Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/TXfNT7kEk-8oUg8O_NDGGr-JLVQ.roa
File: TXfNT7kEk-8oUg8O_NDGGr-JLVQ.roa (raw, json)
Hash identifier: jDeebSyJdD5Vtom+67lXqNYX4V7VW3vynH08Cc/Damc=
Subject key identifier: 4D:77:CD:4F:B9:04:93:EF:28:52:0F:0E:FC:D0:C6:1A:BF:89:2D:54
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EE8BF29F00C4B2543C648AE5443E0ABCA
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/TXfNT7kEk-8oUg8O_NDGGr-JLVQ.roa
Signing time: Tue 16 Apr 2024 21:10:25 +0000
ROA not before: Tue 16 Apr 2024 21:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e8:bf:29:f0:0c:4b:25:43:c6:48:ae:54:43:e0:ab:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 16 21:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d77cd4fb90493ef28520f0efcd0c61abf892d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7c:c0:3f:96:4e:bd:98:75:7f:93:ad:fd:d3:
72:87:81:67:c3:22:61:97:43:21:54:98:b4:cf:6d:
fa:22:f8:de:99:1b:2f:d1:ad:5d:87:3a:7c:be:64:
a9:45:fc:24:c8:5e:63:3a:54:b3:9e:e7:19:f2:e1:
9c:6b:e3:f2:66:7d:ee:7d:1e:8f:51:14:ff:51:83:
df:74:4e:22:4d:3f:8d:23:b6:58:3e:31:71:24:b3:
46:07:84:3f:59:0e:56:ff:8a:cc:6c:ff:2e:60:fa:
2c:97:7b:06:ac:4e:ba:1d:73:85:f4:ae:37:ec:51:
e2:17:92:50:0e:31:bc:67:c2:40:9b:86:b9:13:5b:
24:f2:7a:71:55:a1:cd:09:87:d4:09:33:c5:65:d4:
d2:6d:64:35:3b:53:5f:c3:fc:c0:12:9f:da:53:88:
65:e9:c7:9f:46:9f:17:a0:e6:b2:e0:8f:f0:04:6a:
6e:23:90:a4:1d:82:7e:35:02:3a:1e:78:36:91:cc:
c5:e4:6b:ea:46:15:d4:9e:61:fc:40:b5:ea:12:0c:
14:3a:e3:ee:02:a8:cc:08:16:74:c0:9c:21:4a:f7:
6c:78:89:f5:35:8e:de:92:ab:43:c8:07:40:21:54:
d3:2a:84:38:10:32:7c:71:81:27:45:43:8d:29:81:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:77:CD:4F:B9:04:93:EF:28:52:0F:0E:FC:D0:C6:1A:BF:89:2D:54
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/TXfNT7kEk-8oUg8O_NDGGr-JLVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:09:d1:56:49:55:de:58:32:d2:c3:26:f1:2c:45:ee:9e:3e:
0e:06:77:14:29:a4:95:23:4e:c6:fc:54:d1:ed:35:6b:5f:0a:
44:e2:24:ed:bf:cd:7a:a7:d7:26:4d:f3:7d:f0:0b:8f:de:ad:
a7:f4:1e:f5:8c:c7:a2:ff:47:19:3b:80:d5:be:1d:72:86:f1:
de:57:c9:95:1c:4a:bb:f7:40:1d:66:b8:90:eb:b6:15:d3:f5:
67:8a:17:e4:cb:e9:59:f3:fe:6b:a0:20:d1:4c:b7:c8:16:91:
17:90:57:3e:d5:8a:1f:fb:e9:e6:ef:ed:4a:eb:1c:ed:ba:91:
1f:93:64:8a:f5:8e:33:a6:2a:5c:2c:bd:24:97:96:da:2c:26:
66:66:72:41:cd:e2:7a:72:23:16:6e:66:18:fe:c7:ce:90:e5:
6c:10:c7:a6:13:68:b5:d2:e8:d3:b9:4f:73:ae:84:8b:11:19:
11:ef:dd:5d:f8:d7:7d:1c:b0:81:77:fb:39:92:7a:64:3e:ba:
50:a6:be:71:f2:db:49:4a:d4:75:f2:b1:f2:c0:19:96:17:96:
73:d1:2e:7d:64:57:38:5d:a7:83:85:7c:a6:3f:7f:d8:f0:f6:
d9:63:15:80:38:d6:07:7f:60:a9:08:9f:13:ae:0f:1a:c9:15:
27:95:a1:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7ovynwDEslQ8ZIrlRD4KvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE2MjExMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc3Y2Q0ZmI5MDQ5M2VmMjg1MjBmMGVmY2QwYzYxYWJmODkyZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXzAP5ZOvZh1f5Ot/dNyh4FnwyJh
l0MhVJi0z236IvjemRsv0a1dhzp8vmSpRfwkyF5jOlSznucZ8uGca+PyZn3ufR6P
URT/UYPfdE4iTT+NI7ZYPjFxJLNGB4Q/WQ5W/4rMbP8uYPosl3sGrE66HXOF9K43
7FHiF5JQDjG8Z8JAm4a5E1sk8npxVaHNCYfUCTPFZdTSbWQ1O1Nfw/zAEp/aU4hl
6cefRp8XoOay4I/wBGpuI5CkHYJ+NQI6Hng2kczF5GvqRhXUnmH8QLXqEgwUOuPu
AqjMCBZ0wJwhSvdseIn1NY7ekqtDyAdAIVTTKoQ4EDJ8cYEnRUONKYHv6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE13zU+5BJPvKFIPDvzQxhq/iS1UMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvVFhmTlQ3a0VrLThvVWc4T19OREdHci1KTFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUJ0VZJVd5YMtLDJvEs
Re6ePg4GdxQppJUjTsb8VNHtNWtfCkTiJO2/zXqn1yZN833wC4/eraf0HvWMx6L/
Rxk7gNW+HXKG8d5XyZUcSrv3QB1muJDrthXT9WeKF+TL6Vnz/mugINFMt8gWkReQ
Vz7Vih/76ebv7UrrHO26kR+TZIr1jjOmKlwsvSSXltosJmZmckHN4npyIxZuZhj+
x86Q5WwQx6YTaLXS6NO5T3OuhIsRGRHv3V34130csIF3+zmSemQ+ulCmvnHy20lK
1HXysfLAGZYXlnPRLn1kVzhdp4OFfKY/f9jw9tljFYA41gd/YKkInxOuDxrJFSeV
oXw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:46:07 2025 by rpki-client