Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VZBin5htA0U72B9wpowjhksZK0A.roa
File: VZBin5htA0U72B9wpowjhksZK0A.roa (raw, json)
Hash identifier: 7toDSfX0HzQC3OOhA4ykrO1xghHzQ1YyX7f8DjbqWgc=
Subject key identifier: 55:90:62:9F:98:6D:03:45:3B:D8:1F:70:A6:8C:23:86:4B:19:2B:40
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDE070A594243BC563F371DBB728338CD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VZBin5htA0U72B9wpowjhksZK0A.roa
Signing time: Sun 14 Apr 2024 19:13:06 +0000
ROA not before: Sun 14 Apr 2024 19:13:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:de:07:0a:59:42:43:bc:56:3f:37:1d:bb:72:83:38:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 14 19:13:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5590629f986d03453bd81f70a68c23864b192b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:99:d3:02:60:95:57:3f:64:96:d0:1e:0c:cf:
bb:f6:f0:3a:26:00:f1:86:94:4e:68:05:50:4b:24:
9c:cb:74:96:67:55:9f:22:73:5c:4a:16:86:19:38:
ed:e2:aa:db:42:4d:03:52:1d:7d:33:eb:26:01:b1:
b0:af:1c:ec:97:ef:64:2c:06:28:e2:70:73:a4:04:
ec:5d:20:a1:06:3c:8c:89:ef:72:40:a0:09:e9:79:
02:95:9b:64:67:86:66:77:6d:65:e8:e4:a8:73:16:
0e:db:ea:25:09:a5:76:0d:26:08:7d:33:a2:b2:c6:
99:f1:4a:8b:30:69:1e:0f:b3:c0:68:90:88:a8:e1:
17:a3:9b:07:6c:f4:ba:b5:65:3b:aa:e8:0f:8b:d5:
f5:0a:d4:38:ab:30:84:fb:01:f4:8b:ab:8c:18:bf:
d0:36:8b:08:2a:9d:b2:f8:7a:b9:61:3c:b9:60:20:
b1:2f:80:88:0a:80:9c:b8:e1:5e:dc:40:f7:22:24:
32:c3:6b:8f:1f:da:23:70:e9:69:3f:d3:02:ab:fb:
d6:82:dd:87:2d:e5:59:f1:c5:89:3c:e9:20:d7:da:
6e:79:58:25:25:44:02:bf:d7:85:f2:03:01:48:9b:
01:64:93:27:ce:0e:26:e0:56:7b:21:6a:78:2f:67:
de:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:90:62:9F:98:6D:03:45:3B:D8:1F:70:A6:8C:23:86:4B:19:2B:40
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VZBin5htA0U72B9wpowjhksZK0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:8d:b7:13:fd:63:9a:77:b5:c1:ac:98:70:68:f8:4e:64:b7:
27:dc:1c:87:42:8e:73:92:3b:93:a6:3b:c4:4c:0d:32:00:aa:
26:80:f9:35:60:f8:54:35:61:4d:1f:2e:5e:a7:52:9f:6d:ee:
f2:6d:45:d8:2e:80:3f:28:44:fb:24:ef:5c:f8:a3:2b:cb:7d:
e2:c8:12:d2:43:63:1f:95:b3:09:e0:2a:89:1a:24:eb:3e:37:
fe:a9:40:28:36:fa:3c:05:92:2c:cb:d0:c4:c8:46:6e:bf:ad:
b8:d3:88:f3:5b:39:90:d9:f5:33:bc:46:3b:d0:62:88:e8:c1:
6f:83:c7:d0:c4:58:03:8a:39:f9:d2:56:c2:bd:f3:a5:45:22:
bf:19:65:98:f7:f7:38:81:16:08:b1:66:d8:da:6f:49:6a:92:
70:ee:36:b9:c0:64:0e:d7:e7:b6:20:b6:4e:33:d6:ea:17:c2:
5f:45:0a:f7:31:ff:67:bf:df:fe:c1:b4:52:e0:64:3a:80:81:
50:c3:c0:c8:a6:38:da:16:9e:4b:65:09:6e:59:2d:08:ba:94:
72:97:3f:99:2e:60:e5:53:63:37:fb:fb:7d:71:ec:ad:36:e4:
a5:03:7d:7a:ed:f8:54:a1:37:e4:fc:3a:af:2c:15:4f:7e:10:
a7:0a:59:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7eBwpZQkO8Vj83HbtygzjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE0MTkxMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTkwNjI5Zjk4NmQwMzQ1M2JkODFmNzBhNjhjMjM4NjRiMTkyYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZnTAmCVVz9kltAeDM+79vA6JgDx
hpROaAVQSyScy3SWZ1WfInNcShaGGTjt4qrbQk0DUh19M+smAbGwrxzsl+9kLAYo
4nBzpATsXSChBjyMie9yQKAJ6XkClZtkZ4Zmd21l6OSocxYO2+olCaV2DSYIfTOi
ssaZ8UqLMGkeD7PAaJCIqOEXo5sHbPS6tWU7qugPi9X1CtQ4qzCE+wH0i6uMGL/Q
NosIKp2y+Hq5YTy5YCCxL4CICoCcuOFe3ED3IiQyw2uPH9ojcOlpP9MCq/vWgt2H
LeVZ8cWJPOkg19pueVglJUQCv9eF8gMBSJsBZJMnzg4m4FZ7IWp4L2felQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFWQYp+YbQNFO9gfcKaMI4ZLGStAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVlpCaW41aHRBMFU3MkI5d3Bvd2poa3NaSzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGyNtxP9Y5p3tcGsmHBo
+E5ktyfcHIdCjnOSO5OmO8RMDTIAqiaA+TVg+FQ1YU0fLl6nUp9t7vJtRdgugD8o
RPsk71z4oyvLfeLIEtJDYx+VswngKokaJOs+N/6pQCg2+jwFkizL0MTIRm6/rbjT
iPNbOZDZ9TO8RjvQYojowW+Dx9DEWAOKOfnSVsK986VFIr8ZZZj39ziBFgixZtja
b0lqknDuNrnAZA7X57Ygtk4z1uoXwl9FCvcx/2e/3/7BtFLgZDqAgVDDwMimONoW
nktlCW5ZLQi6lHKXP5kuYOVTYzf7+31x7K025KUDfXrt+FShN+T8Oq8sFU9+EKcK
WTA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:18:42 2025 by rpki-client