Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/I3mLt8mzCfnNQEoP5rWUbNDsJes.roa
File: I3mLt8mzCfnNQEoP5rWUbNDsJes.roa (raw, json)
Hash identifier: 4D8VevuVCVG2zjU3UryWeRhe2cL+B4o2elqgc92phJM=
Subject key identifier: 23:79:8B:B7:C9:B3:09:F9:CD:40:4A:0F:E6:B5:94:6C:D0:EC:25:EB
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEB5342172AE1148CB49624CBF717933D
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/I3mLt8mzCfnNQEoP5rWUbNDsJes.roa
Signing time: Wed 17 Apr 2024 09:11:25 +0000
ROA not before: Wed 17 Apr 2024 09:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:53:42:17:2a:e1:14:8c:b4:96:24:cb:f7:17:93:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 09:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23798bb7c9b309f9cd404a0fe6b5946cd0ec25eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9a:4d:6c:9e:1f:5d:66:c7:f3:79:7e:eb:19:
89:65:30:91:36:fb:1c:e7:9d:ff:fa:c0:c5:c4:44:
d7:a6:44:ec:db:df:71:a8:70:2c:1c:9a:90:8e:81:
c3:60:2c:56:35:ae:6b:3a:22:a0:15:ad:bd:78:d1:
98:be:c5:9f:70:ef:d5:e6:1e:ef:9c:e4:88:94:2e:
bf:77:bf:a1:19:bb:7d:35:b4:36:0d:4a:2e:f2:0a:
15:2f:03:da:c4:42:d5:3f:7d:54:6a:c9:2e:73:47:
c0:7c:10:c5:93:de:7b:86:ed:4e:4b:63:ab:0b:70:
9e:5b:40:d1:93:09:74:5e:66:98:f9:80:f9:2f:c6:
bb:b2:52:47:28:cc:63:1f:fc:82:03:d1:ae:7a:15:
5f:24:32:72:ce:7e:fe:eb:03:e6:65:2c:b5:5f:fd:
94:69:b6:91:c8:eb:ba:57:1b:61:f8:48:97:cc:3a:
c1:63:bd:25:04:71:b5:55:85:9d:b2:34:ce:89:4d:
9a:f3:61:94:03:72:7b:df:58:6b:d3:57:ef:3a:76:
1c:d9:74:d0:5d:fd:11:6a:6f:ae:38:c1:1a:77:16:
96:fa:e4:62:2f:e0:d7:25:f4:75:53:62:a9:5d:38:
55:96:17:0b:48:06:6a:cb:19:a1:84:eb:b1:38:f5:
49:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:79:8B:B7:C9:B3:09:F9:CD:40:4A:0F:E6:B5:94:6C:D0:EC:25:EB
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/I3mLt8mzCfnNQEoP5rWUbNDsJes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:54:18:a9:16:a4:94:f3:4f:50:e6:28:9c:27:ac:7e:ca:df:
50:c5:b3:8e:2c:e1:b9:88:03:03:f6:05:c9:54:a2:47:00:0b:
d9:66:64:a3:75:94:0e:32:8d:bd:f0:24:19:1a:76:3d:d2:21:
e6:1c:c6:7d:68:e9:31:de:3f:a6:e6:bf:f3:17:41:7c:2f:59:
3a:b6:b8:0d:b7:66:38:7d:9c:63:84:2e:9d:ef:be:82:72:40:
23:5e:1e:2d:9b:4d:5c:43:cb:b0:28:cd:75:f6:d8:0c:ff:98:
0d:a2:63:7a:f2:30:94:06:d8:16:fe:c7:56:9a:46:ad:23:ba:
c0:6c:96:b9:82:b7:d0:4b:01:04:32:36:6b:15:28:47:f3:bf:
e1:92:1c:22:ee:44:85:f8:71:44:53:16:57:d0:87:ab:32:01:
a2:70:82:42:c4:53:40:72:27:a5:a8:17:5f:1a:fe:dc:3c:91:
9b:8b:30:3e:c0:38:d4:a0:59:8b:71:25:c6:c2:2b:3c:b9:46:
57:82:f2:fd:ab:b3:57:cf:8d:7d:8d:c3:97:95:21:ae:3b:30:
fc:64:07:ac:8b:14:67:e6:c8:67:9d:f2:29:38:2d:d4:11:05:
ee:ef:59:48:42:cb:3c:5f:c9:d7:a0:9f:01:8f:90:cf:21:33:
9e:16:ad:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7rU0IXKuEUjLSWJMv3F5M9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MDkxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc5OGJiN2M5YjMwOWY5Y2Q0MDRhMGZlNmI1OTQ2Y2QwZWMyNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5pNbJ4fXWbH83l+6xmJZTCRNvsc
553/+sDFxETXpkTs299xqHAsHJqQjoHDYCxWNa5rOiKgFa29eNGYvsWfcO/V5h7v
nOSIlC6/d7+hGbt9NbQ2DUou8goVLwPaxELVP31Uaskuc0fAfBDFk957hu1OS2Or
C3CeW0DRkwl0XmaY+YD5L8a7slJHKMxjH/yCA9GuehVfJDJyzn7+6wPmZSy1X/2U
abaRyOu6Vxth+EiXzDrBY70lBHG1VYWdsjTOiU2a82GUA3J731hr01fvOnYc2XTQ
Xf0Ram+uOMEadxaW+uRiL+DXJfR1U2KpXThVlhcLSAZqyxmhhOuxOPVJ8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCN5i7fJswn5zUBKD+a1lGzQ7CXrMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvSTNtTHQ4bXpDZm5OUUVvUDVyV1ViTkRzSmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC1UGKkWpJTzT1DmKJwn
rH7K31DFs44s4bmIAwP2BclUokcAC9lmZKN1lA4yjb3wJBkadj3SIeYcxn1o6THe
P6bmv/MXQXwvWTq2uA23Zjh9nGOELp3vvoJyQCNeHi2bTVxDy7AozXX22Az/mA2i
Y3ryMJQG2Bb+x1aaRq0jusBslrmCt9BLAQQyNmsVKEfzv+GSHCLuRIX4cURTFlfQ
h6syAaJwgkLEU0ByJ6WoF18a/tw8kZuLMD7AONSgWYtxJcbCKzy5RleC8v2rs1fP
jX2Nw5eVIa47MPxkB6yLFGfmyGed8ik4LdQRBe7vWUhCyzxfydegnwGPkM8hM54W
rVw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:23:05 2025 by rpki-client