Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3l2lnyhiOaYBeuHJYfOE9Cd8V8k.roa
File: 3l2lnyhiOaYBeuHJYfOE9Cd8V8k.roa (raw, json)
Hash identifier: xx3mhmCAOqgnSh1l14bn5oRIOh/wTSkfWZ2ThV4fSF8=
Subject key identifier: DE:5D:A5:9F:28:62:39:A6:01:7A:E1:C9:61:F3:84:F4:27:7C:57:C9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5C3425298ABF7BB17045871EF275BC38
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3l2lnyhiOaYBeuHJYfOE9Cd8V8k.roa
Signing time: Wed 20 Mar 2024 14:11:45 +0000
ROA not before: Wed 20 Mar 2024 14:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:34:25:29:8a:bf:7b:b1:70:45:87:1e:f2:75:bc:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 14:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de5da59f286239a6017ae1c961f384f4277c57c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a9:b1:61:95:7e:1e:b2:01:46:7c:5f:59:1e:
8b:dc:c9:86:1f:1b:70:85:a0:d4:93:fc:6c:4d:6f:
84:73:64:f2:34:20:41:34:05:9a:98:d8:d7:b7:d1:
b3:b9:a2:21:a5:ce:a1:d7:5d:65:fb:b5:43:10:ef:
e1:5b:2e:5b:f4:9f:1f:e7:a9:49:69:e0:43:2a:19:
f6:e5:23:b1:cd:14:92:27:5f:68:6c:0f:34:41:1e:
e0:d6:9e:f6:1b:32:b9:d2:4f:9f:da:7f:10:64:94:
af:47:b7:8e:1a:0f:7d:9d:51:7b:b7:37:9b:84:1d:
6d:87:8b:9a:eb:d2:55:ac:4e:cb:d9:e4:a3:2e:58:
bf:ed:f1:05:35:a3:60:ab:52:97:24:bf:06:ff:7d:
60:94:6b:63:dd:2c:9d:2d:de:99:1a:33:5f:42:63:
ca:86:9b:52:45:a3:ab:cc:17:04:64:aa:5d:95:43:
8b:99:d8:0c:c1:d5:e8:33:b6:cc:ca:e8:2e:91:2f:
ff:4c:19:32:33:ff:f6:db:ef:6c:44:80:14:1f:5c:
7e:01:f7:2d:14:ae:5c:52:66:f8:5a:28:15:bc:a4:
59:a6:6f:0c:85:e5:de:e8:de:34:0b:ad:6e:e8:8d:
28:41:74:65:93:ee:6a:17:78:fc:4a:4b:80:83:1c:
c8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5D:A5:9F:28:62:39:A6:01:7A:E1:C9:61:F3:84:F4:27:7C:57:C9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3l2lnyhiOaYBeuHJYfOE9Cd8V8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:35:c3:04:35:72:e1:ea:79:a0:28:59:a7:51:e0:c1:ca:8a:
2d:b7:fc:e0:fd:e2:5c:d0:74:e6:30:ac:14:4e:e0:42:5c:6e:
aa:d9:bf:4d:24:4f:22:7e:56:db:58:46:1e:2a:32:1e:a7:24:
ab:b4:c5:a5:d9:ed:f4:f7:13:9a:00:06:ac:9c:82:b5:c1:69:
66:36:03:43:40:38:0b:12:75:84:8c:76:1a:67:d7:66:aa:12:
f5:42:f9:d7:55:6d:54:71:d0:77:ac:81:fc:68:f8:61:d0:e7:
c4:68:ba:59:b2:05:6e:e4:f2:39:60:65:0f:8c:82:d6:a2:99:
a0:31:e3:53:7a:d4:94:c6:3f:f8:22:24:53:e2:be:eb:84:42:
f6:dd:46:eb:ad:74:34:45:a5:26:ec:c4:7f:3a:a6:47:24:b1:
7d:84:fd:bb:14:56:12:72:4c:2e:55:49:54:34:db:0c:74:42:
06:47:1f:ae:37:dc:e9:73:0d:8d:c3:6c:1a:1a:40:f6:7f:b4:
73:3f:8d:9a:b4:be:1a:60:70:f1:15:15:c6:3b:31:a4:df:36:
e5:9b:06:0e:b8:6d:da:06:0d:19:09:33:01:2d:dc:f3:de:31:
a7:60:2d:22:14:cb:34:05:d0:3e:7c:9e:67:8b:95:96:03:e5:
6b:e7:2a:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5cNCUpir97sXBFhx7ydbw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMTQxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTVkYTU5ZjI4NjIzOWE2MDE3YWUxYzk2MWYzODRmNDI3N2M1N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKmxYZV+HrIBRnxfWR6L3MmGHxtw
haDUk/xsTW+Ec2TyNCBBNAWamNjXt9GzuaIhpc6h111l+7VDEO/hWy5b9J8f56lJ
aeBDKhn25SOxzRSSJ19obA80QR7g1p72GzK50k+f2n8QZJSvR7eOGg99nVF7tzeb
hB1th4ua69JVrE7L2eSjLli/7fEFNaNgq1KXJL8G/31glGtj3SydLd6ZGjNfQmPK
hptSRaOrzBcEZKpdlUOLmdgMwdXoM7bMyugukS//TBkyM//22+9sRIAUH1x+Afct
FK5cUmb4WigVvKRZpm8MheXe6N40C61u6I0oQXRlk+5qF3j8SkuAgxzIvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN5dpZ8oYjmmAXrhyWHzhPQnfFfJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM2wybG55aGlPYVlCZXVISllmT0U5Q2Q4VjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADI1wwQ1cuHqeaAoWadR
4MHKii23/OD94lzQdOYwrBRO4EJcbqrZv00kTyJ+VttYRh4qMh6nJKu0xaXZ7fT3
E5oABqycgrXBaWY2A0NAOAsSdYSMdhpn12aqEvVC+ddVbVRx0Hesgfxo+GHQ58Ro
ulmyBW7k8jlgZQ+MgtaimaAx41N61JTGP/giJFPivuuEQvbdRuutdDRFpSbsxH86
pkcksX2E/bsUVhJyTC5VSVQ02wx0QgZHH6433OlzDY3DbBoaQPZ/tHM/jZq0vhpg
cPEVFcY7MaTfNuWbBg64bdoGDRkJMwEt3PPeMadgLSIUyzQF0D58nmeLlZYD5Wvn
Ko8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:08:15 2025 by rpki-client