Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/taPeiwebLLIUumviFOak5YkSVGk.roa
File: taPeiwebLLIUumviFOak5YkSVGk.roa (raw, json)
Hash identifier: qm7nMJfvIsEWVGdTavUS9/dg1frP1F95clBThLHFDdM=
Subject key identifier: B5:A3:DE:8B:07:9B:2C:B2:14:BA:6B:E2:14:E6:A4:E5:89:12:54:69
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBB7385EB9885C0AE018FF94165935293
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/taPeiwebLLIUumviFOak5YkSVGk.roa
Signing time: Mon 08 Apr 2024 02:04:54 +0000
ROA not before: Mon 08 Apr 2024 02:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:bb72:f4ad/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bb:73:85:eb:98:85:c0:ae:01:8f:f9:41:65:93:52:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 8 02:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5a3de8b079b2cb214ba6be214e6a4e589125469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4e:32:04:66:f1:e5:bf:f4:f4:6a:b5:41:14:
eb:28:5b:23:9e:ea:79:cc:56:2e:60:06:d3:43:97:
ac:b5:8f:a6:10:5b:c1:54:3f:5a:83:01:a1:30:4c:
ba:8a:88:9a:13:13:68:fd:88:52:28:60:94:f4:96:
5e:d3:f4:0d:41:15:6b:4e:26:88:9d:76:64:32:2d:
ef:1d:27:25:f3:39:37:57:09:0a:68:00:13:ec:f1:
c0:51:c5:7e:2b:0f:5d:bb:05:88:bc:bf:f7:c3:0e:
d4:26:f7:11:26:97:d4:eb:bc:97:4f:10:a1:b7:65:
f4:0f:5e:56:41:66:b9:77:9a:35:07:18:47:ce:5a:
af:93:56:d7:d0:fd:89:ce:3d:9f:8a:24:2d:58:e5:
be:42:0d:f1:ab:18:71:fa:e5:3b:a2:3c:67:5d:03:
0b:a2:88:e8:75:64:45:66:f0:cb:86:ae:90:8f:0b:
98:f4:2f:55:e1:47:27:74:55:6d:25:d7:4b:fd:24:
0b:da:7d:f9:40:97:a4:dd:c1:fd:42:f1:be:6e:a1:
20:97:ba:e4:c4:cf:89:ab:78:b3:d3:50:82:4d:e8:
11:ed:65:8a:12:2b:28:17:1d:1e:9b:42:7b:49:0e:
14:be:a2:8e:3d:db:6c:d2:5c:91:f6:8e:0d:50:d1:
5b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A3:DE:8B:07:9B:2C:B2:14:BA:6B:E2:14:E6:A4:E5:89:12:54:69
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/taPeiwebLLIUumviFOak5YkSVGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:1a:74:f8:0c:5f:34:0e:9c:c2:f9:a6:80:1f:93:79:98:f7:
33:65:73:e3:31:23:4a:f1:16:51:c7:59:0e:2a:4e:84:88:35:
4e:e2:df:d2:87:67:b7:7b:3e:f8:3b:d0:70:ce:cc:b4:27:93:
47:ee:35:1b:24:37:a2:ec:3d:03:a9:24:4d:f4:65:bb:8c:b7:
40:d9:86:c6:02:8c:8d:4c:eb:d8:8d:53:b6:32:94:d4:a5:0c:
7c:9f:bc:89:ea:2c:bc:12:28:23:4f:95:9b:52:25:74:fe:b9:
83:87:0c:e7:33:9d:50:4f:72:3c:2d:fb:db:71:f3:4e:7b:f1:
20:42:31:26:58:d6:0b:7a:7c:31:fc:f9:e5:20:40:91:70:92:
8e:8b:65:08:16:5f:e8:53:9b:00:67:92:77:08:c1:83:ca:4f:
df:12:e7:53:91:4d:5c:a8:5a:20:41:51:de:7b:95:11:70:06:
2f:e9:8b:08:85:1d:e3:ca:03:ed:9a:b7:73:d9:2e:2e:33:15:
4c:59:d7:dd:bd:45:ef:f0:d3:06:9c:49:05:de:c9:84:00:c4:
22:01:c3:79:52:fa:dd:b0:86:3b:16:d1:39:77:7c:a5:d5:cc:
dd:37:f1:40:8a:34:c5:94:ae:bf:2e:5a:3e:15:8e:f0:75:fe:
7b:39:b8:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY67c4XrmIXArgGP+UFlk1KTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA4MDIwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWEzZGU4YjA3OWIyY2IyMTRiYTZiZTIxNGU2YTRlNTg5MTI1NDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU4yBGbx5b/09Gq1QRTrKFsjnup5
zFYuYAbTQ5estY+mEFvBVD9agwGhMEy6ioiaExNo/YhSKGCU9JZe0/QNQRVrTiaI
nXZkMi3vHScl8zk3VwkKaAAT7PHAUcV+Kw9duwWIvL/3ww7UJvcRJpfU67yXTxCh
t2X0D15WQWa5d5o1BxhHzlqvk1bX0P2Jzj2fiiQtWOW+Qg3xqxhx+uU7ojxnXQML
oojodWRFZvDLhq6QjwuY9C9V4UcndFVtJddL/SQL2n35QJek3cH9QvG+bqEgl7rk
xM+Jq3iz01CCTegR7WWKEisoFx0em0J7SQ4UvqKOPdts0lyR9o4NUNFbYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLWj3osHmyyyFLpr4hTmpOWJElRpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdGFQZWl3ZWJMTElVdW12aUZPYWs1WWtTVkdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFoadPgMXzQOnML5poAf
k3mY9zNlc+MxI0rxFlHHWQ4qToSINU7i39KHZ7d7Pvg70HDOzLQnk0fuNRskN6Ls
PQOpJE30ZbuMt0DZhsYCjI1M69iNU7YylNSlDHyfvInqLLwSKCNPlZtSJXT+uYOH
DOcznVBPcjwt+9tx80578SBCMSZY1gt6fDH8+eUgQJFwko6LZQgWX+hTmwBnkncI
wYPKT98S51ORTVyoWiBBUd57lRFwBi/piwiFHePKA+2at3PZLi4zFUxZ1929Re/w
0wacSQXeyYQAxCIBw3lS+t2whjsW0Tl3fKXVzN038UCKNMWUrr8uWj4VjvB1/ns5
uMQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:45 2025 by rpki-client