Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/erUm8cnE1WuE4NuAls2wwsRsSnQ.roa
File: erUm8cnE1WuE4NuAls2wwsRsSnQ.roa (raw, json)
Hash identifier: vZYQYmvU00N2Y35p3pB0pJRAZ4Pxq4WM4/JhxsH7Of4=
Subject key identifier: 7A:B5:26:F1:C9:C4:D5:6B:84:E0:DB:80:96:CD:B0:C2:C4:6C:4A:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B43FDC592B386A7166EF161449E03E589
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/erUm8cnE1WuE4NuAls2wwsRsSnQ.roa
Signing time: Wed 18 Oct 2023 18:13:06 +0000
ROA not before: Wed 18 Oct 2023 18:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:fd:c5:92:b3:86:a7:16:6e:f1:61:44:9e:03:e5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 18:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ab526f1c9c4d56b84e0db8096cdb0c2c46c4a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:07:c6:1b:3e:98:d9:3d:83:e0:15:1e:f7:4b:
33:92:43:d1:8e:6c:4d:39:87:e3:b5:fa:9a:c7:57:
1a:3f:ba:ef:b7:f9:ea:19:4b:fb:4c:9f:07:6b:f6:
16:2b:90:5c:87:b3:60:a2:2a:c4:a1:87:6e:b6:1e:
93:66:22:70:6f:57:ea:c5:d4:6e:aa:9e:58:38:35:
c7:7a:cf:bb:e2:3e:ab:ad:10:07:7f:00:17:e2:c4:
0b:93:2b:85:6c:5b:ca:a7:e2:cf:da:eb:27:71:7a:
06:28:a0:99:30:b6:34:4a:2a:e4:43:8b:9e:8c:28:
1e:39:74:b5:fd:e6:85:b1:cb:94:cf:65:d9:b6:7a:
1d:7b:50:f3:a0:98:64:46:e0:a8:e2:5a:aa:92:85:
12:7f:03:e7:d8:4b:4b:56:dd:b7:a2:b0:ec:b2:83:
39:73:dc:af:89:5d:c1:c5:23:b7:8a:14:db:79:b5:
6d:53:dc:2d:d6:d5:d4:8d:c6:50:02:92:2a:51:3e:
64:d7:59:69:a5:e5:c4:58:69:46:e0:19:15:b3:56:
3c:66:40:b0:92:4f:db:18:ea:8e:6d:9e:be:6c:36:
69:3d:83:bb:90:c8:5c:99:7f:ee:56:38:fd:1c:4a:
89:e1:f1:64:ff:b4:4b:6d:21:2c:a5:a1:45:4c:02:
cb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B5:26:F1:C9:C4:D5:6B:84:E0:DB:80:96:CD:B0:C2:C4:6C:4A:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/erUm8cnE1WuE4NuAls2wwsRsSnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:42:56:da:cd:22:f5:04:9f:65:6a:f5:6c:da:81:5d:2f:68:
12:f9:09:e8:20:a1:f7:7a:91:7e:f3:fe:77:24:2a:6b:f3:fd:
b7:89:21:c5:52:8a:3e:43:58:5d:28:cd:c6:dd:83:15:f8:f7:
91:20:e6:5d:82:da:47:5e:8f:14:9b:09:14:ba:0a:bf:1c:ea:
31:b7:5f:ec:08:11:8b:51:e4:7e:d5:b5:05:cc:c9:2e:94:fb:
8f:b0:9b:a9:f3:cf:8c:0d:eb:49:06:77:c6:6f:1a:12:a4:04:
3a:f4:46:70:ae:14:5d:b5:9b:35:48:3f:6c:3c:11:bc:55:7f:
da:af:d1:8e:ef:10:48:a0:5f:31:e7:fc:29:6f:5a:55:27:a0:
4a:12:ad:f8:f3:27:8d:68:53:dd:38:80:ab:a2:d5:52:68:2a:
62:0e:e9:a5:1d:e1:45:57:74:2f:da:1b:37:d2:7d:92:c5:0b:
61:e6:8d:fe:8f:ab:00:4a:5e:b0:23:5e:71:bd:9e:c8:6e:8f:
a7:e4:85:b0:70:4c:3c:7d:df:40:51:f3:ba:b8:29:29:24:c5:
4f:ba:f2:26:66:96:9f:ef:e6:fe:6f:2c:42:a0:e5:8e:37:00:
11:0e:c9:5f:5c:16:aa:a9:86:4d:a4:08:f2:bc:e7:4f:9e:2c:
4c:d7:d4:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtD/cWSs4anFm7xYUSeA+WJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MTgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWI1MjZmMWM5YzRkNTZiODRlMGRiODA5NmNkYjBjMmM0NmM0YTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAfGGz6Y2T2D4BUe90szkkPRjmxN
OYfjtfqax1caP7rvt/nqGUv7TJ8Ha/YWK5Bch7NgoirEoYduth6TZiJwb1fqxdRu
qp5YODXHes+74j6rrRAHfwAX4sQLkyuFbFvKp+LP2usncXoGKKCZMLY0SirkQ4ue
jCgeOXS1/eaFscuUz2XZtnode1DzoJhkRuCo4lqqkoUSfwPn2EtLVt23orDssoM5
c9yviV3BxSO3ihTbebVtU9wt1tXUjcZQApIqUT5k11lppeXEWGlG4BkVs1Y8ZkCw
kk/bGOqObZ6+bDZpPYO7kMhcmX/uVjj9HEqJ4fFk/7RLbSEspaFFTALL0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHq1JvHJxNVrhODbgJbNsMLEbEp0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZXJVbThjbkUxV3VFNE51QWxzMnd3c1JzU25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAARCVtrNIvUEn2Vq9Wza
gV0vaBL5Ceggofd6kX7z/nckKmvz/beJIcVSij5DWF0ozcbdgxX495Eg5l2C2kde
jxSbCRS6Cr8c6jG3X+wIEYtR5H7VtQXMyS6U+4+wm6nzz4wN60kGd8ZvGhKkBDr0
RnCuFF21mzVIP2w8EbxVf9qv0Y7vEEigXzHn/ClvWlUnoEoSrfjzJ41oU904gKui
1VJoKmIO6aUd4UVXdC/aGzfSfZLFC2Hmjf6PqwBKXrAjXnG9nshuj6fkhbBwTDx9
30BR87q4KSkkxU+68iZmlp/v5v5vLEKg5Y43ABEOyV9cFqqphk2kCPK850+eLEzX
1Lw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:10:29 2025 by rpki-client