Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EO_Xved2rUUdUdC2BStXjFXABWw.roa
File: EO_Xved2rUUdUdC2BStXjFXABWw.roa (raw, json)
Hash identifier: aAPuOVkS7yDTV4Hu7d4+O3wu7o8cqOT4RcTgzeWfuh0=
Subject key identifier: 10:EF:D7:BD:E7:76:AD:45:1D:51:D0:B6:05:2B:57:8C:55:C0:05:6C
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA64983548E585FCED9443F61D4081948
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EO_Xved2rUUdUdC2BStXjFXABWw.roa
Signing time: Mon 18 Sep 2023 03:15:50 +0000
ROA not before: Mon 18 Sep 2023 03:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a6:49:83:54:8e:58:5f:ce:d9:44:3f:61:d4:08:19:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 18 03:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10efd7bde776ad451d51d0b6052b578c55c0056c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:32:e8:e2:fa:2c:1e:09:39:05:22:68:85:a5:
96:14:09:c2:db:08:87:bf:ab:65:78:53:13:b6:bc:
59:97:94:ed:1b:b5:36:41:88:e6:da:55:c1:7f:86:
34:54:4d:34:fc:c9:2d:a7:db:5e:57:dd:a6:db:a5:
c0:aa:29:4f:2b:a3:78:ae:14:c0:0a:5c:40:51:36:
d6:4c:f5:22:8d:19:73:79:a8:a7:73:90:f3:81:7c:
1a:6e:54:a9:08:60:9e:27:df:43:e7:4b:36:1b:1d:
06:51:5e:5d:88:e1:67:61:d6:87:01:40:45:10:c3:
bb:53:8f:2b:06:a3:02:18:f2:6b:df:96:bf:36:d3:
51:0f:52:d4:7f:7e:21:94:e8:9e:58:1a:d9:07:e7:
ba:a5:3e:30:a5:8c:c8:d7:19:56:e6:bb:5b:a6:12:
8f:1d:73:d7:88:3f:6e:de:09:2a:98:ea:a9:5a:18:
1b:b6:43:1c:f8:92:dc:aa:06:87:a8:05:97:67:da:
f5:e1:00:d6:f2:1a:16:dd:50:df:68:30:67:01:33:
52:6c:67:09:38:59:5d:bf:fa:b7:22:91:84:70:4c:
53:06:08:4d:84:c7:24:b5:19:b1:18:05:e1:b1:4e:
59:82:8e:76:0d:74:a5:f6:07:f2:cf:5d:47:8a:a9:
78:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EF:D7:BD:E7:76:AD:45:1D:51:D0:B6:05:2B:57:8C:55:C0:05:6C
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EO_Xved2rUUdUdC2BStXjFXABWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:d3:44:93:61:87:e8:d2:9c:27:86:ab:af:f9:46:9c:f2:01:
64:d2:2b:16:37:ad:6c:d6:01:ed:b0:2a:5e:97:07:14:95:06:
13:5f:4f:f8:83:71:b4:a9:99:8c:94:47:44:bb:f2:c2:55:fd:
3f:9e:c6:c5:4a:a4:24:5a:5f:39:02:00:90:9f:9d:f2:04:a4:
1b:8a:8c:d7:42:f0:8a:d9:db:d9:d5:fc:d5:cf:b8:64:89:06:
b6:a3:02:b1:36:a9:1a:a1:8e:c9:0c:31:30:ec:a1:d9:4a:ff:
81:b9:8c:2d:da:7a:0d:ca:dd:be:fc:86:68:09:9d:49:fc:3a:
cb:8c:0c:3c:56:4c:43:ce:79:c2:a4:ea:63:b1:2b:b5:82:0f:
2e:01:f5:8e:61:c4:e0:ba:4b:b4:b8:fd:9e:58:06:e0:a0:38:
38:ff:fa:46:bc:6f:60:0a:08:c9:ba:f4:c7:c3:48:2a:b6:58:
b2:ab:eb:be:52:86:b1:31:97:a0:61:25:db:c8:20:e9:d1:09:
35:f2:cd:c2:12:34:c0:1b:39:97:d1:0e:5b:c1:27:46:9e:c8:
e4:b6:0c:e5:d7:23:42:0d:22:f4:7d:4c:b0:ee:3f:49:fe:5d:
b9:8d:9f:75:bf:96:c8:3b:48:45:f0:00:65:f2:76:c0:a3:83:
1d:11:0a:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqmSYNUjlhfztlEP2HUCBlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE4MDMxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGVmZDdiZGU3NzZhZDQ1MWQ1MWQwYjYwNTJiNTc4YzU1YzAwNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzLo4vosHgk5BSJohaWWFAnC2wiH
v6tleFMTtrxZl5TtG7U2QYjm2lXBf4Y0VE00/Mktp9teV92m26XAqilPK6N4rhTA
ClxAUTbWTPUijRlzeainc5DzgXwablSpCGCeJ99D50s2Gx0GUV5diOFnYdaHAUBF
EMO7U48rBqMCGPJr35a/NtNRD1LUf34hlOieWBrZB+e6pT4wpYzI1xlW5rtbphKP
HXPXiD9u3gkqmOqpWhgbtkMc+JLcqgaHqAWXZ9r14QDW8hoW3VDfaDBnATNSbGcJ
OFldv/q3IpGEcExTBghNhMcktRmxGAXhsU5Zgo52DXSl9gfyz11Hiql4WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBDv173ndq1FHVHQtgUrV4xVwAVsMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRU9fWHZlZDJyVVVkVWRDMkJTdFhqRlhBQld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ3TRJNhh+jSnCeGq6/5
RpzyAWTSKxY3rWzWAe2wKl6XBxSVBhNfT/iDcbSpmYyUR0S78sJV/T+exsVKpCRa
XzkCAJCfnfIEpBuKjNdC8IrZ29nV/NXPuGSJBrajArE2qRqhjskMMTDsodlK/4G5
jC3aeg3K3b78hmgJnUn8OsuMDDxWTEPOecKk6mOxK7WCDy4B9Y5hxOC6S7S4/Z5Y
BuCgODj/+ka8b2AKCMm69MfDSCq2WLKr675ShrExl6BhJdvIIOnRCTXyzcISNMAb
OZfRDlvBJ0aeyOS2DOXXI0INIvR9TLDuP0n+XbmNn3W/lsg7SEXwAGXydsCjgx0R
Ct8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:04:49 2025 by rpki-client