Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VoH4Ty53y6lZ1aNCYL70Iz5D-TE.roa
File: VoH4Ty53y6lZ1aNCYL70Iz5D-TE.roa (raw, json)
Hash identifier: LYEBHFFWnlaSTjKG8UXpVtj3hE0VK/d7cbrei7k8AbA=
Subject key identifier: 56:81:F8:4F:2E:77:CB:A9:59:D5:A3:42:60:BE:F4:23:3E:43:F9:31
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8FE9C1571841F71D8A4710370AE70DFF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VoH4Ty53y6lZ1aNCYL70Iz5D-TE.roa
Signing time: Sat 30 Mar 2024 15:10:45 +0000
ROA not before: Sat 30 Mar 2024 15:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8f:e9:c1:57:18:41:f7:1d:8a:47:10:37:0a:e7:0d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 15:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5681f84f2e77cba959d5a34260bef4233e43f931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:ac:3c:50:cd:93:a0:13:08:f3:7d:a7:38:
16:7d:cf:5e:da:75:38:cd:63:7d:69:60:64:a0:3b:
11:c1:65:cc:f7:df:59:e3:d8:cb:d7:50:50:12:db:
bf:95:2e:70:0a:77:ba:22:8d:7f:79:c5:c1:1f:60:
9e:c5:32:87:42:f7:4a:2d:38:d2:94:5b:aa:00:50:
5f:51:9d:81:75:27:cb:ca:83:cd:8c:43:e1:e3:dc:
a2:b1:5a:03:18:43:e2:44:b0:c1:92:fd:f3:7e:e7:
bf:e4:60:8b:a1:0d:81:44:9d:99:99:c7:b6:cf:58:
40:bb:50:ad:80:12:39:1e:57:2f:20:60:4e:72:86:
a7:aa:99:72:e4:8a:7e:bb:f0:87:17:f6:9f:7a:ad:
2e:df:0a:b7:e2:f8:a4:e7:05:c8:76:e0:53:9d:dc:
86:ae:6b:60:54:2b:2f:a4:42:a8:d7:7b:bc:4d:16:
17:cc:a5:7e:48:1c:e6:89:65:04:19:84:2e:a8:67:
50:6f:d7:31:b4:e5:8d:09:d9:cc:82:88:f1:9a:37:
c2:4f:7f:ee:46:82:0c:73:71:a2:af:12:f0:e3:de:
b2:b1:ac:ec:1d:eb:61:82:b4:05:fa:ad:3e:eb:66:
b0:54:53:5f:23:27:56:61:d6:18:21:88:22:b7:e1:
7b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:81:F8:4F:2E:77:CB:A9:59:D5:A3:42:60:BE:F4:23:3E:43:F9:31
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VoH4Ty53y6lZ1aNCYL70Iz5D-TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:84:ca:70:f8:95:87:20:ff:dc:ac:d5:67:05:bc:84:8a:a1:
ae:fd:56:6e:2b:f2:4c:b3:36:57:9b:76:19:83:e4:54:27:4a:
a1:9b:1b:d0:f2:05:8f:b8:96:a5:46:49:7f:67:82:1f:ef:31:
43:e0:d3:05:97:f4:a0:51:73:82:70:7e:1a:d9:06:79:83:3b:
82:c3:b9:57:af:bc:c3:c9:66:1a:96:27:82:dc:e9:60:49:bd:
08:6e:52:ea:35:f8:89:86:4a:3b:80:33:a8:62:43:46:53:ab:
a3:e6:4a:bc:23:7c:d3:c7:e6:83:7d:13:4f:83:c9:5f:d3:37:
ad:0c:4b:28:74:86:e0:5c:e1:3b:1f:74:5d:c1:ef:94:a7:8c:
39:da:5b:22:cd:5a:ad:a9:0c:19:fc:c8:0a:68:82:4c:68:f5:
8b:3b:db:c4:2c:2a:01:d1:55:4c:0d:b9:5e:75:a4:46:aa:09:
f5:32:77:d8:7b:6a:f7:53:e8:0b:a9:5e:e8:6a:25:eb:89:5e:
c8:0e:90:5b:e5:06:92:a1:96:e9:65:a4:55:09:5c:21:97:b8:
26:1f:de:f0:3a:57:4c:30:9a:88:cb:4e:5b:b9:cb:cc:d0:b5:
29:74:c5:1d:6d:5a:1f:d7:ad:20:10:9a:cb:f1:0e:55:98:d8:
f1:1d:a7:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6P6cFXGEH3HYpHEDcK5w3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMTUxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjgxZjg0ZjJlNzdjYmE5NTlkNWEzNDI2MGJlZjQyMzNlNDNmOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgGsPFDNk6ATCPN9pzgWfc9e2nU4
zWN9aWBkoDsRwWXM999Z49jL11BQEtu/lS5wCne6Io1/ecXBH2CexTKHQvdKLTjS
lFuqAFBfUZ2BdSfLyoPNjEPh49yisVoDGEPiRLDBkv3zfue/5GCLoQ2BRJ2Zmce2
z1hAu1CtgBI5HlcvIGBOcoanqply5Ip+u/CHF/afeq0u3wq34vik5wXIduBTndyG
rmtgVCsvpEKo13u8TRYXzKV+SBzmiWUEGYQuqGdQb9cxtOWNCdnMgojxmjfCT3/u
RoIMc3GirxLw496ysazsHethgrQF+q0+62awVFNfIydWYdYYIYgit+F7hQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFaB+E8ud8upWdWjQmC+9CM+Q/kxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVm9INFR5NTN5NmxaMWFOQ1lMNzBJejVELVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEGEynD4lYcg/9ys1WcF
vISKoa79Vm4r8kyzNlebdhmD5FQnSqGbG9DyBY+4lqVGSX9ngh/vMUPg0wWX9KBR
c4JwfhrZBnmDO4LDuVevvMPJZhqWJ4Lc6WBJvQhuUuo1+ImGSjuAM6hiQ0ZTq6Pm
SrwjfNPH5oN9E0+DyV/TN60MSyh0huBc4TsfdF3B75SnjDnaWyLNWq2pDBn8yApo
gkxo9Ys728QsKgHRVUwNuV51pEaqCfUyd9h7avdT6AupXuhqJeuJXsgOkFvlBpKh
lullpFUJXCGXuCYf3vA6V0wwmojLTlu5y8zQtSl0xR1tWh/XrSAQmsvxDlWY2PEd
p5w=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:31:33 2025 by rpki-client