Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4j4wsVyuRIOkSo1Qht8qAvJX62Y.roa
File: 4j4wsVyuRIOkSo1Qht8qAvJX62Y.roa (raw, json)
Hash identifier: cqXaeKfkr2KgVM9RDbJqAQOQ1SbAA5qvivChSoj1FcA=
Subject key identifier: E2:3E:30:B1:5C:AE:44:83:A4:4A:8D:50:86:DF:2A:02:F2:57:EB:66
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE3D475F5B20232F89B84A177F136FD33
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4j4wsVyuRIOkSo1Qht8qAvJX62Y.roa
Signing time: Mon 26 Feb 2024 05:12:48 +0000
ROA not before: Mon 26 Feb 2024 05:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e3:d4:75:f5:b2:02:32:f8:9b:84:a1:77:f1:36:fd:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 26 05:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e23e30b15cae4483a44a8d5086df2a02f257eb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:36:b7:c2:99:d8:b9:57:71:e6:2e:20:c1:cb:
9e:ad:11:3d:fb:bf:a7:80:33:db:46:38:7d:1f:1d:
cd:ad:89:bf:8e:cf:cd:4f:95:7c:a7:25:fd:45:8a:
6d:3c:a0:8c:06:48:9f:3b:56:8c:f1:a4:3c:ce:22:
20:8a:28:c9:22:24:26:60:7c:60:dc:b6:64:c3:56:
77:2a:b4:19:98:ee:65:ff:0a:6f:12:64:6e:b3:89:
51:5d:16:0f:bd:a3:91:b9:65:47:99:3f:ea:33:d1:
55:31:e9:6c:35:50:21:93:3a:d3:65:66:67:78:56:
f3:a2:2e:ca:3e:bb:a5:ae:6e:2e:3f:07:46:a0:7c:
13:f5:a2:30:8c:09:30:20:35:e8:39:f8:a2:e2:d3:
40:5d:d5:6f:c2:ee:c7:a4:17:08:13:08:38:64:f5:
34:b7:1b:9d:cf:1f:ba:a0:6c:c1:ec:24:a8:7c:48:
5c:5b:ea:a4:87:96:6e:bd:58:25:1d:54:e1:7b:c6:
a6:28:00:9c:67:e6:73:50:d9:59:5d:29:60:ca:3d:
39:96:be:88:48:69:8f:b4:9a:97:76:a6:56:e3:c3:
9d:7b:5b:c0:27:c6:1b:54:fc:ee:bd:e2:ea:30:31:
76:4b:95:81:62:16:45:63:9d:34:13:b5:4f:f2:4b:
9c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3E:30:B1:5C:AE:44:83:A4:4A:8D:50:86:DF:2A:02:F2:57:EB:66
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4j4wsVyuRIOkSo1Qht8qAvJX62Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:62:7d:b0:64:05:82:87:41:43:d5:1a:74:5c:8b:4e:63:64:
0c:55:32:fa:67:5e:54:40:ab:c9:ba:c1:ed:41:be:b9:58:be:
de:cb:80:ec:fd:21:1d:11:f3:7f:a8:fa:c9:ed:41:cc:4b:31:
a0:bf:d8:46:39:3a:bf:29:66:29:fd:1c:5a:67:39:9f:0f:bd:
63:90:8c:0a:2a:10:84:ff:81:1b:72:25:b1:50:91:a6:f5:30:
1f:fd:38:21:d2:ae:92:5c:a7:40:cc:86:74:3f:a7:17:95:28:
6e:3c:b3:a2:18:ac:5d:3d:b6:0c:79:b7:be:17:f8:b2:e6:4c:
54:45:96:ff:b2:2a:fe:d9:8c:b7:6b:66:b2:b0:70:9e:11:e9:
d7:56:fc:86:d5:a0:78:67:5a:03:44:f5:d7:f8:aa:88:5f:64:
d7:9d:13:93:b9:e4:99:c3:1c:9e:0f:43:c6:dd:be:38:1e:ca:
14:c7:38:fc:55:dc:85:06:21:f3:04:e7:ec:3c:02:0e:39:b2:
58:ec:9c:c8:f3:9a:0a:be:76:ea:7e:5e:aa:1c:6b:b9:44:0f:
b8:74:87:d7:a0:5b:9b:9a:c2:c6:36:0e:f5:07:e6:70:e4:11:
ef:2b:b8:8f:5c:d7:1e:40:b8:89:7e:dc:14:84:64:86:50:05:
32:48:e8:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3j1HX1sgIy+JuEoXfxNv0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI2MDUxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjNlMzBiMTVjYWU0NDgzYTQ0YThkNTA4NmRmMmEwMmYyNTdlYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkza3wpnYuVdx5i4gwcuerRE9+7+n
gDPbRjh9Hx3NrYm/js/NT5V8pyX9RYptPKCMBkifO1aM8aQ8ziIgiijJIiQmYHxg
3LZkw1Z3KrQZmO5l/wpvEmRus4lRXRYPvaORuWVHmT/qM9FVMelsNVAhkzrTZWZn
eFbzoi7KPrulrm4uPwdGoHwT9aIwjAkwIDXoOfii4tNAXdVvwu7HpBcIEwg4ZPU0
txudzx+6oGzB7CSofEhcW+qkh5ZuvVglHVThe8amKACcZ+ZzUNlZXSlgyj05lr6I
SGmPtJqXdqZW48Ode1vAJ8YbVPzuveLqMDF2S5WBYhZFY500E7VP8kucawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOI+MLFcrkSDpEqNUIbfKgLyV+tmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNGo0d3NWeXVSSU9rU28xUWh0OHFBdkpYNjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC5ifbBkBYKHQUPVGnRc
i05jZAxVMvpnXlRAq8m6we1BvrlYvt7LgOz9IR0R83+o+sntQcxLMaC/2EY5Or8p
Zin9HFpnOZ8PvWOQjAoqEIT/gRtyJbFQkab1MB/9OCHSrpJcp0DMhnQ/pxeVKG48
s6IYrF09tgx5t74X+LLmTFRFlv+yKv7ZjLdrZrKwcJ4R6ddW/IbVoHhnWgNE9df4
qohfZNedE5O55JnDHJ4PQ8bdvjgeyhTHOPxV3IUGIfME5+w8Ag45sljsnMjzmgq+
dup+Xqoca7lED7h0h9egW5uawsY2DvUH5nDkEe8ruI9c1x5AuIl+3BSEZIZQBTJI
6FU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:24:46 2025 by rpki-client