Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eWYnMSNoR-L3mdK1Kd8GZtNemHs.roa
File: eWYnMSNoR-L3mdK1Kd8GZtNemHs.roa (raw, json)
Hash identifier: dsiO2JlYkXoEFM+us6+ZagcxwhBTuw/MOIA0w7KI3tM=
Subject key identifier: 79:66:27:31:23:68:47:E2:F7:99:D2:B5:29:DF:06:66:D3:5E:98:7B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7893D476DADC8D4F44DDDA67971707D5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eWYnMSNoR-L3mdK1Kd8GZtNemHs.roa
Signing time: Sat 28 Oct 2023 23:17:15 +0000
ROA not before: Sat 28 Oct 2023 23:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:78:93:d4:76:da:dc:8d:4f:44:dd:da:67:97:17:07:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 23:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79662731236847e2f799d2b529df0666d35e987b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c1:f0:f6:89:7d:c0:60:7b:77:c3:7a:09:7e:
c8:0e:23:bd:07:55:e6:25:66:4b:25:ff:6f:c2:db:
32:83:e5:ca:4b:41:da:b8:1e:d0:db:ab:87:3a:75:
72:7c:71:e9:9f:c7:fb:58:7c:b4:75:bb:cc:b3:d0:
39:68:cf:d2:db:2d:2b:b8:a5:e1:1a:df:8f:1b:2f:
fd:4e:0d:8b:ce:b0:a9:1e:d6:10:b5:94:ec:76:50:
f2:1b:73:ec:98:34:9b:ef:03:f4:15:5c:71:9e:0a:
39:bf:4e:fa:8e:f1:01:5b:ab:7c:f2:4c:2a:3c:1e:
dc:a9:00:cd:70:6c:1f:37:0a:f5:05:de:7d:ec:bd:
bc:40:5a:97:c3:60:ba:07:8e:75:a2:f6:e4:52:c2:
ef:59:2f:68:09:20:86:dd:d5:5d:e5:ce:e4:14:62:
6d:eb:b8:04:c5:4b:32:0c:95:c4:a2:05:d8:5a:02:
2f:f2:24:80:4c:54:aa:4d:1a:fa:16:bd:2b:46:d2:
9c:84:c6:6b:94:e6:d3:4f:33:6b:43:32:29:5d:45:
53:6a:ce:97:6f:8c:47:76:97:87:52:50:08:fa:f2:
ad:47:72:4b:76:45:2c:99:d2:c1:49:e8:0a:df:b3:
a7:26:5e:54:bf:c4:ff:bd:b1:47:08:2b:a1:f9:24:
b6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:66:27:31:23:68:47:E2:F7:99:D2:B5:29:DF:06:66:D3:5E:98:7B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eWYnMSNoR-L3mdK1Kd8GZtNemHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:25:23:ca:10:fd:07:8b:35:30:fa:9c:88:5d:fa:fc:94:c4:
6f:bc:2b:54:8d:ec:eb:38:f3:d6:97:69:9a:a1:36:19:3a:86:
37:03:24:df:87:86:21:fd:b7:7b:0d:bb:52:de:13:fb:86:ba:
a9:1f:d8:3f:ec:ce:50:a5:43:fc:4a:49:e4:a0:45:a6:29:bb:
b3:9c:7d:a2:eb:95:69:5b:bc:9a:37:a9:30:fa:95:7b:57:c2:
fe:1a:2d:55:63:17:7c:e0:34:8c:32:79:27:81:ec:20:6a:75:
df:f8:a9:20:62:92:d8:c2:cf:d5:b2:b2:29:d7:a6:d8:bd:e2:
81:d1:72:cb:4d:0e:79:39:3f:6a:63:9b:d5:ed:75:bb:19:59:
02:d9:06:01:91:7f:7f:0b:a3:e2:8f:42:bd:0e:39:de:47:d5:
5c:69:af:8d:b0:27:cd:6e:b0:91:9e:65:92:ad:ad:7d:c9:ae:
73:57:7e:b1:e6:8b:f2:85:7d:c9:59:c5:c7:0e:78:19:31:49:
71:e5:08:86:29:18:77:98:f3:48:15:ee:b5:5d:b3:7f:c4:3d:
de:75:af:e0:a8:bf:18:fe:8d:44:2f:6e:4a:9c:47:2f:f6:0e:
68:73:a9:07:57:1f:f3:51:0d:de:dd:bd:dc:d7:56:43:67:f1:
0b:49:c6:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt4k9R22tyNT0Td2meXFwfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MjMxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTY2MjczMTIzNjg0N2UyZjc5OWQyYjUyOWRmMDY2NmQzNWU5ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8Hw9ol9wGB7d8N6CX7IDiO9B1Xm
JWZLJf9vwtsyg+XKS0HauB7Q26uHOnVyfHHpn8f7WHy0dbvMs9A5aM/S2y0ruKXh
Gt+PGy/9Tg2LzrCpHtYQtZTsdlDyG3PsmDSb7wP0FVxxngo5v076jvEBW6t88kwq
PB7cqQDNcGwfNwr1Bd597L28QFqXw2C6B451ovbkUsLvWS9oCSCG3dVd5c7kFGJt
67gExUsyDJXEogXYWgIv8iSATFSqTRr6Fr0rRtKchMZrlObTTzNrQzIpXUVTas6X
b4xHdpeHUlAI+vKtR3JLdkUsmdLBSegK37OnJl5Uv8T/vbFHCCuh+SS20QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHlmJzEjaEfi95nStSnfBmbTXph7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZVdZbk1TTm9SLUwzbWRLMUtkOEdadE5lbUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKglI8oQ/QeLNTD6nIhd
+vyUxG+8K1SN7Os489aXaZqhNhk6hjcDJN+HhiH9t3sNu1LeE/uGuqkf2D/szlCl
Q/xKSeSgRaYpu7OcfaLrlWlbvJo3qTD6lXtXwv4aLVVjF3zgNIwyeSeB7CBqdd/4
qSBiktjCz9WysinXpti94oHRcstNDnk5P2pjm9XtdbsZWQLZBgGRf38Lo+KPQr0O
Od5H1Vxpr42wJ81usJGeZZKtrX3JrnNXfrHmi/KFfclZxccOeBkxSXHlCIYpGHeY
80gV7rVds3/EPd51r+Covxj+jUQvbkqcRy/2DmhzqQdXH/NRDd7dvdzXVkNn8QtJ
xgU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:04:49 2025 by rpki-client