Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5lCjx-spt-XyQsLskc18fL8mUPA.roa
File: 5lCjx-spt-XyQsLskc18fL8mUPA.roa (raw, json)
Hash identifier: fA9WvyhfL63XaXu7Jt1mAoyz0FUvMyfRf3oGsmFmTGc=
Subject key identifier: E6:50:A3:C7:EB:29:B7:E5:F2:42:C2:EC:91:CD:7C:7C:BF:26:50:F0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E27E088C8DB1A0AC032EB12A6AC8F24D0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5lCjx-spt-XyQsLskc18fL8mUPA.roa
Signing time: Sun 10 Mar 2024 10:20:10 +0000
ROA not before: Sun 10 Mar 2024 10:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:27:e0:88:c8:db:1a:0a:c0:32:eb:12:a6:ac:8f:24:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 10:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e650a3c7eb29b7e5f242c2ec91cd7c7cbf2650f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:06:2f:e3:de:7b:16:3f:1a:11:1a:91:b2:
7c:ad:95:4a:69:8d:96:f8:85:fc:f2:c7:6e:3d:1e:
e6:19:27:9d:ec:42:51:42:3f:48:38:f1:99:ec:17:
da:c4:c1:9b:5e:0f:4b:e9:35:b1:fc:ed:34:34:99:
e5:4c:28:3d:38:0e:14:d7:a1:3e:78:22:0b:e4:b9:
26:5c:54:a1:5b:38:64:38:89:fe:28:31:1c:82:c4:
a1:7c:e3:8f:fa:74:75:84:ec:ae:5d:18:7e:32:2f:
f1:4a:b8:3a:5e:3b:6b:74:d9:20:5a:ed:48:9b:ef:
cc:2b:95:4a:24:f6:3d:e0:70:fc:05:25:c5:52:cf:
40:6d:7c:6e:2b:19:d6:a2:cf:7f:3b:56:8e:1d:21:
e8:29:71:98:a2:f4:fe:a0:5f:69:5c:5b:aa:02:94:
f2:a6:7d:6e:99:42:c3:10:0d:18:c8:05:16:39:28:
75:da:84:ce:82:d4:b2:41:b2:c9:2f:81:25:02:0b:
00:38:e5:55:f7:64:a6:05:d6:b8:8f:d0:14:9f:74:
41:75:24:81:65:4b:13:50:98:b2:f0:f5:a7:79:5e:
0f:f7:95:3f:a4:38:9f:4f:29:6f:32:46:fc:d0:64:
7b:e7:89:5d:80:61:79:06:c8:1b:71:5e:b7:9f:22:
dc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:50:A3:C7:EB:29:B7:E5:F2:42:C2:EC:91:CD:7C:7C:BF:26:50:F0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5lCjx-spt-XyQsLskc18fL8mUPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:b1:3d:45:78:9a:60:c1:04:b0:50:74:ce:66:98:c6:39:03:
9f:78:f7:9f:8e:0e:14:a1:f2:48:a4:25:01:6b:91:08:1f:f5:
b9:b8:20:b5:c0:fb:0f:af:94:6d:0a:05:8e:66:3f:5a:11:14:
d1:ac:5e:76:2d:58:cc:2c:66:46:75:21:6b:3f:af:98:4d:7f:
84:96:25:91:cd:f3:b5:f0:b6:a8:68:2b:07:90:cc:f8:44:a4:
be:86:34:5f:fb:7c:08:2c:04:a1:e9:90:a4:e9:1a:b3:d9:6c:
fd:1c:20:3e:b0:2a:8b:94:28:b0:c8:4a:ba:ec:57:02:ef:e5:
38:f8:14:02:29:fc:6a:4e:1f:30:ea:6d:c4:bb:fb:3d:da:b8:
71:45:e2:98:c0:eb:cc:59:16:a8:8c:88:c6:5c:fb:19:d4:c9:
2f:ff:f5:d6:a9:03:bb:a6:6e:83:f8:e8:96:5d:e2:3b:0b:a4:
60:fd:b2:dd:65:e6:95:58:b9:1a:fa:f1:06:ba:fe:5c:40:48:
18:5d:03:e2:07:a8:c9:47:2e:dc:ad:96:e6:45:86:62:21:f7:
89:e1:4c:4e:2f:19:de:02:74:75:0f:13:3f:a5:ce:29:bc:89:
d4:be:a2:04:53:41:68:f0:f3:d6:f9:f2:79:71:5e:31:13:40:
28:e0:c1:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4n4IjI2xoKwDLrEqasjyTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMTAyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjUwYTNjN2ViMjliN2U1ZjI0MmMyZWM5MWNkN2M3Y2JmMjY1MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+QGL+PeexY/GhEakbJ8rZVKaY2W
+IX88sduPR7mGSed7EJRQj9IOPGZ7BfaxMGbXg9L6TWx/O00NJnlTCg9OA4U16E+
eCIL5LkmXFShWzhkOIn+KDEcgsShfOOP+nR1hOyuXRh+Mi/xSrg6XjtrdNkgWu1I
m+/MK5VKJPY94HD8BSXFUs9AbXxuKxnWos9/O1aOHSHoKXGYovT+oF9pXFuqApTy
pn1umULDEA0YyAUWOSh12oTOgtSyQbLJL4ElAgsAOOVV92SmBda4j9AUn3RBdSSB
ZUsTUJiy8PWneV4P95U/pDifTylvMkb80GR754ldgGF5BsgbcV63nyLcowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOZQo8frKbfl8kLC7JHNfHy/JlDwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNWxDangtc3B0LVh5UXNMc2tjMThmTDhtVVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADuxPUV4mmDBBLBQdM5m
mMY5A59495+ODhSh8kikJQFrkQgf9bm4ILXA+w+vlG0KBY5mP1oRFNGsXnYtWMws
ZkZ1IWs/r5hNf4SWJZHN87XwtqhoKweQzPhEpL6GNF/7fAgsBKHpkKTpGrPZbP0c
ID6wKouUKLDISrrsVwLv5Tj4FAIp/GpOHzDqbcS7+z3auHFF4pjA68xZFqiMiMZc
+xnUyS//9dapA7umboP46JZd4jsLpGD9st1l5pVYuRr68Qa6/lxASBhdA+IHqMlH
LtytluZFhmIh94nhTE4vGd4CdHUPEz+lzim8idS+ogRTQWjw89b58nlxXjETQCjg
wcI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:31:48 2025 by rpki-client