Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pN3_gqrRweySfpVinmH2RoFzcFs.roa
File: pN3_gqrRweySfpVinmH2RoFzcFs.roa (raw, json)
Hash identifier: tmkb1cDArWSzGDtCTwpbJ9fhcg/hQtI0913kjaVPGQw=
Subject key identifier: A4:DD:FF:82:AA:D1:C1:EC:92:7E:95:62:9E:61:F6:46:81:73:70:5B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E62A32DF6A330B1B32DA4B1FD414CEB46
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pN3_gqrRweySfpVinmH2RoFzcFs.roa
Signing time: Thu 21 Mar 2024 20:10:45 +0000
ROA not before: Thu 21 Mar 2024 20:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:62:a3:2d:f6:a3:30:b1:b3:2d:a4:b1:fd:41:4c:eb:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 20:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4ddff82aad1c1ec927e95629e61f6468173705b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:37:9f:e4:74:d4:2c:e2:bf:78:1f:6c:c8:85:
e5:a2:85:f0:bd:b7:c6:70:6a:41:95:31:b8:e6:36:
30:42:36:c5:61:50:b5:cf:65:dd:0e:98:d5:bb:69:
98:dd:e8:54:2e:58:22:ba:6e:54:b0:cb:f8:e1:1e:
ad:cb:c6:78:31:a4:75:fc:37:29:21:d7:2b:23:ee:
b2:35:65:f7:8c:4b:80:9d:60:fa:62:d6:97:46:8b:
d3:74:b8:cb:2e:35:34:ab:66:97:36:47:f4:0d:c5:
37:da:6d:2d:e7:e2:38:91:ea:02:08:b4:8b:39:ba:
79:27:23:ba:b4:b2:06:6b:53:3a:f7:11:a7:8b:34:
85:26:73:75:e6:17:7e:a8:80:89:0e:ca:d1:5d:9d:
22:71:3f:97:18:c7:1d:93:e0:c7:01:12:4b:71:3d:
56:69:0b:bf:3f:0e:9a:89:3d:d2:cb:a0:54:c8:b0:
72:30:64:60:f6:1c:4b:45:34:19:9a:48:96:47:b7:
9e:eb:45:e1:fb:8e:fb:f7:a2:04:cf:fe:07:56:7a:
b1:e2:c7:86:79:06:7f:4a:bb:71:85:aa:a3:09:f7:
20:7e:2e:c1:8f:a9:ae:0f:92:5d:07:45:bc:4b:4a:
cb:d9:2f:3c:8f:6d:fb:fe:30:65:d1:39:77:94:a7:
a9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DD:FF:82:AA:D1:C1:EC:92:7E:95:62:9E:61:F6:46:81:73:70:5B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pN3_gqrRweySfpVinmH2RoFzcFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:cb:73:94:d3:34:4e:2e:46:4c:10:8f:96:6a:ca:57:db:7b:
dc:3b:28:be:d5:9f:b1:86:b8:d6:1c:96:ef:21:e1:fc:f6:67:
ac:f3:26:b1:be:59:3e:dd:fc:aa:94:a6:08:2c:e9:fd:50:fe:
5b:b6:4b:6f:4a:1a:d9:20:9e:51:76:51:40:05:04:9d:16:6e:
78:6f:c3:58:ad:fe:19:fd:46:9a:4e:aa:f6:bd:7f:0d:26:7d:
5e:62:f1:e1:fd:0e:ff:3e:9e:4b:37:22:14:26:05:e9:14:2c:
b5:8c:0a:e6:03:25:a7:83:79:e7:59:bd:78:5d:21:59:36:2c:
95:53:9e:b4:83:31:e4:46:0f:22:a9:75:e8:1d:a5:29:f0:4b:
cf:1e:1c:e9:bf:b1:38:f6:84:12:82:b3:62:9c:0c:ab:8a:39:
e7:9b:9e:01:d7:af:81:74:36:36:e3:a0:eb:b9:a2:26:5d:9d:
42:12:9f:f5:2b:30:09:68:5b:2d:ca:ef:f9:da:64:7b:2b:63:
65:95:29:e6:71:e1:04:72:d1:a7:83:54:b8:83:f2:f8:21:dc:
c4:72:8e:06:38:6d:61:73:78:dc:51:ce:d7:2a:ae:2f:45:c6:
fe:60:cb:8c:18:7d:10:a7:0b:b5:bb:79:b9:22:8f:bd:ef:eb:
6c:7b:b2:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5ioy32ozCxsy2ksf1BTOtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMjAxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRkZmY4MmFhZDFjMWVjOTI3ZTk1NjI5ZTYxZjY0NjgxNzM3MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzef5HTULOK/eB9syIXlooXwvbfG
cGpBlTG45jYwQjbFYVC1z2XdDpjVu2mY3ehULlgium5UsMv44R6ty8Z4MaR1/Dcp
IdcrI+6yNWX3jEuAnWD6YtaXRovTdLjLLjU0q2aXNkf0DcU32m0t5+I4keoCCLSL
Obp5JyO6tLIGa1M69xGnizSFJnN15hd+qICJDsrRXZ0icT+XGMcdk+DHARJLcT1W
aQu/Pw6aiT3Sy6BUyLByMGRg9hxLRTQZmkiWR7ee60Xh+47796IEz/4HVnqx4seG
eQZ/SrtxhaqjCfcgfi7Bj6muD5JdB0W8S0rL2S88j237/jBl0Tl3lKepNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKTd/4Kq0cHskn6VYp5h9kaBc3BbMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcE4zX2dxclJ3ZXlTZnBWaW5tSDJSb0Z6Y0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEXLc5TTNE4uRkwQj5Zq
ylfbe9w7KL7Vn7GGuNYclu8h4fz2Z6zzJrG+WT7d/KqUpggs6f1Q/lu2S29KGtkg
nlF2UUAFBJ0Wbnhvw1it/hn9RppOqva9fw0mfV5i8eH9Dv8+nks3IhQmBekULLWM
CuYDJaeDeedZvXhdIVk2LJVTnrSDMeRGDyKpdegdpSnwS88eHOm/sTj2hBKCs2Kc
DKuKOeebngHXr4F0NjbjoOu5oiZdnUISn/UrMAloWy3K7/naZHsrY2WVKeZx4QRy
0aeDVLiD8vgh3MRyjgY4bWFzeNxRztcqri9Fxv5gy4wYfRCnC7W7ebkij73v62x7
so8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:39:08 2025 by rpki-client