Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RaN8KwUg2TohZ_JlKw2etJCLFbY.roa
File: RaN8KwUg2TohZ_JlKw2etJCLFbY.roa (raw, json)
Hash identifier: 4jeIcUbnBXyAkRg5e8nlsyRCv6Rgz2vgr/JVL5jJzr4=
Subject key identifier: 45:A3:7C:2B:05:20:D9:3A:21:67:F2:65:2B:0D:9E:B4:90:8B:15:B6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E99CB5B5F5B6C21188AF02813D0C087EA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RaN8KwUg2TohZ_JlKw2etJCLFbY.roa
Signing time: Mon 01 Apr 2024 13:13:44 +0000
ROA not before: Mon 01 Apr 2024 13:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:cb:5b:5f:5b:6c:21:18:8a:f0:28:13:d0:c0:87:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 13:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45a37c2b0520d93a2167f2652b0d9eb4908b15b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:40:d8:4a:bf:48:52:11:67:a0:9b:e5:f3:e1:
58:28:29:b7:c1:e9:7f:22:aa:62:4a:ad:f3:61:55:
5e:58:65:9f:9f:63:6c:75:39:91:a0:16:34:9c:2f:
8f:15:39:0b:cf:89:6b:9b:0d:19:54:8c:46:d5:81:
97:28:5b:3b:98:1b:25:60:f7:44:ad:d1:fd:6e:1d:
4d:8b:65:7a:c2:7a:ca:65:44:d4:09:dc:7d:81:18:
1a:85:4d:02:c3:12:cb:c0:b8:a1:a0:e9:f9:c7:6a:
99:36:e2:32:db:31:02:60:fd:82:eb:97:7f:39:59:
ce:8e:aa:66:67:14:4a:af:79:ec:d4:c5:5f:5a:2c:
91:40:36:1c:5b:5b:1b:68:b6:d3:2f:1e:f2:ca:e1:
7e:e7:7e:9a:1d:e7:b9:1f:d4:1e:fd:ef:45:3e:68:
88:61:c9:97:c9:cb:31:03:b5:96:c6:40:27:34:bb:
bc:3f:5c:9a:b0:37:d8:95:bb:6a:fe:70:7f:bc:bc:
e9:53:c9:5f:7e:42:de:22:f2:bd:7d:66:d7:41:54:
53:83:19:a3:02:e0:3f:a7:ff:94:39:8e:4f:c0:a8:
d3:a7:2e:ff:3c:2e:a7:a3:e0:e5:3c:c2:75:d8:12:
52:2f:2e:98:a0:ee:76:f3:18:d2:52:ae:58:63:a8:
f8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A3:7C:2B:05:20:D9:3A:21:67:F2:65:2B:0D:9E:B4:90:8B:15:B6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RaN8KwUg2TohZ_JlKw2etJCLFbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:a3:6b:4c:b8:74:de:97:51:fe:15:b1:a7:9c:37:f5:4c:df:
e5:47:e8:09:a6:0b:94:ab:c9:b9:9a:40:9f:b8:fd:0f:da:7e:
9f:f3:78:05:12:d2:75:a4:37:c4:25:dc:16:a0:01:7a:2b:86:
30:a0:bf:ac:0e:d9:7a:fb:e3:72:32:4e:0c:7f:3e:90:15:fc:
e7:e5:4e:ee:a7:97:5a:1f:65:77:e6:b6:19:70:c2:90:56:42:
b6:16:ec:70:18:d6:a3:da:2a:7f:e5:92:b1:d0:05:92:ee:21:
04:6a:bf:16:8a:50:dd:a0:56:3f:a7:87:22:9d:94:4c:22:ec:
60:90:81:e8:34:87:bd:98:39:51:6e:eb:04:6d:ce:e2:4d:36:
7a:16:92:af:28:88:63:57:21:21:3a:fa:8a:d0:4f:7c:a3:e7:
2f:40:cf:d3:84:9f:fc:1c:54:0a:f4:2c:02:95:20:54:93:a5:
41:61:0d:49:66:5c:e2:b0:21:57:90:66:69:c5:b6:31:b8:7a:
be:4d:10:6c:70:2c:56:38:f1:c2:84:8c:f2:8a:1f:01:7d:9b:
a6:be:c7:be:93:56:c1:ce:69:6b:0a:b1:a7:11:9a:65:7e:dc:
43:19:6a:58:91:fc:77:50:27:af:dd:6e:30:41:89:3b:c1:2c:
dd:31:97:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6Zy1tfW2whGIrwKBPQwIfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMTMxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWEzN2MyYjA1MjBkOTNhMjE2N2YyNjUyYjBkOWViNDkwOGIxNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10DYSr9IUhFnoJvl8+FYKCm3wel/
IqpiSq3zYVVeWGWfn2NsdTmRoBY0nC+PFTkLz4lrmw0ZVIxG1YGXKFs7mBslYPdE
rdH9bh1Ni2V6wnrKZUTUCdx9gRgahU0CwxLLwLihoOn5x2qZNuIy2zECYP2C65d/
OVnOjqpmZxRKr3ns1MVfWiyRQDYcW1sbaLbTLx7yyuF+536aHee5H9Qe/e9FPmiI
YcmXycsxA7WWxkAnNLu8P1yasDfYlbtq/nB/vLzpU8lffkLeIvK9fWbXQVRTgxmj
AuA/p/+UOY5PwKjTpy7/PC6no+DlPMJ12BJSLy6YoO528xjSUq5YY6j4NwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEWjfCsFINk6IWfyZSsNnrSQixW2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUmFOOEt3VWcyVG9oWl9KbEt3MmV0SkNMRmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFSja0y4dN6XUf4Vsaec
N/VM3+VH6AmmC5SrybmaQJ+4/Q/afp/zeAUS0nWkN8Ql3BagAXorhjCgv6wO2Xr7
43IyTgx/PpAV/OflTu6nl1ofZXfmthlwwpBWQrYW7HAY1qPaKn/lkrHQBZLuIQRq
vxaKUN2gVj+nhyKdlEwi7GCQgeg0h72YOVFu6wRtzuJNNnoWkq8oiGNXISE6+orQ
T3yj5y9Az9OEn/wcVAr0LAKVIFSTpUFhDUlmXOKwIVeQZmnFtjG4er5NEGxwLFY4
8cKEjPKKHwF9m6a+x76TVsHOaWsKsacRmmV+3EMZaliR/HdQJ6/dbjBBiTvBLN0x
l4k=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:16:15 2025 by rpki-client