Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4JVt-pCQaVgj286YgtIMd00AOWQ.roa
File: 4JVt-pCQaVgj286YgtIMd00AOWQ.roa (raw, json)
Hash identifier: g0e3S8wg0NrhAArarfwfRz6b5CLSnNBSjDDx+cSwxO8=
Subject key identifier: E0:95:6D:FA:90:90:69:58:23:DB:CE:98:82:D2:0C:77:4D:00:39:64
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB79C3F24DF5193D8034E9695CD86F332
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4JVt-pCQaVgj286YgtIMd00AOWQ.roa
Signing time: Sun 07 Apr 2024 08:10:54 +0000
ROA not before: Sun 07 Apr 2024 08:10:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b7:9c:3f:24:df:51:93:d8:03:4e:96:95:cd:86:f3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 08:10:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0956dfa9090695823dbce9882d20c774d003964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:c1:b7:2d:c5:83:f5:d6:54:86:cc:ab:91:
a5:52:62:68:7a:99:34:fe:8c:79:5f:a4:a7:8b:08:
c2:00:ea:b5:f8:d6:96:d4:b3:e3:65:c6:f2:1b:31:
ff:e2:7a:b1:f1:6c:4b:82:4e:d9:94:14:0c:ba:1f:
ab:9e:03:9b:04:ac:48:1f:74:a0:c2:40:10:20:9b:
67:66:83:dd:8b:3d:0e:c2:37:5f:8a:96:24:93:05:
fe:45:ae:4c:a3:25:0c:d3:e6:d4:e7:be:3d:74:19:
80:ac:42:2b:6f:04:35:47:a3:4c:20:0a:8e:58:ee:
12:58:06:72:5d:eb:60:b4:cc:95:aa:71:41:52:00:
32:5f:14:ce:df:57:91:30:00:46:df:b2:52:d0:a3:
c0:b4:67:a5:7c:a3:5c:6a:5a:35:1d:eb:ce:12:97:
8a:3a:08:e9:d8:6c:1f:49:29:4c:56:62:13:71:19:
35:64:fa:1a:b0:d2:24:40:ad:8a:e4:10:0f:b2:b6:
31:20:64:26:f7:8f:be:40:51:b1:4f:a1:d4:a3:b9:
0d:3e:eb:3c:d3:72:c4:b0:b8:5f:af:04:f2:66:5e:
08:72:63:ba:8f:a0:ca:c4:e1:92:85:11:0f:cf:1f:
5c:7c:73:48:ca:b6:43:d3:58:47:f7:b3:41:c8:f3:
91:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:95:6D:FA:90:90:69:58:23:DB:CE:98:82:D2:0C:77:4D:00:39:64
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4JVt-pCQaVgj286YgtIMd00AOWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:11:b6:1b:50:27:1c:7e:19:44:f1:e8:45:e8:5e:de:e8:9a:
24:3f:04:b2:8e:f8:78:cd:8b:be:e6:13:fa:46:ff:9a:37:40:
c7:9f:1b:e4:49:56:1c:46:50:b8:78:41:b5:4b:33:09:c3:a6:
97:b5:a9:b2:64:41:00:d5:02:4c:f9:c5:af:fc:72:66:7b:af:
cb:06:ad:18:dc:9c:83:7e:dc:01:c3:84:94:73:63:63:30:e7:
74:49:20:af:dc:9f:2b:22:71:67:4a:10:31:fd:9c:38:28:0c:
53:53:18:f0:ad:9d:05:af:ad:b8:cd:57:e8:47:bd:a8:6e:03:
f6:5f:42:bc:25:fb:2b:38:ec:30:c0:60:0d:da:dd:b2:49:c6:
40:b5:37:fd:00:42:ff:c5:15:13:fb:18:44:79:87:1e:97:b3:
23:66:17:49:c9:33:b9:a1:00:d5:fd:a9:e6:50:0f:f5:cb:bf:
de:45:6e:11:44:00:0f:44:1d:5e:46:a2:38:7d:6c:b1:0f:54:
52:41:7e:a0:d3:ea:d6:6b:66:67:d6:4f:f3:39:7d:f2:e3:32:
d9:c4:0c:2b:ae:59:14:7d:8a:62:a5:65:ff:7f:f6:f8:e5:cb:
08:5b:0a:bc:c6:dc:0d:83:db:5c:31:7d:55:c0:95:e3:e6:0a:
94:4a:29:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY63nD8k31GT2ANOlpXNhvMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MDgxMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDk1NmRmYTkwOTA2OTU4MjNkYmNlOTg4MmQyMGM3NzRkMDAzOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL/Bty3Fg/XWVIbMq5GlUmJoepk0
/ox5X6SniwjCAOq1+NaW1LPjZcbyGzH/4nqx8WxLgk7ZlBQMuh+rngObBKxIH3Sg
wkAQIJtnZoPdiz0OwjdfipYkkwX+Ra5MoyUM0+bU5749dBmArEIrbwQ1R6NMIAqO
WO4SWAZyXetgtMyVqnFBUgAyXxTO31eRMABG37JS0KPAtGelfKNcalo1HevOEpeK
Ogjp2GwfSSlMVmITcRk1ZPoasNIkQK2K5BAPsrYxIGQm94++QFGxT6HUo7kNPus8
03LEsLhfrwTyZl4IcmO6j6DKxOGShREPzx9cfHNIyrZD01hH97NByPORSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOCVbfqQkGlYI9vOmILSDHdNADlkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNEpWdC1wQ1FhVmdqMjg2WWd0SU1kMDBBT1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABIRthtQJxx+GUTx6EXo
Xt7omiQ/BLKO+HjNi77mE/pG/5o3QMefG+RJVhxGULh4QbVLMwnDppe1qbJkQQDV
Akz5xa/8cmZ7r8sGrRjcnIN+3AHDhJRzY2Mw53RJIK/cnysicWdKEDH9nDgoDFNT
GPCtnQWvrbjNV+hHvahuA/ZfQrwl+ys47DDAYA3a3bJJxkC1N/0AQv/FFRP7GER5
hx6XsyNmF0nJM7mhANX9qeZQD/XLv95FbhFEAA9EHV5Gojh9bLEPVFJBfqDT6tZr
ZmfWT/M5ffLjMtnEDCuuWRR9imKlZf9/9vjlywhbCrzG3A2D21wxfVXAlePmCpRK
Kd0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:10:09 2025 by rpki-client