Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EFa838hMI_Egep1dtXLLcEm4bMw.roa
File: EFa838hMI_Egep1dtXLLcEm4bMw.roa (raw, json)
Hash identifier: Wdrr5WUxEk+A+/CyfaDmd5cNpduig2+51wMsU6BXsME=
Subject key identifier: 10:56:BC:DF:C8:4C:23:F1:20:7A:9D:5D:B5:72:CB:70:49:B8:6C:CC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B71732F6F2ED26CE1B78CEB35C95B93EA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EFa838hMI_Egep1dtXLLcEm4bMw.roa
Signing time: Fri 27 Oct 2023 14:04:15 +0000
ROA not before: Fri 27 Oct 2023 14:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:7173:1962/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:73:2f:6f:2e:d2:6c:e1:b7:8c:eb:35:c9:5b:93:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 14:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1056bcdfc84c23f1207a9d5db572cb7049b86ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1f:70:b8:b2:42:f3:68:40:aa:fe:fa:74:8f:
9c:9b:3e:78:43:f2:55:9f:d1:46:12:a1:82:a6:c7:
82:80:35:d5:10:eb:44:9a:eb:86:06:21:dd:e5:38:
7d:d7:c4:7d:5a:28:ca:f0:0a:c1:f2:02:57:f1:b6:
96:74:a7:c1:86:c9:bd:12:33:c3:3a:89:89:b2:b1:
9d:da:3d:9c:57:64:c5:f1:84:a0:36:61:c0:db:94:
81:8a:da:7d:c9:dd:4e:d6:29:fb:92:34:01:77:0e:
33:29:a7:c7:c1:42:2f:0a:9b:e5:e7:61:ac:ff:d4:
1d:bd:18:da:3a:e0:ed:e3:89:08:c2:ea:1c:36:c2:
89:51:8f:de:ea:a2:e4:4a:55:96:9d:f8:3e:db:2d:
c7:38:c7:ed:9b:15:b5:95:ad:91:26:9d:80:9f:ec:
bb:3f:54:98:5f:f9:f5:ed:07:c9:9d:61:be:19:c4:
17:3b:21:88:da:54:18:27:31:fd:cd:07:cc:b4:c9:
3d:6e:a8:13:c6:08:ec:1a:eb:18:2a:a3:0a:9e:ee:
5f:60:c0:e0:95:73:1c:f6:d9:58:28:a0:8a:be:55:
63:2c:ff:80:d4:cf:aa:cc:9b:36:60:82:cd:9a:ed:
d2:27:da:b3:0d:7e:a1:4e:13:e5:6e:d0:cf:c5:16:
5f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:56:BC:DF:C8:4C:23:F1:20:7A:9D:5D:B5:72:CB:70:49:B8:6C:CC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/EFa838hMI_Egep1dtXLLcEm4bMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:9c:52:c4:ff:67:8c:70:f2:cf:02:df:f5:12:1c:f5:69:4f:
8d:f3:7a:49:39:cf:40:da:18:22:15:c3:2b:8c:99:d9:82:20:
81:da:32:3b:bb:27:23:4c:98:17:3b:82:07:62:8a:38:c0:8d:
ba:fe:b4:de:be:c2:d1:30:ed:b2:65:94:29:14:3f:70:d7:59:
7d:ac:8f:2b:d6:04:2d:dd:ae:ee:51:68:7d:5d:c5:69:07:99:
be:d5:6e:76:d8:6b:18:64:c3:03:23:19:89:24:7f:c9:9a:ed:
d2:5d:24:c1:4c:98:ff:ce:4b:51:71:b1:62:ea:59:d5:e3:e7:
fc:e3:88:3d:53:08:0f:1c:47:80:65:03:26:84:0c:2c:ef:35:
5d:07:0b:95:68:c1:f4:02:17:3f:ac:59:c4:26:10:83:dd:09:
f3:98:32:ea:c8:32:bd:96:6f:8b:c4:70:97:6c:79:3b:f1:69:
f1:23:c3:a4:5d:19:1c:ed:42:35:26:37:1b:0c:76:68:48:f8:
50:05:26:a9:be:39:48:9c:11:c9:20:ca:7f:fc:40:40:14:52:
bd:6d:5d:a0:f1:85:cc:24:ab:97:5a:f1:bd:86:d8:77:1a:90:
91:68:8b:1f:28:05:24:be:94:61:d7:71:18:39:b4:08:1f:23:
d9:f0:9a:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtxcy9vLtJs4beM6zXJW5PqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MTQwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDU2YmNkZmM4NGMyM2YxMjA3YTlkNWRiNTcyY2I3MDQ5Yjg2Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx9wuLJC82hAqv76dI+cmz54Q/JV
n9FGEqGCpseCgDXVEOtEmuuGBiHd5Th918R9WijK8ArB8gJX8baWdKfBhsm9EjPD
OomJsrGd2j2cV2TF8YSgNmHA25SBitp9yd1O1in7kjQBdw4zKafHwUIvCpvl52Gs
/9QdvRjaOuDt44kIwuocNsKJUY/e6qLkSlWWnfg+2y3HOMftmxW1la2RJp2An+y7
P1SYX/n17QfJnWG+GcQXOyGI2lQYJzH9zQfMtMk9bqgTxgjsGusYKqMKnu5fYMDg
lXMc9tlYKKCKvlVjLP+A1M+qzJs2YILNmu3SJ9qzDX6hThPlbtDPxRZfhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBBWvN/ITCPxIHqdXbVyy3BJuGzMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRUZhODM4aE1JX0VnZXAxZHRYTExjRW00Yk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHScUsT/Z4xw8s8C3/US
HPVpT43zekk5z0DaGCIVwyuMmdmCIIHaMju7JyNMmBc7ggdiijjAjbr+tN6+wtEw
7bJllCkUP3DXWX2sjyvWBC3dru5RaH1dxWkHmb7VbnbYaxhkwwMjGYkkf8ma7dJd
JMFMmP/OS1FxsWLqWdXj5/zjiD1TCA8cR4BlAyaEDCzvNV0HC5VowfQCFz+sWcQm
EIPdCfOYMurIMr2Wb4vEcJdseTvxafEjw6RdGRztQjUmNxsMdmhI+FAFJqm+OUic
Eckgyn/8QEAUUr1tXaDxhcwkq5da8b2G2HcakJFoix8oBSS+lGHXcRg5tAgfI9nw
mqM=
-----END CERTIFICATE-----
Generated at Tue Jun 17 18:07:21 2025 by rpki-client