Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CeuPNWoPIqMELKposg1bwNrlxIM.roa
File: CeuPNWoPIqMELKposg1bwNrlxIM.roa (raw, json)
Hash identifier: xpdXNfI0w6Ykk6nfIM64wstjj5ZlKnhqhC6XJnLPU0M=
Subject key identifier: 09:EB:8F:35:6A:0F:22:A3:04:2C:AA:68:B2:0D:5B:C0:DA:E5:C4:83
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF425B429F05398B26E748E3D3257A93F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CeuPNWoPIqMELKposg1bwNrlxIM.roa
Signing time: Wed 10 Jan 2024 16:12:40 +0000
ROA not before: Wed 10 Jan 2024 16:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:25:b4:29:f0:53:98:b2:6e:74:8e:3d:32:57:a9:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 10 16:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09eb8f356a0f22a3042caa68b20d5bc0dae5c483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:38:9b:cb:3c:c8:66:08:1e:1f:e4:c9:94:a9:
35:42:4b:59:6c:3e:23:4c:83:bc:aa:a2:ae:9f:5f:
57:d3:33:b5:e9:c3:21:18:fa:58:e8:14:66:76:79:
31:9b:35:26:3b:f4:e7:cb:65:b9:e9:d2:8b:22:31:
b1:73:d3:d8:c1:0e:d9:82:2a:6e:a1:52:2e:05:37:
d9:7b:f3:8f:84:a5:0a:fa:39:99:c8:ed:fe:a5:1a:
3f:ce:1d:df:3e:41:f2:66:2b:75:fc:66:57:b0:c8:
64:18:55:b2:ac:c1:58:4e:41:a9:86:b0:4b:16:94:
23:f0:c2:3a:9f:57:dc:ac:aa:75:2e:d5:db:0c:4e:
69:4a:ad:29:3a:25:5b:87:50:8e:55:4c:6b:7e:96:
d5:83:5f:71:b8:33:a4:47:9a:e4:26:60:2b:59:c1:
c1:85:3a:06:c3:22:15:37:98:a8:1b:7b:a6:5c:96:
b1:17:c4:ce:50:57:7c:28:40:49:b2:c2:fc:17:79:
09:8f:f1:02:69:e2:70:e6:a3:2f:bd:96:2e:8a:bb:
f4:00:e6:57:b0:77:0b:d5:eb:50:67:c2:06:ce:a7:
db:8e:d7:06:a4:61:3a:b7:ee:4e:b6:f8:7e:d4:7b:
7a:62:b0:06:7c:b1:e9:ce:82:76:e3:94:c2:7d:8e:
d2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EB:8F:35:6A:0F:22:A3:04:2C:AA:68:B2:0D:5B:C0:DA:E5:C4:83
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CeuPNWoPIqMELKposg1bwNrlxIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:32:f4:22:c8:47:18:45:ea:f4:ea:21:76:7c:f4:b9:6c:ef:
20:dd:06:af:6a:11:df:1d:ff:a2:f9:1f:d4:ea:71:26:d1:5c:
c6:34:b2:9c:0e:a6:3d:7f:34:bd:ea:69:7d:e4:b8:31:b0:e5:
b1:25:61:42:58:88:ba:42:0e:61:7e:83:f8:12:b7:c7:ad:f3:
98:8e:df:6a:2c:8c:43:9c:af:d4:6e:78:a6:b1:82:66:f0:19:
9c:91:3f:3b:94:ed:ee:94:74:67:95:36:09:fe:1d:cd:63:69:
cb:0c:2d:09:b6:18:d0:73:13:8b:fe:45:4f:cb:45:7e:1d:d4:
fc:cc:a3:ab:d8:73:40:b0:8d:53:a9:d0:e3:8d:7c:2d:24:60:
5f:26:22:d0:f5:a5:fe:14:f0:1e:74:90:f4:23:70:88:7d:b3:
61:64:d8:56:08:47:b1:c6:df:5e:b3:3e:db:c0:76:52:08:9c:
75:0f:c5:1b:36:69:d1:81:89:cc:e4:ff:23:83:7a:f3:65:53:
b0:3c:d2:b7:c8:39:ef:e7:36:b1:6f:a9:20:42:72:84:85:e1:
86:cd:bb:50:2f:c0:39:45:9e:24:c8:0d:37:63:cf:2f:c3:d2:
41:2d:fe:b6:82:83:bf:0d:09:96:f9:4e:7b:f1:44:16:da:01:
c7:3a:77:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz0JbQp8FOYsm50jj0yV6k/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEwMTYxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWViOGYzNTZhMGYyMmEzMDQyY2FhNjhiMjBkNWJjMGRhZTVjNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TibyzzIZggeH+TJlKk1QktZbD4j
TIO8qqKun19X0zO16cMhGPpY6BRmdnkxmzUmO/Tny2W56dKLIjGxc9PYwQ7Zgipu
oVIuBTfZe/OPhKUK+jmZyO3+pRo/zh3fPkHyZit1/GZXsMhkGFWyrMFYTkGphrBL
FpQj8MI6n1fcrKp1LtXbDE5pSq0pOiVbh1COVUxrfpbVg19xuDOkR5rkJmArWcHB
hToGwyIVN5ioG3umXJaxF8TOUFd8KEBJssL8F3kJj/ECaeJw5qMvvZYuirv0AOZX
sHcL1etQZ8IGzqfbjtcGpGE6t+5Otvh+1Ht6YrAGfLHpzoJ245TCfY7SSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAnrjzVqDyKjBCyqaLINW8Da5cSDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ2V1UE5Xb1BJcU1FTEtwb3NnMWJ3TnJseElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFAy9CLIRxhF6vTqIXZ8
9Lls7yDdBq9qEd8d/6L5H9TqcSbRXMY0spwOpj1/NL3qaX3kuDGw5bElYUJYiLpC
DmF+g/gSt8et85iO32osjEOcr9RueKaxgmbwGZyRPzuU7e6UdGeVNgn+Hc1jacsM
LQm2GNBzE4v+RU/LRX4d1PzMo6vYc0CwjVOp0OONfC0kYF8mItD1pf4U8B50kPQj
cIh9s2Fk2FYIR7HG316zPtvAdlIInHUPxRs2adGBiczk/yODevNlU7A80rfIOe/n
NrFvqSBCcoSF4YbNu1AvwDlFniTIDTdjzy/D0kEt/raCg78NCZb5TnvxRBbaAcc6
d+E=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:21:51 2025 by rpki-client