Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fEIKaf1h-8iTSj-YSvHVDGjYKoM.roa
File: fEIKaf1h-8iTSj-YSvHVDGjYKoM.roa (raw, json)
Hash identifier: Vg6UhnBILJHTwJ9WyZMnzwOXRey8ACLzQItnRmA1KUI=
Subject key identifier: 7C:42:0A:69:FD:61:FB:C8:93:4A:3F:98:4A:F1:D5:0C:68:D8:2A:83
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFC52791164B6636F01C018A4167CC017
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fEIKaf1h-8iTSj-YSvHVDGjYKoM.roa
Signing time: Wed 04 Oct 2023 20:12:57 +0000
ROA not before: Wed 04 Oct 2023 20:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:52:79:11:64:b6:63:6f:01:c0:18:a4:16:7c:c0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 20:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c420a69fd61fbc8934a3f984af1d50c68d82a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:32:d2:c0:ed:b1:5f:91:98:b1:45:01:06:
84:ed:5c:bc:45:62:34:fc:c6:cf:f3:b9:3c:73:bc:
01:2c:89:8f:58:de:a4:04:20:ad:b8:df:76:c2:2c:
79:a9:c1:1a:2b:ff:3a:ce:45:d5:94:69:5a:cb:46:
0f:3a:ee:c5:6e:e5:5b:41:fc:80:d1:f4:10:97:7a:
5f:7d:9d:8f:c3:d8:e4:34:bd:a4:de:98:9f:f5:cf:
74:2d:c2:fb:88:5d:cc:dd:76:fc:14:c5:c9:98:6e:
28:3c:21:89:3a:72:de:e0:1c:0d:6f:8d:1f:ba:d9:
1d:ff:82:7f:6c:05:cc:ee:e8:67:0c:20:c6:e8:4b:
bd:44:ab:70:3d:19:df:2d:47:b6:0a:48:77:8e:5f:
a1:6a:1c:92:44:7a:92:80:c9:fb:8b:49:03:d4:87:
b6:19:05:7d:0f:7b:76:0b:36:d6:f2:c6:59:00:77:
a7:d0:7f:f9:e8:1c:d9:64:74:ed:f2:ea:fb:d3:e4:
77:1f:c9:ea:ba:6a:2a:40:40:0d:5e:99:c7:aa:36:
31:0a:ec:61:d8:f0:af:d9:b8:8e:cf:d4:c6:13:23:
81:3e:2e:87:6a:5b:5f:02:9d:14:d3:64:0c:bd:44:
a1:87:05:af:9f:d6:1c:59:b8:a5:99:65:24:c7:fe:
81:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:42:0A:69:FD:61:FB:C8:93:4A:3F:98:4A:F1:D5:0C:68:D8:2A:83
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fEIKaf1h-8iTSj-YSvHVDGjYKoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:ec:77:49:68:9d:c7:91:0f:02:75:a6:2b:80:d5:8f:2e:2a:
7f:80:88:0e:88:f1:71:88:c7:31:38:5f:37:bc:06:9b:4d:df:
43:74:4a:ae:dd:94:85:2c:bc:13:ef:94:44:33:4c:2c:e0:87:
47:8f:ea:16:4c:88:8b:ba:fb:15:f4:8a:1b:ae:4b:e5:57:46:
33:19:4b:94:53:f2:75:87:fd:e4:d7:b5:cd:4b:45:e0:b3:bc:
e0:ff:59:ba:23:0d:d7:5c:a1:ec:53:0e:01:50:0e:b2:11:dd:
6c:29:f2:46:48:bb:3d:a0:18:ab:74:9f:18:65:ca:87:a2:4c:
4d:c6:eb:db:cd:60:ec:43:9b:cb:8c:9a:24:20:ca:cf:d3:3f:
f0:c6:52:de:45:4e:ee:df:c9:e7:79:ac:3d:39:f9:06:d6:31:
d5:46:1d:62:34:b0:b1:0a:a8:af:58:5d:c7:a6:1f:47:a2:91:
d6:aa:c6:8f:c6:8c:54:28:9c:b7:00:8c:1c:e4:b4:09:65:26:
b9:ce:7e:e4:81:85:b5:9f:0c:df:79:26:a6:79:74:2d:94:e7:
37:da:9e:c6:95:fb:9f:ee:63:6c:6e:d6:2d:73:d0:9e:c3:d2:
0c:c1:a3:86:f3:d4:7a:6b:76:17:83:0c:b8:cc:68:9c:6c:a0:
e7:cf:5b:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr8UnkRZLZjbwHAGKQWfMAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MjAxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQyMGE2OWZkNjFmYmM4OTM0YTNmOTg0YWYxZDUwYzY4ZDgyYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLUy0sDtsV+RmLFFAQaE7Vy8RWI0
/MbP87k8c7wBLImPWN6kBCCtuN92wix5qcEaK/86zkXVlGlay0YPOu7FbuVbQfyA
0fQQl3pffZ2Pw9jkNL2k3pif9c90LcL7iF3M3Xb8FMXJmG4oPCGJOnLe4BwNb40f
utkd/4J/bAXM7uhnDCDG6Eu9RKtwPRnfLUe2Ckh3jl+hahySRHqSgMn7i0kD1Ie2
GQV9D3t2CzbW8sZZAHen0H/56BzZZHTt8ur70+R3H8nqumoqQEANXpnHqjYxCuxh
2PCv2biOz9TGEyOBPi6HaltfAp0U02QMvUShhwWvn9YcWbilmWUkx/6BeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHxCCmn9YfvIk0o/mErx1Qxo2CqDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZkVJS2FmMWgtOGlUU2otWVN2SFZER2pZS29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJvsd0lonceRDwJ1piuA
1Y8uKn+AiA6I8XGIxzE4Xze8BptN30N0Sq7dlIUsvBPvlEQzTCzgh0eP6hZMiIu6
+xX0ihuuS+VXRjMZS5RT8nWH/eTXtc1LReCzvOD/WbojDddcoexTDgFQDrIR3Wwp
8kZIuz2gGKt0nxhlyoeiTE3G69vNYOxDm8uMmiQgys/TP/DGUt5FTu7fyed5rD05
+QbWMdVGHWI0sLEKqK9YXcemH0eikdaqxo/GjFQonLcAjBzktAllJrnOfuSBhbWf
DN95JqZ5dC2U5zfansaV+5/uY2xu1i1z0J7D0gzBo4bz1HprdheDDLjMaJxsoOfP
W7I=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:13:44 2025 by rpki-client