Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Kz1aMv45Z7rEyo0-qK4mGMhYd1g.roa
File: Kz1aMv45Z7rEyo0-qK4mGMhYd1g.roa (raw, json)
Hash identifier: ZmzivfbJle14uuny3ZqtmoZFJJefHXVRnltknvgBI5c=
Subject key identifier: 2B:3D:5A:32:FE:39:67:BA:C4:CA:8D:3E:A8:AE:26:18:C8:58:77:58
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E279BDDFAD89E176683890BD4F470DE80
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Kz1aMv45Z7rEyo0-qK4mGMhYd1g.roa
Signing time: Sun 10 Mar 2024 09:05:10 +0000
ROA not before: Sun 10 Mar 2024 09:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:279a:f360/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:27:9b:dd:fa:d8:9e:17:66:83:89:0b:d4:f4:70:de:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 09:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3d5a32fe3967bac4ca8d3ea8ae2618c8587758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:f8:3f:c9:15:6e:da:e1:d1:2e:e9:60:a1:
47:15:e8:a4:9b:c6:10:9c:00:c8:a2:77:3d:74:25:
b4:1e:a6:53:47:33:ad:45:00:0b:7f:7c:3f:a1:a4:
80:0f:6d:c6:d2:e1:da:e8:5b:5a:5e:35:ee:b4:fd:
e4:46:21:4d:2c:14:b0:62:9a:bf:16:3e:66:d4:67:
29:97:2d:8f:d1:0d:ac:c2:cf:28:12:31:02:b2:c6:
83:03:97:c8:bc:73:c6:ee:df:7c:a9:57:9d:f2:14:
3c:0c:61:51:5f:a3:69:10:59:2d:8f:11:82:99:41:
8f:c2:7a:2b:56:02:d8:ee:7a:c2:6e:1a:fa:47:51:
7a:d1:bb:c8:05:f1:9f:00:f3:b0:c2:69:ac:aa:dd:
1d:74:ab:91:14:4e:2c:f3:3c:b8:27:3c:c4:e8:45:
b9:75:0d:e0:d2:56:73:71:85:5b:be:1b:c7:5d:3a:
22:2e:ad:9e:11:1d:8d:e9:3a:3a:e9:53:ce:ff:f9:
fc:ab:8a:2f:85:b3:05:c5:67:9f:94:ff:49:26:c8:
6b:6c:ba:f5:0f:85:68:bd:3c:c0:79:f0:51:14:89:
f3:94:96:22:f9:5c:31:44:1c:5c:e2:ee:08:ef:21:
66:f1:73:b5:d5:a2:c2:4c:e2:f2:07:7b:f9:72:63:
95:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3D:5A:32:FE:39:67:BA:C4:CA:8D:3E:A8:AE:26:18:C8:58:77:58
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Kz1aMv45Z7rEyo0-qK4mGMhYd1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:49:cc:48:eb:9e:4f:c6:2d:aa:33:2f:5d:f1:76:e9:33:77:
71:2e:dc:aa:ae:d4:c2:8b:bf:7a:7c:66:46:4b:a8:ac:e2:58:
78:54:63:16:94:7a:5b:53:ff:c4:91:cf:f9:ae:fd:b4:1d:da:
35:dd:18:91:80:6e:df:5d:03:76:1c:39:84:96:14:98:25:98:
0b:2f:5a:68:99:49:b9:2a:d0:45:04:88:08:04:5a:4e:4e:ea:
87:20:92:a6:ea:c2:fd:a1:a3:37:58:e4:bd:0c:7f:a0:d6:3f:
98:91:15:70:77:ca:70:01:22:0c:64:3d:1f:54:68:75:2a:5c:
ff:56:d2:89:09:ee:dd:cd:64:f3:fc:46:23:82:0b:fd:ea:e3:
23:b3:9e:d4:be:ee:a5:0b:61:4b:0f:6a:f1:68:45:bd:a8:0f:
53:cd:5b:27:ee:e8:5c:78:79:0a:45:56:13:7f:e7:e1:0c:58:
d4:2c:45:8e:bd:23:c2:79:99:f7:53:a4:94:78:fc:1a:fd:b3:
eb:8e:df:df:35:8c:d2:92:f8:ea:f5:97:07:f7:62:27:c2:0a:
9d:b0:09:ea:d6:b5:60:c6:e0:f3:ad:4d:c3:50:0e:92:af:42:
ac:54:87:b3:bb:bb:79:fb:fd:15:1b:12:b8:4a:2f:87:36:4f:
65:14:eb:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4nm9362J4XZoOJC9T0cN6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMDkwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNkNWEzMmZlMzk2N2JhYzRjYThkM2VhOGFlMjYxOGM4NTg3NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhX4P8kVbtrh0S7pYKFHFeikm8YQ
nADIonc9dCW0HqZTRzOtRQALf3w/oaSAD23G0uHa6FtaXjXutP3kRiFNLBSwYpq/
Fj5m1Gcply2P0Q2sws8oEjECssaDA5fIvHPG7t98qVed8hQ8DGFRX6NpEFktjxGC
mUGPwnorVgLY7nrCbhr6R1F60bvIBfGfAPOwwmmsqt0ddKuRFE4s8zy4JzzE6EW5
dQ3g0lZzcYVbvhvHXToiLq2eER2N6To66VPO//n8q4ovhbMFxWeflP9JJshrbLr1
D4VovTzAefBRFInzlJYi+VwxRBxc4u4I7yFm8XO11aLCTOLyB3v5cmOV3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCs9WjL+OWe6xMqNPqiuJhjIWHdYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS3oxYU12NDVaN3JFeW8wLXFLNG1HTWhZZDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpJzEjrnk/GLaozL13x
dukzd3Eu3Kqu1MKLv3p8ZkZLqKziWHhUYxaUeltT/8SRz/mu/bQd2jXdGJGAbt9d
A3YcOYSWFJglmAsvWmiZSbkq0EUEiAgEWk5O6ocgkqbqwv2hozdY5L0Mf6DWP5iR
FXB3ynABIgxkPR9UaHUqXP9W0okJ7t3NZPP8RiOCC/3q4yOzntS+7qULYUsPavFo
Rb2oD1PNWyfu6Fx4eQpFVhN/5+EMWNQsRY69I8J5mfdTpJR4/Br9s+uO3981jNKS
+Or1lwf3YifCCp2wCerWtWDG4POtTcNQDpKvQqxUh7O7u3n7/RUbErhKL4c2T2UU
69s=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:36:40 2025 by rpki-client