Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pTpJEY7Anotl2T8RSOlty33GXvM.roa
File: pTpJEY7Anotl2T8RSOlty33GXvM.roa (raw, json)
Hash identifier: Ho2f+KPIkA/dihtNaqwWY4mHVAddnfdE4+NquQD3Uv4=
Subject key identifier: A5:3A:49:11:8E:C0:9E:8B:65:D9:3F:11:48:E9:6D:CB:7D:C6:5E:F3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E14B9BED2398113F2553B74C950F90457
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pTpJEY7Anotl2T8RSOlty33GXvM.roa
Signing time: Wed 06 Mar 2024 17:05:01 +0000
ROA not before: Wed 06 Mar 2024 17:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:14b9:2067/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:14:b9:be:d2:39:81:13:f2:55:3b:74:c9:50:f9:04:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 6 17:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a53a49118ec09e8b65d93f1148e96dcb7dc65ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:22:44:8a:19:cf:1f:10:49:a1:81:08:f5:37:
03:1b:eb:87:6f:83:4e:7e:62:1a:a6:73:97:42:d4:
ee:a0:15:ae:d8:25:20:4c:95:fb:d9:ea:4c:97:cd:
01:b3:2c:71:97:03:03:c5:5a:5e:49:57:55:d8:0a:
36:59:70:70:13:e7:08:7a:b3:ee:99:55:fe:1e:e9:
54:ca:ba:d7:90:5b:5d:65:74:d5:e3:c8:28:7f:18:
1d:84:ff:e2:ba:b1:7a:5b:6e:a8:27:9c:3b:4f:54:
24:b6:7d:34:51:58:2a:4a:87:b8:80:45:34:10:76:
c3:58:d0:46:88:3d:28:a4:f0:de:55:b9:b7:f3:6f:
89:22:17:34:3e:75:4e:5a:89:f7:34:38:69:ce:58:
0d:5a:9b:25:e7:34:d4:88:17:84:e3:cb:8a:96:da:
43:d0:61:22:97:5b:10:de:5a:15:7e:6c:5f:9f:b0:
9e:0f:d7:91:8c:9a:49:17:c1:3d:c7:b4:02:fb:d5:
2c:75:00:f5:fe:a9:06:0f:61:5c:74:fc:9f:02:e2:
b7:29:97:39:90:9f:85:52:7f:63:c7:9d:11:ed:e7:
e8:a8:d5:ae:87:fa:c9:00:ae:93:07:7c:06:a7:d2:
12:95:2f:d1:b4:b8:a6:23:6a:36:67:a7:53:c0:b2:
c4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3A:49:11:8E:C0:9E:8B:65:D9:3F:11:48:E9:6D:CB:7D:C6:5E:F3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pTpJEY7Anotl2T8RSOlty33GXvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:a4:c9:cf:2c:0f:45:e4:ab:7a:c0:e2:ec:44:f8:2d:4e:12:
59:3c:f3:cc:ee:db:80:3a:81:a4:ff:63:87:99:ee:14:fe:73:
e0:99:fd:0e:96:e2:65:ed:ee:0d:cb:87:d7:f3:90:90:3b:d8:
cd:29:be:24:7f:fe:87:76:47:ca:e9:8e:ff:0c:6d:1c:1a:82:
ff:6f:46:4f:da:b5:51:49:a5:c4:5b:a6:63:d9:dd:a0:bb:94:
9a:ed:12:0e:8b:ee:1b:63:ca:9a:dc:0f:a4:43:61:30:0a:b0:
36:0e:f2:2b:fe:80:5a:51:4b:e5:e5:ff:c1:f7:8b:67:af:fb:
14:2f:93:62:a7:11:cb:df:fb:1d:7a:f8:4e:58:35:71:e7:28:
fb:3d:8f:7e:6c:8b:a8:70:f4:59:77:9b:bb:83:8b:2f:72:e6:
e0:84:6a:8e:fa:f5:6c:07:09:e4:cb:e0:b3:f5:6c:0c:76:63:
a0:20:70:fa:09:0c:ac:ec:4f:a1:21:b8:cf:7b:ea:37:d5:e2:
78:0f:89:96:e9:8b:5c:3b:ac:42:1a:c5:30:f7:c7:00:6a:9e:
f5:af:c6:35:9d:80:59:5f:58:c2:48:89:07:9c:b0:f6:0b:93:
d8:36:c9:55:77:df:3e:4c:a1:46:4d:db:ff:3b:d1:16:87:cb:
8a:d9:b7:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4Uub7SOYET8lU7dMlQ+QRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA2MTcwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTNhNDkxMThlYzA5ZThiNjVkOTNmMTE0OGU5NmRjYjdkYzY1ZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SJEihnPHxBJoYEI9TcDG+uHb4NO
fmIapnOXQtTuoBWu2CUgTJX72epMl80BsyxxlwMDxVpeSVdV2Ao2WXBwE+cIerPu
mVX+HulUyrrXkFtdZXTV48gofxgdhP/iurF6W26oJ5w7T1Qktn00UVgqSoe4gEU0
EHbDWNBGiD0opPDeVbm382+JIhc0PnVOWon3NDhpzlgNWpsl5zTUiBeE48uKltpD
0GEil1sQ3loVfmxfn7CeD9eRjJpJF8E9x7QC+9UsdQD1/qkGD2FcdPyfAuK3KZc5
kJ+FUn9jx50R7efoqNWuh/rJAK6TB3wGp9ISlS/RtLimI2o2Z6dTwLLE5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKU6SRGOwJ6LZdk/EUjpbct9xl7zMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcFRwSkVZN0Fub3RsMlQ4UlNPbHR5MzNHWHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGmkyc8sD0Xkq3rA4uxE
+C1OElk888zu24A6gaT/Y4eZ7hT+c+CZ/Q6W4mXt7g3Lh9fzkJA72M0pviR//od2
R8rpjv8MbRwagv9vRk/atVFJpcRbpmPZ3aC7lJrtEg6L7htjyprcD6RDYTAKsDYO
8iv+gFpRS+Xl/8H3i2ev+xQvk2KnEcvf+x16+E5YNXHnKPs9j35si6hw9Fl3m7uD
iy9y5uCEao769WwHCeTL4LP1bAx2Y6AgcPoJDKzsT6EhuM976jfV4ngPiZbpi1w7
rEIaxTD3xwBqnvWvxjWdgFlfWMJIiQecsPYLk9g2yVV33z5MoUZN2/870RaHy4rZ
txY=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:29:08 2025 by rpki-client