Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/teZRdAMXcvvdSk1lMz-ou2-DOqo.roa
File: teZRdAMXcvvdSk1lMz-ou2-DOqo.roa (raw, json)
Hash identifier: cHFG8WtP08Qp/mxS3LUuBSdf6Ty/4H3J36F3DyRk4ow=
Subject key identifier: B5:E6:51:74:03:17:72:FB:DD:4A:4D:65:33:3F:A8:BB:6F:83:3A:AA
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEF3007001E5105036DCD1889BDEBB2F2
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/teZRdAMXcvvdSk1lMz-ou2-DOqo.roa
Signing time: Thu 18 Apr 2024 03:11:25 +0000
ROA not before: Thu 18 Apr 2024 03:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ef:30:07:00:1e:51:05:03:6d:cd:18:89:bd:eb:b2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 03:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5e65174031772fbdd4a4d65333fa8bb6f833aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2f:d7:07:83:3f:bc:ce:c2:f3:b3:3c:c8:f2:
aa:e7:19:7d:ad:25:38:14:e6:f6:05:56:93:3d:32:
bb:80:88:06:25:ff:7a:bb:bb:23:1d:d3:06:e6:f5:
48:00:a6:79:ba:45:a5:30:c1:ff:5f:d2:14:86:cf:
65:ec:c7:89:23:a0:c0:42:6a:9c:51:60:0d:db:df:
12:a3:44:1b:87:d2:d4:df:e2:b3:3a:da:ff:8d:2a:
8d:1c:08:42:6e:2c:ca:81:fa:8b:e4:25:0b:c5:98:
13:48:fe:84:09:19:fe:0f:3d:b3:db:3c:80:f0:96:
54:c4:9f:d9:ed:f1:29:30:e1:c4:0b:c1:61:87:75:
82:48:ce:b2:13:39:34:81:5c:f7:16:b9:34:08:e5:
f4:ff:eb:e9:bd:c7:da:15:1e:d1:90:ba:12:1b:13:
e2:82:0b:54:16:da:00:54:72:84:a9:94:dc:fa:48:
2b:62:4e:06:15:25:97:e6:54:b4:3c:67:d4:a9:f2:
04:40:e1:a7:fa:93:ad:b6:0c:04:34:e1:91:ef:59:
7d:41:36:14:b6:5e:21:ba:a5:1b:84:a1:03:4b:c3:
c9:d1:7e:42:69:3a:5c:4e:78:19:fd:c7:bb:7c:2b:
db:85:15:65:d5:c2:4a:6e:70:25:2e:b0:31:f2:e2:
90:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E6:51:74:03:17:72:FB:DD:4A:4D:65:33:3F:A8:BB:6F:83:3A:AA
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/teZRdAMXcvvdSk1lMz-ou2-DOqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:c9:59:e0:2d:35:cd:97:70:5e:a6:e7:67:d6:4b:42:78:06:
be:dc:5a:a7:52:83:81:db:5f:7b:8e:4f:26:8b:f5:59:93:17:
85:7b:0f:22:aa:f1:5e:1b:97:d9:ac:26:35:c0:8c:0d:ac:eb:
cc:4b:fa:6b:2f:b2:93:f7:bd:a4:0c:73:f7:8e:b1:85:94:e7:
7d:6a:8e:77:ad:fa:80:fb:29:bb:db:cf:93:f2:0e:cf:58:50:
01:16:e8:33:e7:a1:6c:10:68:b5:a3:7a:0e:bf:2a:00:a7:cd:
34:9f:c0:72:81:98:a7:e9:60:51:4b:63:a8:91:ed:24:65:f0:
3c:75:dd:d2:57:0b:e2:73:43:f3:5f:ba:d0:59:7a:1e:27:16:
6e:f2:99:09:6e:73:86:a6:4f:d4:59:9b:a7:59:bb:fc:69:5a:
84:6d:d8:e9:84:e0:3b:67:ff:d3:05:16:d6:e1:81:b9:01:54:
9c:cd:ab:bd:c4:72:04:31:ee:4c:e2:30:6e:33:db:28:43:b8:
5e:41:6b:58:90:1a:a5:77:75:c9:8e:8d:3d:c0:3c:c5:c2:64:
fb:2f:72:fe:4f:72:88:53:f5:c0:6b:c5:a8:bc:5a:d3:f9:bb:
fc:ed:0e:43:a9:5e:ff:a9:74:54:3b:cf:a2:45:df:00:5e:bc:
66:aa:6b:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7vMAcAHlEFA23NGIm967LyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MDMxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWU2NTE3NDAzMTc3MmZiZGQ0YTRkNjUzMzNmYThiYjZmODMzYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi/XB4M/vM7C87M8yPKq5xl9rSU4
FOb2BVaTPTK7gIgGJf96u7sjHdMG5vVIAKZ5ukWlMMH/X9IUhs9l7MeJI6DAQmqc
UWAN298So0Qbh9LU3+KzOtr/jSqNHAhCbizKgfqL5CULxZgTSP6ECRn+Dz2z2zyA
8JZUxJ/Z7fEpMOHEC8Fhh3WCSM6yEzk0gVz3Frk0COX0/+vpvcfaFR7RkLoSGxPi
ggtUFtoAVHKEqZTc+kgrYk4GFSWX5lS0PGfUqfIEQOGn+pOttgwENOGR71l9QTYU
tl4huqUbhKEDS8PJ0X5CaTpcTngZ/ce7fCvbhRVl1cJKbnAlLrAx8uKQhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLXmUXQDF3L73UpNZTM/qLtvgzqqMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvdGVaUmRBTVhjdnZkU2sxbE16LW91Mi1ET3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjJWeAtNc2XcF6m52fW
S0J4Br7cWqdSg4HbX3uOTyaL9VmTF4V7DyKq8V4bl9msJjXAjA2s68xL+msvspP3
vaQMc/eOsYWU531qjnet+oD7Kbvbz5PyDs9YUAEW6DPnoWwQaLWjeg6/KgCnzTSf
wHKBmKfpYFFLY6iR7SRl8Dx13dJXC+JzQ/NfutBZeh4nFm7ymQluc4amT9RZm6dZ
u/xpWoRt2OmE4Dtn/9MFFtbhgbkBVJzNq73EcgQx7kziMG4z2yhDuF5Ba1iQGqV3
dcmOjT3APMXCZPsvcv5PcohT9cBrxai8WtP5u/ztDkOpXv+pdFQ7z6JF3wBevGaq
ayQ=
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:10:24 2025 by rpki-client