:a2:43:ab:c2:2f:11:32:1f:
16:ad:7c:a5:9b:f0:f5:b1:90:da:8f:f1:d3:8d:d7:
45:f9:0d:66:49:f7:2e:aa:f8:7a:b4:47:c7:52:8b:
a8:98:ff:0f:56:a8:37:98:1e:80:19:92:6a:4e:e6:
d2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:66:58:6E:6C:FA:03:7C:CA:2E:E5:54:74:29:83:DB:3E:9A:7F:77
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EWZYbmz6A3zKLuVUdCmD2z6af3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:e0:e8:01:28:49:5e:7a:16:57:a2:79:2f:8c:a4:5c:41:7f:
7e:3d:12:48:f0:46:2c:d8:3a:12:56:83:4a:46:4a:ca:c2:63:
b3:83:ad:84:33:4b:2a:15:28:3d:ad:11:5d:e6:a9:f3:33:d2:
a7:90:cb:7f:09:4e:27:6c:95:14:65:0a:49:d7:96:74:9f:4f:
4c:ec:6c:ae:c4:dc:38:82:5b:80:64:91:98:a4:0a:32:5d:33:
30:8c:51:a8:eb:0d:42:f3:ed:da:06:75:29:0b:d9:93:5f:61:
85:5d:75:69:9c:da:f8:6a:44:b3:2b:08:f6:33:0a:41:5c:87:
1d:f5:91:6c:c0:b7:0a:db:d8:61:3f:ac:61:d6:47:96:1b:2e:
14:39:b3:52:ba:b2:f5:36:e9:6f:d3:2e:6e:95:34:0e:75:e1:
21:89:90:f6:1a:9a:8d:a0:4c:ae:f9:76:0d:11:8f:f0:fa:2d:
8a:02:02:f5:2a:04:2a:c2:0d:f7:f2:50:6b:f0:8d:94:2b:3e:
f6:44:b0:00:10:0d:44:f3:c7:1a:98:42:1b:df:05:8b:13:af:
96:bc:25:24:46:30:46:f0:7e:c0:8f:19:82:35:5b:b1:a0:dd:
1b:3b:74:9a:cb:a2:5f:15:fc:f5:1b:72:0a:c7:f9:f1:34:be:
f6:67:f4:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuvs3wYKx/8hkGL5cdRFcIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MTYxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY2NTg2ZTZjZmEwMzdjY2EyZWU1NTQ3NDI5ODNkYjNlOWE3Zjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn16NrPGLwx3Kx3ZeX/WqPJyrW7+7
xw26h3sUuYSJdOhvMWxdsvqEoSpeRh1ly8d33npyzBrDjLEZOB2O0oxMCAWd3ixF
RH/x46mXI7Q6tStpLlGOdfgLwWASSY8fMVJ6/PgEBU3LoYYLi2zuDHNPHXrgkOsL
H6t1fCnUKx0dNNIsNRQErjZL/EaQ8VQ4aqbUj3bu7w6sNYKB7SVSWNTVMPu0cu5C
aAaC3qoWUQXgVlnWV04yoT0baxPp0Nq/p4KKSsIjpC1mlRvKokOrwi8RMh8WrXyl
m/D1sZDaj/HTjddF+Q1mSfcuqvh6tEfHUouomP8PVqg3mB6AGZJqTubS1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBFmWG5s+gN8yi7lVHQpg9s+mn93MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRVdaWWJtejZBM3pLTHVWVWRDbUQyejZhZjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGLg6AEoSV56FleieS+M
pFxBf349EkjwRizYOhJWg0pGSsrCY7ODrYQzSyoVKD2tEV3mqfMz0qeQy38JTids
lRRlCknXlnSfT0zsbK7E3DiCW4BkkZikCjJdMzCMUajrDULz7doGdSkL2ZNfYYVd
dWmc2vhqRLMrCPYzCkFchx31kWzAtwrb2GE/rGHWR5YbLhQ5s1K6svU26W/TLm6V
NA514SGJkPYamo2gTK75dg0Rj/D6LYoCAvUqBCrCDffyUGvwjZQrPvZEsAAQDUTz
xxqYQhvfBYsTr5a8JSRGMEbwfsCPGYI1W7Gg3Rs7dJrLol8V/PUbcgrH+fE0vvZn
9Dk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:23:06 2025 by rpki-client