Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4_nlWdae4xjCT65j7VkFNKYS7DM.roa
File: 4_nlWdae4xjCT65j7VkFNKYS7DM.roa (raw, json)
Hash identifier: qhdrMnmDX2eYdbbInVrNW71+bVPzbYZCedJy14L8jKg=
Subject key identifier: E3:F9:E5:59:D6:9E:E3:18:C2:4F:AE:63:ED:59:05:34:A6:12:EC:33
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC3D8DA3DA5FF5CFCCE38EF44F92C7BBB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4_nlWdae4xjCT65j7VkFNKYS7DM.roa
Signing time: Tue 09 Apr 2024 17:12:32 +0000
ROA not before: Tue 09 Apr 2024 17:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:d8:da:3d:a5:ff:5c:fc:ce:38:ef:44:f9:2c:7b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 9 17:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3f9e559d69ee318c24fae63ed590534a612ec33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d2:4a:c2:4a:59:19:ed:41:5c:79:e3:41:5e:
24:12:62:8f:17:5d:2c:7d:2d:46:d3:9d:ac:61:1d:
43:4f:83:84:cc:b7:0d:58:53:2a:ae:84:67:63:cb:
05:bd:56:cd:b4:25:1d:9b:32:81:57:bb:6f:bd:ac:
30:ae:b2:66:28:0d:7f:b8:f2:f4:ac:b0:b3:6a:b8:
ce:f6:a7:f4:07:e6:58:1b:fb:fe:1d:eb:7d:e1:13:
9b:e6:0f:9a:0a:4e:25:ff:82:1a:2e:d6:b8:e7:dc:
25:01:5d:fa:75:a6:3d:1b:b8:4d:1f:68:5c:88:cc:
55:4e:bc:44:9f:8d:7c:c0:7a:8c:f7:bc:43:70:37:
01:2d:27:76:fa:6d:fd:56:33:2e:03:69:cc:d6:20:
e3:d1:9d:9d:14:2d:a0:07:56:e4:85:e6:08:24:b4:
47:c3:27:64:c2:12:ae:e1:f4:7c:10:67:06:a8:10:
67:7a:ab:df:d4:3e:e6:85:1e:bb:c4:0d:f2:0b:08:
f2:b2:02:75:0e:e2:ab:c3:77:80:e7:f8:2a:a2:cc:
51:ec:ee:15:24:20:1b:63:85:fd:19:b6:22:2b:d8:
e2:da:72:8a:b9:e0:86:e6:8b:73:03:2e:3c:28:86:
31:d8:6a:3d:1f:6e:2b:8b:bb:37:ac:66:ef:b3:d9:
b6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F9:E5:59:D6:9E:E3:18:C2:4F:AE:63:ED:59:05:34:A6:12:EC:33
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4_nlWdae4xjCT65j7VkFNKYS7DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:28:d9:49:6f:90:95:6e:c3:2c:0f:e6:2a:45:d6:93:8f:bf:
a5:88:9b:67:58:bb:ab:9c:0c:16:43:fc:87:8e:6b:a5:02:2d:
f3:6e:f9:d8:05:61:63:73:b0:a6:3a:a0:45:c3:c0:82:1f:fc:
ea:37:83:62:78:66:77:e4:f1:07:7c:d2:4d:a2:57:d9:c2:28:
83:e2:ec:97:c1:03:64:5c:5d:27:2a:f9:86:9a:ce:74:63:9d:
8e:6a:83:a7:85:73:14:d9:8f:00:9c:78:e1:ac:d2:8a:ac:e6:
29:53:86:c7:75:19:4b:43:0d:2c:c7:ce:9e:18:54:d7:dd:3a:
d2:bd:76:4f:34:22:94:93:5e:25:e8:2c:ce:0f:dd:3b:dd:b2:
f1:d7:70:9e:19:ef:aa:02:e0:62:28:5c:65:6b:4d:09:6c:27:
91:09:8f:7d:cc:c1:c9:da:86:ae:10:c2:2f:58:42:fa:b0:14:
3a:f4:dc:0e:14:1f:c9:8c:0c:ca:c2:01:a4:65:c6:4a:e5:e5:
5d:31:2b:e9:e3:f3:e4:05:e2:a3:d5:2a:8b:11:52:2b:72:01:
7a:0e:fc:98:ca:93:52:db:52:ad:a8:7c:d1:40:2b:d0:a9:b1:
82:fd:93:84:84:f0:9e:89:59:fd:cd:70:e8:1a:9b:9e:1a:89:
27:77:a1:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7D2No9pf9c/M4470T5LHu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA5MTcxMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Y5ZTU1OWQ2OWVlMzE4YzI0ZmFlNjNlZDU5MDUzNGE2MTJlYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdJKwkpZGe1BXHnjQV4kEmKPF10s
fS1G052sYR1DT4OEzLcNWFMqroRnY8sFvVbNtCUdmzKBV7tvvawwrrJmKA1/uPL0
rLCzarjO9qf0B+ZYG/v+Het94ROb5g+aCk4l/4IaLta459wlAV36daY9G7hNH2hc
iMxVTrxEn418wHqM97xDcDcBLSd2+m39VjMuA2nM1iDj0Z2dFC2gB1bkheYIJLRH
wydkwhKu4fR8EGcGqBBneqvf1D7mhR67xA3yCwjysgJ1DuKrw3eA5/gqosxR7O4V
JCAbY4X9GbYiK9ji2nKKueCG5otzAy48KIYx2Go9H24ri7s3rGbvs9m23wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOP55VnWnuMYwk+uY+1ZBTSmEuwzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNF9ubFdkYWU0eGpDVDY1ajdWa0ZOS1lTN0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKEo2UlvkJVuwywP5ipF
1pOPv6WIm2dYu6ucDBZD/IeOa6UCLfNu+dgFYWNzsKY6oEXDwIIf/Oo3g2J4Znfk
8Qd80k2iV9nCKIPi7JfBA2RcXScq+YaaznRjnY5qg6eFcxTZjwCceOGs0oqs5ilT
hsd1GUtDDSzHzp4YVNfdOtK9dk80IpSTXiXoLM4P3TvdsvHXcJ4Z76oC4GIoXGVr
TQlsJ5EJj33Mwcnahq4Qwi9YQvqwFDr03A4UH8mMDMrCAaRlxkrl5V0xK+nj8+QF
4qPVKosRUityAXoO/JjKk1LbUq2ofNFAK9CpsYL9k4SE8J6JWf3NcOgam54aiSd3
oYQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:57:56 2025 by rpki-client