Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/1--HuoRBJEwAF-Md2kINeTDvxTeA.roa
File: 1--HuoRBJEwAF-Md2kINeTDvxTeA.roa (raw, json)
Hash identifier: /uZDYZrBF3XEiv68zmbRQ/lXoXkOlXrEzoWipb2WqFM=
Subject key identifier: FB:E1:EE:A1:10:49:13:00:05:F8:C7:76:90:83:5E:4C:3B:F1:4D:E0
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF1C24B43A12DB811B925690E86B69916
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/1--HuoRBJEwAF-Md2kINeTDvxTeA.roa
Signing time: Thu 18 Apr 2024 15:10:25 +0000
ROA not before: Thu 18 Apr 2024 15:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f1:c2:4b:43:a1:2d:b8:11:b9:25:69:0e:86:b6:99:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 15:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe1eea11049130005f8c77690835e4c3bf14de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:07:64:5b:87:f0:bb:fd:e8:44:4c:63:b1:bd:
54:9d:a5:14:a8:cd:48:2b:50:3c:ff:a6:ed:24:8f:
bf:2f:56:7d:8d:e2:96:f9:64:12:34:02:33:c3:68:
ca:2d:e4:80:fe:50:62:81:d0:a2:52:39:66:30:d9:
17:52:bb:58:bd:f7:37:10:7c:1c:b3:6b:28:a7:28:
4c:39:ef:58:1a:36:c8:1e:26:fe:46:35:06:c1:40:
0a:48:8e:12:d9:8f:ee:34:4f:c3:a4:44:c0:a0:53:
26:d0:64:26:8a:1f:62:9b:53:cb:bd:de:a1:79:85:
73:29:a8:3c:04:9b:d3:0a:85:2d:5d:57:12:d9:fe:
01:6d:14:84:41:2d:e9:65:f0:73:b0:e6:74:14:36:
98:1e:a7:15:e5:1a:f1:3c:61:4b:44:b4:5a:de:18:
0f:6f:d8:6a:58:90:c2:27:79:7f:ca:13:0d:de:b4:
ac:85:18:d6:3f:b2:18:a5:19:0c:33:6a:c8:29:ac:
a4:a8:16:35:4c:82:f1:3b:85:a5:80:8f:22:c3:5d:
c1:21:af:46:e1:19:0d:26:59:4b:f4:64:df:e4:4a:
1d:e9:8f:9a:13:9e:48:3e:4e:d2:ae:ab:19:15:7a:
38:cf:c0:59:c3:cb:1a:09:39:c1:14:76:80:99:69:
6b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E1:EE:A1:10:49:13:00:05:F8:C7:76:90:83:5E:4C:3B:F1:4D:E0
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/1--HuoRBJEwAF-Md2kINeTDvxTeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:5f:84:62:2c:78:5f:2f:2a:38:54:87:40:81:fd:a1:bf:7c:
7e:27:db:e3:1f:52:95:14:99:90:be:0c:aa:7e:ea:92:ee:1c:
ef:3e:df:bd:c9:11:0e:5a:c1:ab:4b:2f:83:30:18:73:8a:4c:
4d:dc:dd:ee:c2:3d:07:06:9c:32:02:32:1b:14:db:b7:0d:a5:
70:53:4b:19:0d:2e:db:3c:35:28:93:2a:87:b8:b4:cd:7b:19:
6a:cc:2d:bd:a1:b9:8d:83:22:40:31:67:2c:c7:ca:97:d6:36:
cb:e2:13:f6:51:da:11:6f:8a:23:52:52:f3:bc:81:e6:3e:f4:
c9:4f:28:ef:11:a2:a0:9c:f0:9c:45:e1:06:8e:3d:cc:90:e2:
e1:0c:07:1b:56:28:61:f9:07:18:b4:66:7a:70:ca:29:64:39:
f8:c9:6e:07:a4:24:ec:00:88:c7:01:69:ae:40:4e:82:c9:54:
67:d3:ee:f2:ee:47:c8:bd:b4:21:8b:4d:d8:34:aa:1b:f8:b0:
10:1f:f7:34:f4:c8:fa:8b:c2:16:17:d7:ae:45:cd:b2:91:70:
67:4b:21:d3:89:df:84:15:3f:98:7e:b0:c5:bf:70:95:34:da:
45:18:d6:31:0a:fa:92:ab:44:c4:21:37:9b:85:0a:dd:a0:3e:
df:39:2e:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7xwktDoS24EbklaQ6GtpkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MTUxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmUxZWVhMTEwNDkxMzAwMDVmOGM3NzY5MDgzNWU0YzNiZjE0ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogdkW4fwu/3oRExjsb1UnaUUqM1I
K1A8/6btJI+/L1Z9jeKW+WQSNAIzw2jKLeSA/lBigdCiUjlmMNkXUrtYvfc3EHwc
s2sopyhMOe9YGjbIHib+RjUGwUAKSI4S2Y/uNE/DpETAoFMm0GQmih9im1PLvd6h
eYVzKag8BJvTCoUtXVcS2f4BbRSEQS3pZfBzsOZ0FDaYHqcV5RrxPGFLRLRa3hgP
b9hqWJDCJ3l/yhMN3rSshRjWP7IYpRkMM2rIKaykqBY1TILxO4WlgI8iw13BIa9G
4RkNJllL9GTf5Eod6Y+aE55IPk7SrqsZFXo4z8BZw8saCTnBFHaAmWlr2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPvh7qEQSRMABfjHdpCDXkw78U3gMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvMS0tSHVvUkJKRXdBRi1NZDJrSU5lVER2eFRlQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTcvNjdmMDQ5LTg3OWUtNGViNC1iMWMyLThjOGViZjU4ODlk
YS8xL1FMRXl3WDVaanhHMm9ROUM3enZPbGg0WTZPOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQAKX4RiLHhfLyo4VIdA
gf2hv3x+J9vjH1KVFJmQvgyqfuqS7hzvPt+9yREOWsGrSy+DMBhzikxN3N3uwj0H
BpwyAjIbFNu3DaVwU0sZDS7bPDUokyqHuLTNexlqzC29obmNgyJAMWcsx8qX1jbL
4hP2UdoRb4ojUlLzvIHmPvTJTyjvEaKgnPCcReEGjj3MkOLhDAcbVihh+QcYtGZ6
cMopZDn4yW4HpCTsAIjHAWmuQE6CyVRn0+7y7kfIvbQhi03YNKob+LAQH/c09Mj6
i8IWF9euRc2ykXBnSyHTid+EFT+YfrDFv3CVNNpFGNYxCvqSq0TEITebhQrdoD7f
OS7J
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:57:01 2025 by rpki-client