Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VECE4hXiBkcWjWVXNPNnD3afmdk.roa
File: VECE4hXiBkcWjWVXNPNnD3afmdk.roa (raw, json)
Hash identifier: uJunrGcAyqyTODFu4WOrr5elfOMQqYQbw+VrVc2BKHk=
Subject key identifier: 54:40:84:E2:15:E2:06:47:16:8D:65:57:34:F3:67:0F:76:9F:99:D9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E65A7E2D2F176282F8AFDF46ABF151083
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VECE4hXiBkcWjWVXNPNnD3afmdk.roa
Signing time: Fri 22 Mar 2024 10:14:45 +0000
ROA not before: Fri 22 Mar 2024 10:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:a7:e2:d2:f1:76:28:2f:8a:fd:f4:6a:bf:15:10:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 22 10:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=544084e215e20647168d655734f3670f769f99d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:64:71:ea:58:ca:d5:fc:29:31:84:00:17:f3:
e6:4f:35:d7:5f:28:04:e2:f8:bd:d8:2b:bb:e5:ba:
70:d9:52:20:b9:93:89:81:2f:3a:69:cc:ed:b8:74:
6e:ab:56:38:f0:e9:5b:38:0a:25:dc:84:fb:84:5e:
c6:06:3e:0c:ad:e7:f4:45:8c:43:2d:9d:50:24:af:
3e:68:8a:0d:f2:05:ff:d5:0d:9e:32:ce:d0:36:23:
bb:8b:5a:5d:8f:73:89:16:e2:0b:b4:10:3c:03:62:
de:e4:2e:36:d0:e6:7a:ef:e7:5a:cd:35:b5:32:20:
cf:6a:c7:37:3a:00:99:c1:a9:69:a1:24:3e:cc:47:
b7:34:fe:d7:c9:11:72:9c:60:ef:90:24:45:21:b4:
5e:38:b1:67:f9:e3:a3:3d:4b:cb:f7:6d:8d:e2:2c:
7f:95:4e:18:98:be:fc:01:05:06:54:6e:0e:a8:8b:
72:7b:f6:d4:95:08:8b:a2:92:39:f5:9b:b4:3a:0f:
6f:fe:81:d8:19:5f:c6:e7:6c:5e:61:7d:03:09:8a:
bc:b9:9c:3e:96:22:e7:ca:ad:7e:f5:04:c1:4b:bc:
0f:b1:2e:c7:d7:de:18:85:4d:e7:74:0e:4d:b3:51:
a9:82:2d:57:99:25:e6:63:e1:9f:d6:c9:1c:c2:89:
d6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:40:84:E2:15:E2:06:47:16:8D:65:57:34:F3:67:0F:76:9F:99:D9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VECE4hXiBkcWjWVXNPNnD3afmdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:d4:20:11:d2:9a:70:2e:6d:5d:41:0e:99:56:93:18:38:59:
35:c5:9b:6a:44:e1:3b:48:97:45:98:cb:8d:c9:67:c3:c6:de:
0a:87:5c:83:0e:48:57:e5:00:b3:03:1d:52:49:22:5b:02:06:
b5:7a:1f:05:6d:f9:99:c6:16:f6:7f:c4:2c:f0:0b:d9:21:ad:
7e:e6:76:79:53:5e:46:d9:e0:47:20:83:cc:20:c3:30:20:3b:
d2:33:6c:1a:a4:a6:2e:30:9e:38:ea:a0:11:38:3e:74:d6:4c:
d0:5c:73:ce:4d:15:7a:de:e8:85:fd:5f:d0:af:74:c0:d6:29:
d4:47:fb:99:ab:ec:95:03:e8:32:8a:48:26:2d:3b:89:51:6a:
cc:64:51:5f:30:e9:67:f4:8c:3e:b6:a9:25:e1:ba:c1:9d:9c:
55:86:5e:1e:16:bc:e8:40:3f:ac:22:66:f6:46:a7:80:03:44:
60:7c:70:76:95:d0:df:bd:66:d2:5c:5a:05:de:10:78:12:f0:
3e:1b:f3:b1:4f:69:8c:35:6a:b6:b4:2d:90:37:f2:28:4d:d4:
08:01:35:60:f4:b2:20:cf:07:36:ee:3b:6e:64:8d:6a:07:51:
bf:c2:03:10:2e:51:9f:ab:14:4a:a7:a9:d1:8f:d7:db:a2:24:
d6:1d:7d:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5lp+LS8XYoL4r99Gq/FRCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIyMTAxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDQwODRlMjE1ZTIwNjQ3MTY4ZDY1NTczNGYzNjcwZjc2OWY5OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmRx6ljK1fwpMYQAF/PmTzXXXygE
4vi92Cu75bpw2VIguZOJgS86acztuHRuq1Y48OlbOAol3IT7hF7GBj4Mref0RYxD
LZ1QJK8+aIoN8gX/1Q2eMs7QNiO7i1pdj3OJFuILtBA8A2Le5C420OZ67+dazTW1
MiDPasc3OgCZwalpoSQ+zEe3NP7XyRFynGDvkCRFIbReOLFn+eOjPUvL922N4ix/
lU4YmL78AQUGVG4OqItye/bUlQiLopI59Zu0Og9v/oHYGV/G52xeYX0DCYq8uZw+
liLnyq1+9QTBS7wPsS7H194YhU3ndA5Ns1Gpgi1XmSXmY+Gf1skcwonWQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFRAhOIV4gZHFo1lVzTzZw92n5nZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVkVDRTRoWGlCa2NXaldWWE5QTm5EM2FmbWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7UIBHSmnAubV1BDplW
kxg4WTXFm2pE4TtIl0WYy43JZ8PG3gqHXIMOSFflALMDHVJJIlsCBrV6HwVt+ZnG
FvZ/xCzwC9khrX7mdnlTXkbZ4Ecgg8wgwzAgO9IzbBqkpi4wnjjqoBE4PnTWTNBc
c85NFXre6IX9X9CvdMDWKdRH+5mr7JUD6DKKSCYtO4lRasxkUV8w6Wf0jD62qSXh
usGdnFWGXh4WvOhAP6wiZvZGp4ADRGB8cHaV0N+9ZtJcWgXeEHgS8D4b87FPaYw1
ara0LZA38ihN1AgBNWD0siDPBzbuO25kjWoHUb/CAxAuUZ+rFEqnqdGP19uiJNYd
fZ4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:09:35 2025 by rpki-client