Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EKbsbcMgxcwQrD9_b13d995hAZY.roa
File: EKbsbcMgxcwQrD9_b13d995hAZY.roa (raw, json)
Hash identifier: a5C3C/Zx8iCO5d0ezeh+hqMauPTkAjy5SFE+7e0Qeog=
Subject key identifier: 10:A6:EC:6D:C3:20:C5:CC:10:AC:3F:7F:6F:5D:DD:F7:DE:61:01:96
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A744067574A2A4B0AA6DC72143EBF8CEC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EKbsbcMgxcwQrD9_b13d995hAZY.roa
Signing time: Fri 08 Sep 2023 10:04:52 +0000
ROA not before: Fri 08 Sep 2023 10:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:743f:e930/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:40:67:57:4a:2a:4b:0a:a6:dc:72:14:3e:bf:8c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 10:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10a6ec6dc320c5cc10ac3f7f6f5dddf7de610196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f3:0d:f4:be:97:ed:c7:62:8c:23:dc:27:78:
e0:8f:07:5b:ab:89:e3:98:a7:6a:bb:f5:3a:79:ae:
db:41:5d:fb:4d:4e:48:14:59:3d:2a:f8:92:db:e4:
15:10:8a:fe:26:82:64:50:b9:73:e0:41:78:b1:e3:
01:7c:08:cb:62:6e:57:a0:78:87:77:8b:44:38:01:
da:e6:c6:2a:fc:b9:ec:03:9c:2f:79:cf:db:1d:00:
e9:42:16:82:ac:d7:a7:dd:ec:0c:6c:08:c0:bc:65:
5a:1a:92:14:9c:87:c7:56:37:9f:82:f9:d0:90:89:
9a:5e:c5:1a:4f:c1:a2:47:89:0d:ed:2e:0b:db:20:
9f:3a:48:c8:b3:89:61:b6:3b:78:f6:54:6f:c1:9e:
3a:85:84:47:db:1d:4c:c2:c8:60:85:ee:cd:3f:4a:
6a:e6:65:b8:5a:da:19:49:a7:df:da:a3:4a:e3:f0:
ab:2d:21:3d:d2:03:69:c4:de:85:17:4f:28:5c:4b:
5e:56:e7:d8:51:b3:d3:65:ae:ab:1f:dd:fe:dc:55:
d5:51:86:10:d7:47:8f:45:d6:29:ce:a8:a4:70:d6:
db:03:c4:3d:ac:fd:ca:25:c1:94:d5:8c:75:7a:d1:
99:f6:53:48:c7:68:be:e3:da:4b:0c:bf:fe:e1:da:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A6:EC:6D:C3:20:C5:CC:10:AC:3F:7F:6F:5D:DD:F7:DE:61:01:96
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/EKbsbcMgxcwQrD9_b13d995hAZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:27:48:16:46:8e:5a:78:9e:4b:8a:db:93:26:e5:a3:a5:94:
a4:46:17:1c:51:3d:fb:1f:56:36:03:82:a8:9e:66:7c:d7:c5:
84:e6:62:7a:d0:97:0e:f1:9c:e0:63:95:b7:d5:ed:76:64:98:
5b:26:ed:66:90:6c:ef:23:fa:6d:67:c9:21:83:d6:ef:69:78:
8e:4e:d9:35:ec:52:5a:3b:50:d0:33:dc:d0:c3:75:fa:e8:ed:
cc:17:11:bb:d0:b6:ba:1d:ff:26:a7:07:2a:92:9e:5b:e8:b7:
95:bd:83:9a:a4:94:fb:71:bf:88:a5:1e:61:5d:03:00:63:fc:
5b:50:ab:8d:eb:ec:9d:12:db:69:61:d0:e3:3d:0c:33:76:71:
8b:bc:ea:ec:ef:c3:16:13:a4:23:f6:67:93:76:ab:48:62:24:
00:78:ea:cd:52:8b:89:bc:06:72:cf:f0:f7:56:d6:c0:66:66:
64:ae:87:81:96:36:c9:d6:9e:ca:54:1b:ac:98:8b:13:63:90:
41:30:7d:32:0e:15:e0:04:43:94:1a:68:81:4f:3a:51:47:66:
87:3e:d6:9d:f9:6f:30:92:21:05:1e:af:34:e7:ac:46:bc:40:
23:5e:ed:88:1b:7a:4e:11:f9:1e:b6:75:00:5a:c6:66:6a:1d:
62:83:59:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp0QGdXSipLCqbcchQ+v4zsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MTAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGE2ZWM2ZGMzMjBjNWNjMTBhYzNmN2Y2ZjVkZGRmN2RlNjEwMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPMN9L6X7cdijCPcJ3jgjwdbq4nj
mKdqu/U6ea7bQV37TU5IFFk9KviS2+QVEIr+JoJkULlz4EF4seMBfAjLYm5XoHiH
d4tEOAHa5sYq/LnsA5wvec/bHQDpQhaCrNen3ewMbAjAvGVaGpIUnIfHVjefgvnQ
kImaXsUaT8GiR4kN7S4L2yCfOkjIs4lhtjt49lRvwZ46hYRH2x1Mwshghe7NP0pq
5mW4WtoZSaff2qNK4/CrLSE90gNpxN6FF08oXEteVufYUbPTZa6rH93+3FXVUYYQ
10ePRdYpzqikcNbbA8Q9rP3KJcGU1Yx1etGZ9lNIx2i+49pLDL/+4dqH9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBCm7G3DIMXMEKw/f29d3ffeYQGWMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRUtic2JjTWd4Y3dRckQ5X2IxM2Q5OTVoQVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABonSBZGjlp4nkuK25Mm
5aOllKRGFxxRPfsfVjYDgqieZnzXxYTmYnrQlw7xnOBjlbfV7XZkmFsm7WaQbO8j
+m1nySGD1u9peI5O2TXsUlo7UNAz3NDDdfro7cwXEbvQtrod/yanByqSnlvot5W9
g5qklPtxv4ilHmFdAwBj/FtQq43r7J0S22lh0OM9DDN2cYu86uzvwxYTpCP2Z5N2
q0hiJAB46s1Si4m8BnLP8PdW1sBmZmSuh4GWNsnWnspUG6yYixNjkEEwfTIOFeAE
Q5QaaIFPOlFHZoc+1p35bzCSIQUerzTnrEa8QCNe7Ygbek4R+R62dQBaxmZqHWKD
WS4=
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:05:14 2025 by rpki-client