Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lzuGGFmDmqPZXufyM1uv6hj95TI.roa
File: lzuGGFmDmqPZXufyM1uv6hj95TI.roa (raw, json)
Hash identifier: QjX6DS4xI82baEH63OK4fbhzf3wUalVCvcuDXVRn65k=
Subject key identifier: 97:3B:86:18:59:83:9A:A3:D9:5E:E7:F2:33:5B:AF:EA:18:FD:E5:32
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DCA4CB0F4B51E8D85D9E68C2571DB0235
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lzuGGFmDmqPZXufyM1uv6hj95TI.roa
Signing time: Wed 21 Feb 2024 06:14:00 +0000
ROA not before: Wed 21 Feb 2024 06:14:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:4c:b0:f4:b5:1e:8d:85:d9:e6:8c:25:71:db:02:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 06:14:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=973b861859839aa3d95ee7f2335bafea18fde532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a2:b0:32:ed:11:0a:d9:1d:52:e2:7f:a3:b2:
5a:3f:5d:ed:a6:71:4c:ca:f1:c7:8e:36:52:3b:a7:
01:24:03:f1:80:1c:58:6b:5b:80:84:49:ad:eb:ca:
87:3a:66:ea:1f:e8:dd:39:c3:59:dc:6f:6f:3f:ef:
16:7f:15:97:f8:b3:6f:78:13:77:ec:e7:ce:3d:1e:
df:41:51:fa:13:48:25:44:76:a5:80:07:25:7f:50:
7d:5f:cc:ae:1d:0f:c9:23:60:95:36:4a:4f:c8:f2:
09:14:a9:b5:59:fb:0b:43:fd:8a:c4:9c:f6:c8:98:
f9:57:3c:c2:2b:c4:12:f6:ad:d9:03:4a:ca:df:58:
92:a3:79:5a:a9:5f:9c:fc:9e:d2:63:2c:b1:6f:22:
34:e0:2e:77:82:d1:37:06:25:7d:56:c8:25:1a:a5:
75:7a:69:71:b0:cc:25:ec:8c:8d:02:3e:fb:7b:bf:
0e:6d:87:b8:f7:71:5f:2e:32:36:03:46:77:3a:fb:
12:16:8a:7b:c3:4b:1c:d4:9c:b7:da:b9:4d:b8:c5:
24:5a:d2:cc:90:52:87:0c:5f:fa:94:19:6e:dd:20:
9e:40:a8:c7:2e:00:b8:65:7d:6f:05:91:9a:27:03:
71:4c:21:d2:84:36:15:2a:92:77:09:ed:41:a4:68:
2d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3B:86:18:59:83:9A:A3:D9:5E:E7:F2:33:5B:AF:EA:18:FD:E5:32
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lzuGGFmDmqPZXufyM1uv6hj95TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:0c:80:f2:ef:3c:63:3c:1a:5d:2e:f1:35:f0:91:67:25:e9:
a0:46:84:be:07:04:67:76:06:89:a4:a8:c5:22:b6:d3:1b:b8:
dc:50:45:19:fc:8f:14:64:be:02:ae:1e:b1:5c:06:de:50:62:
53:f1:f4:66:fb:49:94:8f:de:38:1d:ba:25:68:63:60:09:03:
38:1e:49:d0:9a:fa:70:ca:c8:b6:9c:62:bb:5e:ff:3d:44:ec:
80:c6:24:ec:c9:8a:51:ee:96:9e:91:95:6b:88:87:f5:e3:c4:
45:92:57:13:6b:17:f2:ec:96:d9:5b:f4:7c:a5:13:ff:16:ea:
a3:85:28:86:e6:46:c8:15:96:2a:57:e8:d6:0f:54:e7:62:93:
8e:b3:be:54:39:c9:70:df:7c:e5:18:52:95:41:74:e3:e6:53:
66:06:ed:f2:c8:fe:50:fd:f7:ed:f7:b1:b2:02:4f:c5:a2:03:
ba:52:d8:1a:70:6e:cd:be:35:9a:4b:15:bc:13:0b:45:aa:03:
a7:08:58:76:d2:d7:db:94:81:c7:2a:08:53:34:c6:b6:b0:12:
59:32:3f:84:49:b1:ce:83:df:89:cb:dd:99:6a:dc:86:c0:a4:
cf:96:7f:33:73:30:96:cb:6a:a7:a7:3a:1a:fd:57:0b:63:2b:
cc:4b:e1:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3KTLD0tR6NhdnmjCVx2wI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMDYxNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNiODYxODU5ODM5YWEzZDk1ZWU3ZjIzMzViYWZlYTE4ZmRlNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaKwMu0RCtkdUuJ/o7JaP13tpnFM
yvHHjjZSO6cBJAPxgBxYa1uAhEmt68qHOmbqH+jdOcNZ3G9vP+8WfxWX+LNveBN3
7OfOPR7fQVH6E0glRHalgAclf1B9X8yuHQ/JI2CVNkpPyPIJFKm1WfsLQ/2KxJz2
yJj5VzzCK8QS9q3ZA0rK31iSo3laqV+c/J7SYyyxbyI04C53gtE3BiV9VsglGqV1
emlxsMwl7IyNAj77e78ObYe493FfLjI2A0Z3OvsSFop7w0sc1Jy32rlNuMUkWtLM
kFKHDF/6lBlu3SCeQKjHLgC4ZX1vBZGaJwNxTCHShDYVKpJ3Ce1BpGgtHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJc7hhhZg5qj2V7n8jNbr+oY/eUyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbHp1R0dGbURtcVBaWHVmeU0xdXY2aGo5NVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB4MgPLvPGM8Gl0u8TXw
kWcl6aBGhL4HBGd2BomkqMUittMbuNxQRRn8jxRkvgKuHrFcBt5QYlPx9Gb7SZSP
3jgduiVoY2AJAzgeSdCa+nDKyLacYrte/z1E7IDGJOzJilHulp6RlWuIh/XjxEWS
VxNrF/Lsltlb9HylE/8W6qOFKIbmRsgVlipX6NYPVOdik46zvlQ5yXDffOUYUpVB
dOPmU2YG7fLI/lD99+33sbICT8WiA7pS2Bpwbs2+NZpLFbwTC0WqA6cIWHbS19uU
gccqCFM0xrawElkyP4RJsc6D34nL3Zlq3IbApM+WfzNzMJbLaqenOhr9VwtjK8xL
4fQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:24:48 2025 by rpki-client