Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PwJhLeDFqGBXAkBUscFpFSQ6XIk.roa
File: PwJhLeDFqGBXAkBUscFpFSQ6XIk.roa (raw, json)
Hash identifier: aCVP4nS1awte0Oi53o7BqOtMqDCwvf0PE51z7sax7uo=
Subject key identifier: 3F:02:61:2D:E0:C5:A8:60:57:02:40:54:B1:C1:69:15:24:3A:5C:89
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDAD155401718998C58D66D7AF95080DC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PwJhLeDFqGBXAkBUscFpFSQ6XIk.roa
Signing time: Sat 24 Feb 2024 11:12:48 +0000
ROA not before: Sat 24 Feb 2024 11:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:d1:55:40:17:18:99:8c:58:d6:6d:7a:f9:50:80:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 24 11:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f02612de0c5a86057024054b1c16915243a5c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a2:b9:14:77:93:f9:43:63:16:4f:80:ae:62:
e8:71:11:b3:39:94:c3:5a:70:07:8b:14:a5:34:28:
97:81:4d:35:57:90:eb:41:07:71:53:16:81:d8:88:
3e:67:33:f2:42:87:0a:67:fa:2a:b6:fb:9e:69:c5:
21:3c:01:87:b5:5a:23:24:f9:c4:59:ea:af:27:46:
b6:b5:e1:20:6f:fc:22:6f:19:6b:32:78:11:2e:ce:
23:e9:37:a1:5d:f4:66:93:24:87:2f:99:44:93:04:
3b:ff:06:b6:b2:c8:30:28:87:b0:f1:ae:97:85:69:
85:b4:e7:4c:b6:f9:ab:4d:6a:97:40:ff:85:37:4c:
1a:00:92:2f:0e:f5:ce:96:82:3f:ce:fc:8e:c6:cd:
d5:42:2d:86:7d:17:05:5b:35:60:b4:41:b0:d3:4e:
6a:da:a9:ac:cb:0e:8f:dd:50:50:6d:66:3b:d3:e6:
27:47:3f:98:da:5a:af:da:9c:ad:aa:57:40:d8:69:
2f:79:1d:c7:c7:94:55:e5:22:0e:8a:eb:70:6e:27:
80:e4:ea:24:20:39:8f:4b:6a:0e:3e:92:83:93:e8:
06:e3:f7:2a:12:72:b8:a4:fb:71:cd:6e:e4:33:02:
22:3e:89:37:c0:5f:21:90:6b:eb:10:41:29:14:05:
08:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:02:61:2D:E0:C5:A8:60:57:02:40:54:B1:C1:69:15:24:3A:5C:89
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PwJhLeDFqGBXAkBUscFpFSQ6XIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:22:fb:e6:31:02:59:c9:c2:df:8e:a1:2f:a0:2d:77:98:51:
13:ed:59:9e:56:ca:f3:95:c6:b3:4b:42:b4:63:86:0f:19:76:
60:c9:9a:a7:14:c3:50:cf:07:9d:d1:98:5d:f0:42:22:33:0c:
88:f1:6d:65:e9:03:d7:85:7d:8e:bc:61:a8:9f:b5:c8:4d:ad:
6d:5d:c4:f6:76:80:6a:13:13:5c:ab:27:aa:f7:17:c7:a7:9f:
42:70:3b:23:cf:fc:01:05:e6:0e:5b:33:46:01:e9:62:ab:c4:
08:9b:1a:83:4b:a9:47:22:32:85:51:33:0c:61:d4:75:58:53:
a8:c5:c3:0c:b7:ae:82:09:b3:cc:0b:ce:9f:3b:d8:58:0b:69:
72:42:b3:94:dd:de:9b:8c:65:30:86:20:a5:78:3a:c5:47:c4:
0b:a7:8c:be:c7:fe:66:a9:35:c2:f2:17:87:c7:d6:f0:ac:3f:
a8:8e:14:33:df:54:68:df:f0:fd:19:c7:00:2b:1d:89:0f:96:
05:75:17:1d:5b:27:ce:26:c6:92:0d:bb:a3:bf:59:b9:04:7f:
a0:d8:1c:74:1b:6a:f9:b8:4d:95:b8:d8:1f:2e:78:0c:01:d5:
62:12:f4:f3:9f:92:9d:3d:cc:1f:29:77:95:8a:be:fa:d3:98:
39:f6:a8:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3a0VVAFxiZjFjWbXr5UIDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI0MTExMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjAyNjEyZGUwYzVhODYwNTcwMjQwNTRiMWMxNjkxNTI0M2E1Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaK5FHeT+UNjFk+ArmLocRGzOZTD
WnAHixSlNCiXgU01V5DrQQdxUxaB2Ig+ZzPyQocKZ/oqtvueacUhPAGHtVojJPnE
WeqvJ0a2teEgb/wibxlrMngRLs4j6TehXfRmkySHL5lEkwQ7/wa2ssgwKIew8a6X
hWmFtOdMtvmrTWqXQP+FN0waAJIvDvXOloI/zvyOxs3VQi2GfRcFWzVgtEGw005q
2qmsyw6P3VBQbWY70+YnRz+Y2lqv2pytqldA2GkveR3Hx5RV5SIOiutwbieA5Ook
IDmPS2oOPpKDk+gG4/cqEnK4pPtxzW7kMwIiPok3wF8hkGvrEEEpFAUI9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD8CYS3gxahgVwJAVLHBaRUkOlyJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUHdKaExlREZxR0JYQWtCVXNjRnBGU1E2WElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC4i++YxAlnJwt+OoS+g
LXeYURPtWZ5WyvOVxrNLQrRjhg8ZdmDJmqcUw1DPB53RmF3wQiIzDIjxbWXpA9eF
fY68YaiftchNrW1dxPZ2gGoTE1yrJ6r3F8enn0JwOyPP/AEF5g5bM0YB6WKrxAib
GoNLqUciMoVRMwxh1HVYU6jFwwy3roIJs8wLzp872FgLaXJCs5Td3puMZTCGIKV4
OsVHxAunjL7H/mapNcLyF4fH1vCsP6iOFDPfVGjf8P0ZxwArHYkPlgV1Fx1bJ84m
xpINu6O/WbkEf6DYHHQbavm4TZW42B8ueAwB1WIS9POfkp09zB8pd5WKvvrTmDn2
qKk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:18:06 2025 by rpki-client