Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lIExkKC715b6aBkWU5gV4PJ_Gpk.roa
File: lIExkKC715b6aBkWU5gV4PJ_Gpk.roa (raw, json)
Hash identifier: dcWNagZRhOdERqfXHry+GPdHdXnZv5OyD8mv4evwUJk=
Subject key identifier: 94:81:31:90:A0:BB:D7:96:FA:68:19:16:53:98:15:E0:F2:7F:1A:99
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D777C123E7B407AD8C205F20631052912
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lIExkKC715b6aBkWU5gV4PJ_Gpk.roa
Signing time: Mon 05 Feb 2024 04:17:16 +0000
ROA not before: Mon 05 Feb 2024 04:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:7c:12:3e:7b:40:7a:d8:c2:05:f2:06:31:05:29:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 04:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94813190a0bbd796fa681916539815e0f27f1a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:29:39:52:27:68:0f:b4:a2:07:d8:0f:6a:
83:5b:6c:db:47:7d:5a:f1:d2:1b:e3:9c:b7:5c:b1:
ac:76:3b:fa:df:1f:78:60:ec:ff:a8:7c:98:7c:1a:
3a:ec:8e:cd:27:f5:de:23:e7:41:0f:87:ad:0b:09:
06:3b:52:76:57:25:b3:68:0b:9c:6a:c0:74:9e:f9:
83:9c:d8:7c:8a:53:76:91:dc:79:5b:ef:cc:79:b7:
1c:33:d2:38:08:7d:76:93:67:df:ae:8e:86:c4:b5:
f1:c9:7c:b5:20:f6:19:18:6d:32:6c:fe:7d:8d:4a:
a9:33:77:b8:20:41:9f:79:66:56:d9:c8:fa:d0:6e:
83:90:12:1a:5b:61:0b:ae:83:37:69:d1:3b:22:b0:
17:15:93:cf:d5:eb:d8:3d:67:49:1c:41:80:2d:8d:
0a:bc:6a:02:75:43:20:ac:1d:ce:4c:e1:08:72:f4:
83:ee:77:be:df:63:bc:53:ca:05:62:29:b5:e8:f0:
3e:03:34:8a:fa:26:d1:eb:a5:0a:60:00:1b:89:f6:
1d:31:a1:a2:fb:40:94:31:55:a5:c3:e7:f7:27:2b:
db:c5:13:32:7b:d4:7e:f3:2d:3d:2c:26:5a:da:3b:
b4:17:52:7e:63:64:48:21:2c:2d:70:0b:7c:9c:3d:
bf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:31:90:A0:BB:D7:96:FA:68:19:16:53:98:15:E0:F2:7F:1A:99
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lIExkKC715b6aBkWU5gV4PJ_Gpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:ac:61:20:f3:e2:10:d3:3d:63:b1:e1:ea:c1:1b:81:3c:cd:
81:cf:90:0f:ad:9b:bc:ef:3a:90:d7:4f:b0:0e:9a:29:de:69:
d1:45:63:85:c9:69:6d:83:4b:35:45:4b:54:36:aa:49:1d:a6:
d4:98:a8:bf:2b:1c:29:67:b6:94:8b:7d:d1:9b:7b:0b:5d:70:
cc:68:b8:5a:1e:51:65:2a:aa:91:a1:8c:de:61:b9:a1:c5:69:
dd:be:8e:6c:b2:53:6b:e2:e9:e2:eb:6c:9d:8b:25:d7:55:f5:
9a:78:3a:6e:1d:c1:c3:70:3d:94:11:02:69:a4:e9:f7:cc:ce:
aa:e5:7a:a4:c3:68:98:ae:0d:e6:4a:b1:bd:43:f4:11:a4:ea:
d9:4f:fe:6e:12:20:1b:14:a4:20:c6:c8:b7:02:25:70:e2:f8:
ad:e4:86:a1:bf:95:0b:16:ec:22:a7:73:21:e8:d6:aa:42:04:
38:94:fe:82:a6:10:ab:72:e1:e7:b7:66:b3:a6:7e:59:f9:20:
d5:42:d6:0b:59:a5:38:49:7e:b3:b3:c8:b6:53:db:0e:f0:c0:
a0:13:05:f9:3b:b8:75:9c:72:51:df:9c:36:68:77:38:22:58:
7f:d5:e4:c5:39:f3:9b:df:c2:12:f8:3f:4e:c3:03:c1:b3:0f:
1b:81:71:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY13fBI+e0B62MIF8gYxBSkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MDQxNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDgxMzE5MGEwYmJkNzk2ZmE2ODE5MTY1Mzk4MTVlMGYyN2YxYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNApOVInaA+0ogfYD2qDW2zbR31a
8dIb45y3XLGsdjv63x94YOz/qHyYfBo67I7NJ/XeI+dBD4etCwkGO1J2VyWzaAuc
asB0nvmDnNh8ilN2kdx5W+/MebccM9I4CH12k2ffro6GxLXxyXy1IPYZGG0ybP59
jUqpM3e4IEGfeWZW2cj60G6DkBIaW2ELroM3adE7IrAXFZPP1evYPWdJHEGALY0K
vGoCdUMgrB3OTOEIcvSD7ne+32O8U8oFYim16PA+AzSK+ibR66UKYAAbifYdMaGi
+0CUMVWlw+f3JyvbxRMye9R+8y09LCZa2ju0F1J+Y2RIISwtcAt8nD2/lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJSBMZCgu9eW+mgZFlOYFeDyfxqZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbElFeGtLQzcxNWI2YUJrV1U1Z1Y0UEpfR3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGesYSDz4hDTPWOx4erB
G4E8zYHPkA+tm7zvOpDXT7AOmineadFFY4XJaW2DSzVFS1Q2qkkdptSYqL8rHCln
tpSLfdGbewtdcMxouFoeUWUqqpGhjN5huaHFad2+jmyyU2vi6eLrbJ2LJddV9Zp4
Om4dwcNwPZQRAmmk6ffMzqrleqTDaJiuDeZKsb1D9BGk6tlP/m4SIBsUpCDGyLcC
JXDi+K3khqG/lQsW7CKncyHo1qpCBDiU/oKmEKty4ee3ZrOmfln5INVC1gtZpThJ
frOzyLZT2w7wwKATBfk7uHWcclHfnDZodzgiWH/V5MU585vfwhL4P07DA8GzDxuB
cVg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:30:14 2025 by rpki-client