Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eitvzUjL7VAWVopfOxDTBpOd-pQ.roa
File: eitvzUjL7VAWVopfOxDTBpOd-pQ.roa (raw, json)
Hash identifier: DscKro7DY+E5Rlg5EoDLNs0USmZT5J5T0CGtDEDer4I=
Subject key identifier: 7A:2B:6F:CD:48:CB:ED:50:16:56:8A:5F:3B:10:D3:06:93:9D:FA:94
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B02FAF7F7377FCAAB2DC961F579263BED
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eitvzUjL7VAWVopfOxDTBpOd-pQ.roa
Signing time: Fri 06 Oct 2023 03:14:43 +0000
ROA not before: Fri 06 Oct 2023 03:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:02:fa:f7:f7:37:7f:ca:ab:2d:c9:61:f5:79:26:3b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 03:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a2b6fcd48cbed5016568a5f3b10d306939dfa94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4f:62:86:de:e8:16:32:3b:fe:96:cb:f9:c2:
42:b6:f2:29:b9:f1:27:d6:1b:77:a4:4e:72:70:a7:
64:0d:ec:c5:9f:be:3a:70:bd:2a:e8:d7:e5:0b:b9:
16:96:4b:01:f3:52:9f:ca:aa:1b:f2:1d:91:42:fb:
a6:10:a4:c3:fe:30:c8:b6:23:6f:cf:48:1b:e2:10:
d1:6a:14:69:25:e0:26:ae:a7:5b:38:85:e5:58:f5:
bb:a0:86:b2:1c:bd:c8:03:57:dc:d0:31:23:f7:37:
5e:40:82:f0:34:43:ca:48:bc:3d:1e:ae:28:3f:74:
35:0a:1b:09:59:c3:99:71:66:9d:70:c4:b8:19:fe:
f5:19:2c:f3:44:e6:78:93:07:ce:e3:66:5f:ed:af:
fb:f3:21:2c:11:3a:61:1c:09:8c:ff:a8:de:e5:7d:
c4:ce:d4:59:9b:64:d5:a3:29:7c:47:8f:bd:a1:4c:
30:d4:46:e8:4f:53:5f:2d:90:7b:46:97:3b:fe:0e:
f5:30:2c:13:99:2d:13:0a:f9:9f:a3:fa:d1:06:17:
a5:ea:b2:64:7c:e9:cd:80:e9:02:7b:84:79:9f:26:
23:6a:f3:86:5f:35:af:29:99:a0:10:4f:cd:b3:9d:
ef:6b:8c:8b:ad:47:f8:cf:d6:c5:b4:83:0d:82:45:
90:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2B:6F:CD:48:CB:ED:50:16:56:8A:5F:3B:10:D3:06:93:9D:FA:94
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/eitvzUjL7VAWVopfOxDTBpOd-pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:b0:3b:30:9a:c9:68:32:6e:1a:e0:3d:16:32:07:20:db:ae:
23:36:bb:9d:40:fd:e9:40:60:6b:33:d2:72:83:12:39:e2:d2:
d8:71:ac:77:4a:b9:36:4b:00:66:67:d1:7f:df:d6:86:db:a7:
8f:d9:3e:75:67:97:cd:64:49:b7:42:39:42:08:3a:4d:27:cc:
60:df:a4:37:9b:ff:08:b5:ee:39:7d:94:2a:cb:d7:58:ab:b7:
c0:08:e6:62:04:95:db:5f:e0:c8:f2:e6:0a:ab:b2:e9:5f:f9:
d0:4a:d8:84:ca:cb:06:4b:21:b5:3b:e1:fd:0f:6e:8b:99:8e:
f8:9d:ca:f5:0e:8c:83:d2:2d:d1:1b:af:01:d2:36:51:33:fb:
1b:f8:24:02:c5:a5:19:de:98:a4:1e:e9:df:eb:b3:10:87:1e:
e3:18:be:fc:3d:5e:58:61:42:2a:30:ee:1f:74:a8:08:78:5a:
3d:22:e8:36:8a:c0:91:8c:f5:6f:33:2a:38:20:4b:dd:44:02:
f7:2c:85:6d:f2:e8:5b:ac:db:5f:f4:e3:36:e5:5a:c6:c0:8b:
ee:fc:cc:41:be:7f:c4:c2:1b:75:eb:bd:23:57:16:a8:03:10:
db:28:f5:c9:b1:d1:70:d5:1b:1d:23:cf:ee:30:9f:f9:0a:18:
45:1f:0f:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsC+vf3N3/Kqy3JYfV5JjvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTJiNmZjZDQ4Y2JlZDUwMTY1NjhhNWYzYjEwZDMwNjkzOWRmYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3k9iht7oFjI7/pbL+cJCtvIpufEn
1ht3pE5ycKdkDezFn746cL0q6NflC7kWlksB81Kfyqob8h2RQvumEKTD/jDItiNv
z0gb4hDRahRpJeAmrqdbOIXlWPW7oIayHL3IA1fc0DEj9zdeQILwNEPKSLw9Hq4o
P3Q1ChsJWcOZcWadcMS4Gf71GSzzROZ4kwfO42Zf7a/78yEsETphHAmM/6je5X3E
ztRZm2TVoyl8R4+9oUww1EboT1NfLZB7Rpc7/g71MCwTmS0TCvmfo/rRBhel6rJk
fOnNgOkCe4R5nyYjavOGXzWvKZmgEE/Ns53va4yLrUf4z9bFtIMNgkWQqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHorb81Iy+1QFlaKXzsQ0waTnfqUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZWl0dnpVakw3VkFXVm9wZk94RFRCcE9kLXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFewOzCayWgybhrgPRYy
ByDbriM2u51A/elAYGsz0nKDEjni0thxrHdKuTZLAGZn0X/f1obbp4/ZPnVnl81k
SbdCOUIIOk0nzGDfpDeb/wi17jl9lCrL11irt8AI5mIEldtf4Mjy5gqrsulf+dBK
2ITKywZLIbU74f0PbouZjvidyvUOjIPSLdEbrwHSNlEz+xv4JALFpRnemKQe6d/r
sxCHHuMYvvw9XlhhQiow7h90qAh4Wj0i6DaKwJGM9W8zKjggS91EAvcshW3y6Fus
21/04zblWsbAi+78zEG+f8TCG3XrvSNXFqgDENso9cmx0XDVGx0jz+4wn/kKGEUf
D6M=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:13:48 2025 by rpki-client