Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fWgo2wp_qqZyHhQl_LQhw7ICuI8.roa
File: fWgo2wp_qqZyHhQl_LQhw7ICuI8.roa (raw, json)
Hash identifier: HYn8uh3WWpRbzQON/Ithp6fW05P1TWoqzk9JOKupwh4=
Subject key identifier: 7D:68:28:DB:0A:7F:AA:A6:72:1E:14:25:FC:B4:21:C3:B2:02:B8:8F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF9B02A3F14845D2F888D7A37DF863C33
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fWgo2wp_qqZyHhQl_LQhw7ICuI8.roa
Signing time: Fri 01 Mar 2024 11:04:48 +0000
ROA not before: Fri 01 Mar 2024 11:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:f9af:ddce/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:b0:2a:3f:14:84:5d:2f:88:8d:7a:37:df:86:3c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 1 11:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d6828db0a7faaa6721e1425fcb421c3b202b88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6f:16:d7:61:3a:7a:20:15:c3:01:37:48:2e:
d6:d9:d5:8b:b0:d9:0e:3b:1c:24:d6:7d:13:a5:7b:
17:91:35:c3:0e:e1:a9:c2:f4:ce:08:90:65:89:8b:
69:38:e2:8f:27:d3:ae:47:ee:03:6f:30:62:60:7f:
c8:f9:66:6c:85:6b:e6:cb:77:0b:c9:0e:51:11:3c:
00:a8:03:2b:c8:2c:d2:3a:92:42:6c:d1:16:5a:2e:
f4:dd:08:bc:46:bd:4f:cf:4a:19:ad:53:63:77:fb:
da:06:d5:5d:a2:57:ac:bd:81:55:79:e5:fd:8c:5a:
75:ca:2b:63:a6:71:b4:49:a9:44:7c:db:ec:c2:b6:
e6:98:93:7d:9e:5b:90:aa:9a:f8:22:e2:f6:5a:0a:
74:8b:b3:e4:88:bb:e5:f1:16:4b:4a:d3:3f:17:d2:
7d:09:92:5d:82:f8:d3:d8:cb:fe:e9:6a:80:32:49:
74:d7:2d:e7:2f:76:17:46:0a:38:3f:af:8f:d2:a3:
81:9c:9c:58:1f:03:4a:66:f3:14:62:4c:17:75:f6:
df:27:02:6b:9c:ce:73:11:8f:a9:5d:ff:f8:b5:64:
5c:3c:c2:6a:43:bf:a6:f6:7a:cc:58:ff:da:6d:f4:
3d:58:28:ca:59:d4:6c:83:58:54:05:50:7e:5c:4f:
e8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:68:28:DB:0A:7F:AA:A6:72:1E:14:25:FC:B4:21:C3:B2:02:B8:8F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fWgo2wp_qqZyHhQl_LQhw7ICuI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:76:7f:2a:72:2d:41:15:bb:c0:10:f1:76:d2:9b:da:d6:ea:
f8:98:0d:b4:c2:11:06:de:7c:8a:c7:bc:55:7d:4f:d2:e0:86:
a2:a1:e2:80:14:d0:fa:74:36:a2:66:6e:f3:64:7b:64:3f:7a:
bf:06:dd:ec:8e:f1:a3:66:36:e5:cc:68:fa:d6:31:f8:27:75:
3f:92:cd:9b:36:de:0f:7e:76:4a:2e:36:18:af:99:60:4e:2f:
7c:24:57:d2:08:b8:24:1a:2a:ec:22:f5:f6:9a:54:76:b5:12:
8f:01:1b:ac:93:fb:82:43:2d:88:76:e4:a0:ca:ec:9d:e7:e3:
a5:71:eb:f8:c8:a4:64:09:4a:88:db:7b:b3:0f:92:00:3a:97:
bd:c7:e9:91:65:39:4f:b3:c2:67:38:ea:ee:be:09:39:3b:d1:
e1:ba:d2:58:65:c9:8e:9f:ce:7b:95:4f:37:21:79:97:ae:ea:
f5:29:d3:7c:ab:d8:73:a3:63:67:1f:93:5b:0a:3f:6d:83:e2:
93:7e:48:23:e8:ba:1c:00:0c:4b:b0:89:db:76:0c:82:2e:e1:
b3:bc:db:c7:c6:4b:62:73:ee:4d:b4:27:df:1a:1f:0a:24:40:
7d:f9:6d:5f:13:24:a0:77:63:5a:d2:06:f4:e6:83:5e:42:27:
79:dc:f0:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY35sCo/FIRdL4iNejffhjwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAxMTEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDY4MjhkYjBhN2ZhYWE2NzIxZTE0MjVmY2I0MjFjM2IyMDJiODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm8W12E6eiAVwwE3SC7W2dWLsNkO
Oxwk1n0TpXsXkTXDDuGpwvTOCJBliYtpOOKPJ9OuR+4DbzBiYH/I+WZshWvmy3cL
yQ5RETwAqAMryCzSOpJCbNEWWi703Qi8Rr1Pz0oZrVNjd/vaBtVdolesvYFVeeX9
jFp1yitjpnG0SalEfNvswrbmmJN9nluQqpr4IuL2Wgp0i7PkiLvl8RZLStM/F9J9
CZJdgvjT2Mv+6WqAMkl01y3nL3YXRgo4P6+P0qOBnJxYHwNKZvMUYkwXdfbfJwJr
nM5zEY+pXf/4tWRcPMJqQ7+m9nrMWP/abfQ9WCjKWdRsg1hUBVB+XE/o9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH1oKNsKf6qmch4UJfy0IcOyAriPMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZldnbzJ3cF9xcVp5SGhRbF9MUWh3N0lDdUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHZ2fypyLUEVu8AQ8XbS
m9rW6viYDbTCEQbefIrHvFV9T9LghqKh4oAU0Pp0NqJmbvNke2Q/er8G3eyO8aNm
NuXMaPrWMfgndT+SzZs23g9+dkouNhivmWBOL3wkV9IIuCQaKuwi9faaVHa1Eo8B
G6yT+4JDLYh25KDK7J3n46Vx6/jIpGQJSojbe7MPkgA6l73H6ZFlOU+zwmc46u6+
CTk70eG60lhlyY6fznuVTzcheZeu6vUp03yr2HOjY2cfk1sKP22D4pN+SCPouhwA
DEuwidt2DIIu4bO828fGS2Jz7k20J98aHwokQH35bV8TJKB3Y1rSBvTmg15CJ3nc
8D8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:14:25 2025 by rpki-client