Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/l6KzVQc4NOJ3CqXlWKrsXeoWaRA.roa
File: l6KzVQc4NOJ3CqXlWKrsXeoWaRA.roa (raw, json)
Hash identifier: skYPLQ70xC1d2tFo1UilyAl+0wqux/hF5bgIR/JDNuc=
Subject key identifier: 97:A2:B3:55:07:38:34:E2:77:0A:A5:E5:58:AA:EC:5D:EA:16:69:10
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2135FD4627B8189E5EDAF85E18D24701
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/l6KzVQc4NOJ3CqXlWKrsXeoWaRA.roa
Signing time: Sat 09 Mar 2024 03:16:10 +0000
ROA not before: Sat 09 Mar 2024 03:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:21:35:fd:46:27:b8:18:9e:5e:da:f8:5e:18:d2:47:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 9 03:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97a2b355073834e2770aa5e558aaec5dea166910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:01:2b:6c:1d:92:68:88:9b:05:16:a0:26:c9:
92:77:dd:41:77:87:d0:34:34:b2:08:5b:d5:23:2f:
40:ad:db:9c:72:93:e4:6b:e3:4c:a7:97:db:da:76:
08:3b:64:aa:21:68:a1:17:e9:6e:cc:a2:c9:7c:91:
7e:87:91:3d:48:71:12:5a:6b:39:53:21:d0:2a:63:
62:b1:7c:86:c9:f1:65:2b:2b:1e:75:71:fd:8d:7f:
77:51:49:9b:f1:13:cf:be:b6:32:03:2d:c3:e9:ee:
0f:00:37:db:b1:21:a5:30:2c:fe:1f:43:7a:6e:9f:
85:39:2d:70:23:c7:b1:7b:d1:2d:71:c9:7e:4f:fd:
12:1a:d2:08:9d:ff:9f:14:5c:13:e7:3a:5c:0a:c9:
60:62:83:38:e8:fa:0c:ac:45:70:9f:48:30:f7:c3:
71:e4:8a:76:ee:9a:10:15:7c:54:2a:46:ac:e8:28:
eb:32:9c:f1:5c:dd:2f:9f:d8:c9:ea:c1:e2:1b:03:
f2:75:3b:6e:a5:18:4c:08:c2:bb:c0:b6:2d:e6:03:
ee:fe:c9:f0:81:38:fd:87:fa:e9:10:45:69:78:d8:
36:10:ba:30:76:97:1e:03:f8:1e:5d:b7:ee:09:56:
af:b5:e5:66:9f:cc:47:e1:06:58:85:0b:1e:77:ac:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A2:B3:55:07:38:34:E2:77:0A:A5:E5:58:AA:EC:5D:EA:16:69:10
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/l6KzVQc4NOJ3CqXlWKrsXeoWaRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:31:3b:0c:c4:c8:85:21:ec:c5:02:f1:bb:6c:cd:9a:e7:af:
ef:b4:b6:f0:95:09:6a:97:0d:d3:b7:13:89:d6:52:b7:7a:5c:
c7:76:fb:71:b9:7d:f8:c0:5e:a1:de:e3:29:10:9a:79:c0:86:
2c:0b:ff:82:f8:14:de:3b:b4:df:77:09:06:62:dc:10:39:3a:
d5:1d:47:b9:d2:a0:82:e5:00:b4:ce:ba:bb:83:19:db:91:d2:
72:fb:b8:3c:e9:cd:8c:30:f5:d2:07:bb:db:f2:4f:1c:09:a9:
67:5c:67:bc:c6:26:40:aa:e7:e8:d1:6d:ff:f8:b4:9c:20:49:
5c:2c:58:6d:41:f2:9d:23:4b:c0:42:6d:48:bd:63:07:50:d6:
ce:7c:7c:69:ba:d4:8f:12:3c:89:c9:ba:47:02:3d:23:40:1c:
cd:81:e2:34:2c:9a:40:4c:77:82:5e:00:41:b8:7a:cd:59:fa:
11:a6:0b:3d:1c:5f:b6:01:70:4b:c2:f4:58:dd:4b:e7:d3:35:
7e:88:62:65:1e:2c:9f:da:4b:8d:bb:9b:e4:7c:68:dc:84:dc:
6c:8e:bb:92:b5:2c:6b:0a:e9:6f:99:54:5a:e9:08:61:e5:b9:
d6:d2:90:03:71:b9:fc:92:a0:2a:b8:c7:17:27:40:27:b0:18:
00:c4:61:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4hNf1GJ7gYnl7a+F4Y0kcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA5MDMxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2EyYjM1NTA3MzgzNGUyNzcwYWE1ZTU1OGFhZWM1ZGVhMTY2OTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigErbB2SaIibBRagJsmSd91Bd4fQ
NDSyCFvVIy9ArduccpPka+NMp5fb2nYIO2SqIWihF+luzKLJfJF+h5E9SHESWms5
UyHQKmNisXyGyfFlKysedXH9jX93UUmb8RPPvrYyAy3D6e4PADfbsSGlMCz+H0N6
bp+FOS1wI8exe9Etccl+T/0SGtIInf+fFFwT5zpcCslgYoM46PoMrEVwn0gw98Nx
5Ip27poQFXxUKkas6CjrMpzxXN0vn9jJ6sHiGwPydTtupRhMCMK7wLYt5gPu/snw
gTj9h/rpEEVpeNg2ELowdpceA/geXbfuCVavteVmn8xH4QZYhQsed6xyQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJeis1UHODTidwql5Viq7F3qFmkQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbDZLelZRYzROT0ozQ3FYbFdLcnNYZW9XYVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJAxOwzEyIUh7MUC8bts
zZrnr++0tvCVCWqXDdO3E4nWUrd6XMd2+3G5ffjAXqHe4ykQmnnAhiwL/4L4FN47
tN93CQZi3BA5OtUdR7nSoILlALTOuruDGduR0nL7uDzpzYww9dIHu9vyTxwJqWdc
Z7zGJkCq5+jRbf/4tJwgSVwsWG1B8p0jS8BCbUi9YwdQ1s58fGm61I8SPInJukcC
PSNAHM2B4jQsmkBMd4JeAEG4es1Z+hGmCz0cX7YBcEvC9FjdS+fTNX6IYmUeLJ/a
S427m+R8aNyE3GyOu5K1LGsK6W+ZVFrpCGHludbSkANxufySoCq4xxcnQCewGADE
YVs=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:11:22 2025 by rpki-client