Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/24WIJOMLMc-XaLHnhNvgA9QJmEw.roa
File: 24WIJOMLMc-XaLHnhNvgA9QJmEw.roa (raw, json)
Hash identifier: C1astFr9+SOi5OMS19vOX2sfhmL+2TMp7hpmwwKS5fI=
Subject key identifier: DB:85:88:24:E3:0B:31:CF:97:68:B1:E7:84:DB:E0:03:D4:09:98:4C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D558C12DD98AFA92E739797607697455D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/24WIJOMLMc-XaLHnhNvgA9QJmEw.roa
Signing time: Mon 29 Jan 2024 14:07:39 +0000
ROA not before: Mon 29 Jan 2024 14:07:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:558b:c7b2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:8c:12:dd:98:af:a9:2e:73:97:97:60:76:97:45:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 29 14:07:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db858824e30b31cf9768b1e784dbe003d409984c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6a:07:3e:2c:aa:e1:9c:db:43:a8:41:85:d7:
0e:99:26:4a:69:e8:e8:3c:65:fb:ee:ed:63:83:10:
49:9a:53:bf:c4:29:6e:43:d5:23:14:98:a3:e2:74:
66:2a:a9:0e:ec:1d:f4:d0:00:17:c7:e1:e0:0e:b0:
d9:2a:d0:c4:b5:24:04:93:b4:f0:45:85:4f:b1:39:
82:fa:d4:f2:e1:bd:87:3d:3d:f8:82:22:ea:c9:e4:
1a:6d:28:b2:e2:16:15:9d:a4:6e:86:46:1f:7e:59:
69:ed:45:18:89:88:91:bc:5b:c6:be:8e:f5:6d:b0:
25:db:d6:1f:12:94:26:26:ed:6e:45:87:04:e0:b0:
98:96:2e:c9:f9:55:4a:28:5c:c7:f1:51:43:8c:3e:
22:5b:81:b1:55:b8:6c:de:69:52:f7:c4:e4:60:b3:
33:76:a1:a8:92:2b:d3:43:bf:ca:17:a6:17:38:51:
7a:71:a7:85:2b:a6:1b:cb:3c:08:14:b3:d5:07:4b:
1e:89:bc:69:32:bf:83:4c:de:64:f5:40:3d:b9:97:
26:95:a9:31:31:1d:88:2a:b7:de:ee:95:31:c0:41:
21:59:1c:df:e4:c0:85:c2:da:f4:b8:54:a8:8c:ee:
2a:5c:7c:23:a1:b9:c4:cc:cc:bb:ed:6f:43:b5:f4:
40:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:85:88:24:E3:0B:31:CF:97:68:B1:E7:84:DB:E0:03:D4:09:98:4C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/24WIJOMLMc-XaLHnhNvgA9QJmEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:b8:09:ec:a3:11:63:f1:8c:0c:f1:13:65:3b:1d:5e:3a:68:
28:a0:fd:8d:55:63:4d:63:64:18:2c:ab:3e:0b:b5:cf:d4:d8:
2a:ee:68:cb:3a:eb:36:4a:4f:0d:09:32:9b:26:04:3f:0b:24:
4a:7c:95:7c:04:4a:47:57:ed:6f:3f:5c:73:29:4c:b7:cb:9a:
2d:82:92:9c:bd:2a:27:e0:a1:a0:f0:ae:76:c5:aa:52:18:d1:
df:aa:b7:58:a7:b0:00:7c:cf:26:63:fe:03:92:e0:f8:46:35:
ad:cc:ca:0c:2b:d1:87:34:80:4d:19:62:6e:97:09:2e:5a:98:
a3:f9:4d:fa:b4:01:f6:dd:14:a7:d2:18:83:3f:a1:9d:27:c4:
c0:b1:3b:91:2f:61:ce:f7:64:59:6a:c3:7c:85:7f:59:67:f9:
80:eb:4f:5e:17:b4:58:df:47:e2:70:4f:ab:10:e3:b5:51:03:
34:97:0c:f2:66:da:80:ad:c8:76:f1:9e:2f:dc:b6:2e:0f:10:
c5:8c:bc:05:12:a3:16:77:c7:0b:cd:3d:be:7b:00:3f:b6:61:
9b:80:3a:7f:c8:93:3c:c7:9a:5b:8d:c3:a0:8f:08:60:cc:0b:
05:25:13:ab:f0:5e:c3:28:0f:79:e7:83:36:41:75:c3:5c:cb:
73:c1:b2:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1VjBLdmK+pLnOXl2B2l0VdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI5MTQwNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjg1ODgyNGUzMGIzMWNmOTc2OGIxZTc4NGRiZTAwM2Q0MDk5ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGoHPiyq4ZzbQ6hBhdcOmSZKaejo
PGX77u1jgxBJmlO/xCluQ9UjFJij4nRmKqkO7B300AAXx+HgDrDZKtDEtSQEk7Tw
RYVPsTmC+tTy4b2HPT34giLqyeQabSiy4hYVnaRuhkYffllp7UUYiYiRvFvGvo71
bbAl29YfEpQmJu1uRYcE4LCYli7J+VVKKFzH8VFDjD4iW4GxVbhs3mlS98TkYLMz
dqGokivTQ7/KF6YXOFF6caeFK6YbyzwIFLPVB0seibxpMr+DTN5k9UA9uZcmlakx
MR2IKrfe7pUxwEEhWRzf5MCFwtr0uFSojO4qXHwjobnEzMy77W9DtfRA7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNuFiCTjCzHPl2ix54Tb4APUCZhMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMjRXSUpPTUxNYy1YYUxIbmhOdmdBOVFKbUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHu4CeyjEWPxjAzxE2U7
HV46aCig/Y1VY01jZBgsqz4Ltc/U2CruaMs66zZKTw0JMpsmBD8LJEp8lXwESkdX
7W8/XHMpTLfLmi2Ckpy9KifgoaDwrnbFqlIY0d+qt1insAB8zyZj/gOS4PhGNa3M
ygwr0Yc0gE0ZYm6XCS5amKP5Tfq0AfbdFKfSGIM/oZ0nxMCxO5EvYc73ZFlqw3yF
f1ln+YDrT14XtFjfR+JwT6sQ47VRAzSXDPJm2oCtyHbxni/cti4PEMWMvAUSoxZ3
xwvNPb57AD+2YZuAOn/IkzzHmluNw6CPCGDMCwUlE6vwXsMoD3nngzZBdcNcy3PB
spc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:32:42 2025 by rpki-client