Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ekzc8RvzQ59XH16ccuNB3pHrFzQ.roa
File: Ekzc8RvzQ59XH16ccuNB3pHrFzQ.roa (raw, json)
Hash identifier: FsPl5mVFkn6bvVNgCv89oZKb/slk8A0OVpcL/ibhxVk=
Subject key identifier: 12:4C:DC:F1:1B:F3:43:9F:57:1F:5E:9C:72:E3:41:DE:91:EB:17:34
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4DE0704EB6F2F6A423D26F6367115CC4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ekzc8RvzQ59XH16ccuNB3pHrFzQ.roa
Signing time: Fri 20 Oct 2023 16:17:16 +0000
ROA not before: Fri 20 Oct 2023 16:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:e0:70:4e:b6:f2:f6:a4:23:d2:6f:63:67:11:5c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 16:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=124cdcf11bf3439f571f5e9c72e341de91eb1734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b5:34:81:a6:bc:c6:fc:ca:ae:03:24:43:94:
1c:7c:ef:3b:c9:c4:c3:5e:4b:99:05:69:92:26:04:
bb:83:09:06:df:ee:31:a1:98:4f:af:a7:ef:1f:d0:
70:58:56:14:b4:19:6a:c2:06:f6:c0:a2:70:4d:f9:
53:9a:31:7e:91:b0:47:2b:11:6c:fd:79:2b:89:9b:
92:2c:7c:20:a1:ea:5c:62:97:f5:4f:09:0f:95:16:
e0:21:d0:ae:ea:a6:77:e5:bf:9f:d1:d5:25:38:22:
be:c9:ba:65:29:86:95:ca:87:4d:ff:bc:5f:c6:fc:
44:cf:1a:f6:2a:f2:c5:6a:fb:39:6a:9f:ae:ff:23:
0f:dd:56:fb:d1:67:68:22:f6:ef:24:d8:b8:34:9e:
0a:d8:80:b8:cc:64:6e:1d:fc:25:64:48:ed:a2:cc:
0c:af:33:bc:f5:96:f4:0d:66:ca:2e:5c:87:72:87:
3c:78:1c:62:9a:b1:e6:46:b1:21:cb:3f:aa:eb:0b:
9f:d5:9c:df:2e:37:f6:bf:c5:22:7e:59:4d:1f:c4:
83:e6:30:4f:b5:db:6b:18:36:0d:84:0f:32:c1:f4:
65:3c:f7:87:a3:59:ad:45:79:3c:0f:8e:ae:91:dc:
60:c2:59:65:e5:26:da:dc:94:a9:d3:3e:50:cc:8e:
34:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4C:DC:F1:1B:F3:43:9F:57:1F:5E:9C:72:E3:41:DE:91:EB:17:34
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ekzc8RvzQ59XH16ccuNB3pHrFzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:44:fc:6d:c2:23:3a:a8:3b:eb:24:cf:0a:21:e2:50:9a:95:
c9:02:9b:6d:99:a2:f5:41:b8:85:b2:da:e5:ff:e8:21:a6:a3:
6d:bd:93:4c:b6:23:8f:14:d9:2d:4a:9c:ff:c9:70:bd:14:71:
e0:2b:9a:d5:47:d6:0d:6c:17:66:93:fe:65:ec:7f:6a:4c:0d:
ac:dd:87:90:12:44:94:ef:da:d9:71:af:2c:7b:60:95:a2:88:
b1:15:00:3a:3d:14:00:e8:5c:ef:b9:f8:41:13:1e:a8:db:75:
78:05:96:b9:90:59:b9:db:58:16:f0:46:d5:63:92:76:ef:65:
e9:3e:9d:66:de:81:a1:8a:20:ca:7b:5b:e7:3a:e8:3f:1f:66:
44:ad:ef:09:51:07:e0:f1:a9:a5:e0:7a:b1:fa:c1:f5:15:8f:
2e:90:66:99:bc:92:e4:8a:48:1f:a6:07:ba:ef:de:5d:ff:48:
4b:0a:06:35:c4:13:96:ae:98:3d:4b:f3:a3:c8:f3:73:64:7c:
54:b5:d5:0e:56:31:68:8e:36:4f:5f:94:ad:41:ba:62:1c:42:
4a:97:a9:57:d0:f2:8f:9b:bc:dc:0a:7d:b5:e8:46:24:0a:c4:
6e:64:3f:51:79:06:a5:a4:57:d5:fd:bf:2b:38:7b:49:83:be:
4a:86:0f:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtN4HBOtvL2pCPSb2NnEVzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMTYxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjRjZGNmMTFiZjM0MzlmNTcxZjVlOWM3MmUzNDFkZTkxZWIxNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLU0gaa8xvzKrgMkQ5QcfO87ycTD
XkuZBWmSJgS7gwkG3+4xoZhPr6fvH9BwWFYUtBlqwgb2wKJwTflTmjF+kbBHKxFs
/XkriZuSLHwgoepcYpf1TwkPlRbgIdCu6qZ35b+f0dUlOCK+ybplKYaVyodN/7xf
xvxEzxr2KvLFavs5ap+u/yMP3Vb70WdoIvbvJNi4NJ4K2IC4zGRuHfwlZEjtoswM
rzO89Zb0DWbKLlyHcoc8eBximrHmRrEhyz+q6wuf1ZzfLjf2v8UifllNH8SD5jBP
tdtrGDYNhA8ywfRlPPeHo1mtRXk8D46ukdxgwlll5Sba3JSp0z5QzI40YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBJM3PEb80OfVx9enHLjQd6R6xc0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRWt6YzhSdnpRNTlYSDE2Y2N1TkIzcEhyRnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFhE/G3CIzqoO+skzwoh
4lCalckCm22ZovVBuIWy2uX/6CGmo229k0y2I48U2S1KnP/JcL0UceArmtVH1g1s
F2aT/mXsf2pMDazdh5ASRJTv2tlxryx7YJWiiLEVADo9FADoXO+5+EETHqjbdXgF
lrmQWbnbWBbwRtVjknbvZek+nWbegaGKIMp7W+c66D8fZkSt7wlRB+DxqaXgerH6
wfUVjy6QZpm8kuSKSB+mB7rv3l3/SEsKBjXEE5aumD1L86PI83NkfFS11Q5WMWiO
Nk9flK1BumIcQkqXqVfQ8o+bvNwKfbXoRiQKxG5kP1F5BqWkV9X9vys4e0mDvkqG
DzI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:29:50 2025 by rpki-client