Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tnnEeKUure5w5uqZPCKRCV0unXc.roa
File: tnnEeKUure5w5uqZPCKRCV0unXc.roa (raw, json)
Hash identifier: washoaW/4iWY2LsppW6Uu3fF7eQ3v+3aSp/I4YYA29s=
Subject key identifier: B6:79:C4:78:A5:2E:AD:EE:70:E6:EA:99:3C:22:91:09:5D:2E:9D:77
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBF4FF60963B20EC4B4E8C72E06D64432
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tnnEeKUure5w5uqZPCKRCV0unXc.roa
Signing time: Mon 08 Apr 2024 20:04:32 +0000
ROA not before: Mon 08 Apr 2024 20:04:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:bf4f:b4bd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bf:4f:f6:09:63:b2:0e:c4:b4:e8:c7:2e:06:d6:44:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 8 20:04:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b679c478a52eadee70e6ea993c2291095d2e9d77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:28:2a:38:a8:e8:f7:4f:1c:cd:cb:11:05:ae:
33:26:6b:2c:28:9d:76:79:e0:dd:e0:62:9f:1d:17:
f6:70:52:d5:34:95:ec:9c:3e:9d:4d:57:37:32:9a:
ce:71:3e:35:ff:9e:14:c1:ff:dc:dc:9c:73:3f:a4:
cf:c5:26:28:d0:e9:3f:40:53:7f:34:e1:fa:a4:ac:
11:72:10:2b:20:9c:2c:81:97:24:5a:b8:5b:00:fe:
39:dc:7a:4c:88:6d:55:c1:a8:76:60:f0:5e:dd:f1:
90:26:33:af:b6:d8:fe:c7:02:3e:ea:b9:3f:92:a9:
12:3d:6c:dc:10:d5:88:a9:9c:fa:83:54:d8:89:d7:
b0:ec:d3:b9:86:db:6b:2f:d5:c0:92:7e:e4:a8:b3:
6c:08:ce:96:de:e6:6a:29:34:64:b4:97:a7:f7:f5:
ff:24:5d:df:d0:67:15:fa:70:a3:5f:9f:3d:e2:fc:
46:10:5a:2b:11:d9:5a:34:40:e7:2d:99:f0:17:55:
63:93:83:91:65:d2:2d:e8:fe:30:3b:1b:2e:a9:bf:
1d:3c:6d:58:9b:18:8c:07:47:46:d1:34:0a:a3:25:
97:87:f9:d5:0c:aa:6c:a2:19:09:7d:41:2b:25:71:
d3:4f:66:cc:72:04:26:58:21:d8:44:cf:55:45:f5:
58:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:79:C4:78:A5:2E:AD:EE:70:E6:EA:99:3C:22:91:09:5D:2E:9D:77
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tnnEeKUure5w5uqZPCKRCV0unXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:d7:ea:82:e2:f1:b5:4e:81:a0:65:1b:ba:c6:1c:5c:56:30:
8f:69:f3:4f:d8:c2:22:3c:3f:a5:98:af:57:f9:9c:c2:ee:f7:
7d:45:13:7c:8d:f9:d3:5e:6b:1d:76:0b:69:0d:24:a6:07:a0:
94:4b:bc:a8:be:f0:03:46:81:5e:88:15:d6:71:4c:e2:0d:e8:
dd:43:d9:9e:dc:1f:e0:f0:10:3d:2c:45:76:6f:6a:19:df:8a:
3f:45:44:30:c4:ec:78:5d:ac:c2:fa:b4:c0:14:88:7e:ba:25:
08:30:03:e0:18:16:5b:be:71:27:dc:6a:dd:87:b2:e6:42:17:
46:c0:f3:83:df:ae:2b:c8:35:6d:7e:7c:b7:52:13:7f:3f:b0:
7a:bb:66:b6:17:6c:da:48:e4:38:27:65:d2:3f:4b:58:1a:6f:
f5:ad:19:e0:cd:f0:78:42:35:77:91:8b:50:ec:6a:ce:7c:f6:
68:76:07:ef:ca:fb:9c:e7:09:9c:b7:0e:5f:f2:17:6c:d3:d1:
ab:08:bc:61:ee:02:8d:66:c3:1b:d6:35:91:2c:9c:93:ba:39:
98:30:cd:59:19:ca:fc:fe:0c:dd:29:f5:14:8b:50:12:aa:d9:
6d:89:ec:ac:39:ed:66:89:2f:76:7d:eb:fa:83:2e:8b:bb:49:
bf:2b:a3:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6/T/YJY7IOxLToxy4G1kQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA4MjAwNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc5YzQ3OGE1MmVhZGVlNzBlNmVhOTkzYzIyOTEwOTVkMmU5ZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxygqOKjo908czcsRBa4zJmssKJ12
eeDd4GKfHRf2cFLVNJXsnD6dTVc3MprOcT41/54Uwf/c3JxzP6TPxSYo0Ok/QFN/
NOH6pKwRchArIJwsgZckWrhbAP453HpMiG1Vwah2YPBe3fGQJjOvttj+xwI+6rk/
kqkSPWzcENWIqZz6g1TYidew7NO5httrL9XAkn7kqLNsCM6W3uZqKTRktJen9/X/
JF3f0GcV+nCjX5894vxGEForEdlaNEDnLZnwF1Vjk4ORZdIt6P4wOxsuqb8dPG1Y
mxiMB0dG0TQKoyWXh/nVDKpsohkJfUErJXHTT2bMcgQmWCHYRM9VRfVYywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLZ5xHilLq3ucObqmTwikQldLp13MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdG5uRWVLVXVyZTV3NXVxWlBDS1JDVjB1blhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH7X6oLi8bVOgaBlG7rG
HFxWMI9p80/YwiI8P6WYr1f5nMLu931FE3yN+dNeax12C2kNJKYHoJRLvKi+8ANG
gV6IFdZxTOIN6N1D2Z7cH+DwED0sRXZvahnfij9FRDDE7HhdrML6tMAUiH66JQgw
A+AYFlu+cSfcat2HsuZCF0bA84PfrivINW1+fLdSE38/sHq7ZrYXbNpI5DgnZdI/
S1gab/WtGeDN8HhCNXeRi1Dsas589mh2B+/K+5znCZy3Dl/yF2zT0asIvGHuAo1m
wxvWNZEsnJO6OZgwzVkZyvz+DN0p9RSLUBKq2W2J7Kw57WaJL3Z96/qDLou7Sb8r
o+c=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:04:26 2025 by rpki-client