Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PnRamzztEvhXzwyg8PIOa-QpouI.roa
File: PnRamzztEvhXzwyg8PIOa-QpouI.roa (raw, json)
Hash identifier: NpZ5ouv+EmgpqxZg4GDZuDasU4SViVZAY7Po9GcxNqM=
Subject key identifier: 3E:74:5A:9B:3C:ED:12:F8:57:CF:0C:A0:F0:F2:0E:6B:E4:29:A2:E2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D3F42FE42EA8604493D0264D3E0D97FDC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PnRamzztEvhXzwyg8PIOa-QpouI.roa
Signing time: Thu 25 Jan 2024 06:16:11 +0000
ROA not before: Thu 25 Jan 2024 06:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:42:fe:42:ea:86:04:49:3d:02:64:d3:e0:d9:7f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 25 06:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e745a9b3ced12f857cf0ca0f0f20e6be429a2e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a8:08:14:15:21:8a:01:53:bd:b8:22:0a:4b:
88:aa:d8:6c:b6:4e:75:8b:d3:e9:fc:ad:ea:79:5c:
29:e9:a5:39:b8:a9:eb:ce:51:49:9f:06:31:fc:ea:
83:61:05:37:bb:1b:80:62:96:c8:8c:26:05:03:f2:
6a:5b:d6:af:bb:2b:06:da:1a:d9:42:cc:e5:72:84:
7f:f8:df:58:36:de:37:20:81:6b:04:af:f5:6f:a5:
b7:6c:82:ce:6a:bf:78:52:47:18:f8:bc:4c:1c:fd:
83:25:6a:7d:40:8b:06:41:c2:43:e4:26:8e:2d:e4:
df:01:1e:61:63:23:a3:af:78:e7:29:f3:12:35:28:
a1:8c:49:ea:7c:e5:52:69:68:72:d0:72:dc:b7:64:
2f:94:c1:17:9e:33:ac:93:d9:e0:ef:7a:2f:3a:66:
b9:e8:a2:e7:d5:f9:ff:6d:c1:b8:b8:25:ad:b9:d7:
61:c1:c6:db:9b:77:b9:a0:34:22:10:6d:01:2f:cf:
a2:63:00:f7:81:b6:4e:76:5e:45:80:64:1d:e5:1d:
c7:b6:63:fe:5b:7a:43:dd:18:b2:11:25:d0:40:3d:
c2:4e:43:21:71:74:22:0c:10:3e:60:d3:5c:db:07:
71:d6:91:43:9c:de:0e:46:64:ff:05:26:c3:e4:a7:
18:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:74:5A:9B:3C:ED:12:F8:57:CF:0C:A0:F0:F2:0E:6B:E4:29:A2:E2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PnRamzztEvhXzwyg8PIOa-QpouI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:b0:df:3b:5c:b0:de:cf:c0:29:8e:bc:1e:aa:dc:7e:a2:2d:
c8:09:41:7a:cc:40:18:bb:3e:39:bc:49:47:93:f5:5d:8c:2a:
c0:0c:55:7d:5e:20:2f:a3:7c:18:b0:f4:90:3b:95:15:e9:78:
7d:e8:45:14:ef:25:92:0f:75:fa:cb:b3:cb:a6:3e:41:fd:85:
de:3b:9f:f6:9d:7d:16:86:17:12:37:04:9f:0a:65:8b:4e:f7:
3d:87:71:2e:5d:86:5d:69:9f:aa:a0:ac:26:8a:cf:68:9e:a2:
4b:2f:c4:20:55:44:35:fc:ff:e0:50:ae:7d:d3:94:c0:47:a0:
42:f0:ef:84:81:a4:4a:db:cd:83:a5:a4:e3:53:74:b0:38:07:
3e:27:dc:e6:2a:7e:51:14:7d:8a:2c:22:c3:da:7f:f2:6c:c9:
e6:8a:77:da:36:da:10:81:ee:9b:ce:25:bf:06:7e:7b:d1:b9:
fc:1f:83:c0:03:9d:5b:db:1d:ff:23:98:0f:e9:6b:02:99:ec:
c7:2f:eb:06:4b:e0:20:d5:40:4d:d0:9c:aa:ae:f1:0f:dc:c1:
96:99:fd:40:cf:19:f1:70:46:83:10:9f:f5:b1:89:53:5c:43:
ab:39:1b:35:94:3a:2d:19:6a:5e:9e:60:e5:72:ea:ac:6f:ff:
99:2c:12:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0/Qv5C6oYEST0CZNPg2X/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI1MDYxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc0NWE5YjNjZWQxMmY4NTdjZjBjYTBmMGYyMGU2YmU0MjlhMmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqgIFBUhigFTvbgiCkuIqthstk51
i9Pp/K3qeVwp6aU5uKnrzlFJnwYx/OqDYQU3uxuAYpbIjCYFA/JqW9avuysG2hrZ
QszlcoR/+N9YNt43IIFrBK/1b6W3bILOar94UkcY+LxMHP2DJWp9QIsGQcJD5CaO
LeTfAR5hYyOjr3jnKfMSNSihjEnqfOVSaWhy0HLct2QvlMEXnjOsk9ng73ovOma5
6KLn1fn/bcG4uCWtuddhwcbbm3e5oDQiEG0BL8+iYwD3gbZOdl5FgGQd5R3HtmP+
W3pD3RiyESXQQD3CTkMhcXQiDBA+YNNc2wdx1pFDnN4ORmT/BSbD5KcYBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD50Wps87RL4V88MoPDyDmvkKaLiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUG5SYW16enRFdmhYend5ZzhQSU9hLVFwb3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFqw3ztcsN7PwCmOvB6q
3H6iLcgJQXrMQBi7Pjm8SUeT9V2MKsAMVX1eIC+jfBiw9JA7lRXpeH3oRRTvJZIP
dfrLs8umPkH9hd47n/adfRaGFxI3BJ8KZYtO9z2HcS5dhl1pn6qgrCaKz2ieoksv
xCBVRDX8/+BQrn3TlMBHoELw74SBpErbzYOlpONTdLA4Bz4n3OYqflEUfYosIsPa
f/JsyeaKd9o22hCB7pvOJb8GfnvRufwfg8ADnVvbHf8jmA/pawKZ7Mcv6wZL4CDV
QE3QnKqu8Q/cwZaZ/UDPGfFwRoMQn/WxiVNcQ6s5GzWUOi0Zal6eYOVy6qxv/5ks
Enw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:38:22 2025 by rpki-client