Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vcnCKHZ3qgPss72fMos_BVn4P80.roa
File: vcnCKHZ3qgPss72fMos_BVn4P80.roa (raw, json)
Hash identifier: 6k1I73bc6JzEV+/IjuWJlwvgBrhB8F3qDCzWzzCYm6c=
Subject key identifier: BD:C9:C2:28:76:77:AA:03:EC:B3:BD:9F:32:8B:3F:05:59:F8:3F:CD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E82348A5FF8EFDD64E253ADE87B70A45E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vcnCKHZ3qgPss72fMos_BVn4P80.roa
Signing time: Wed 27 Mar 2024 23:17:45 +0000
ROA not before: Wed 27 Mar 2024 23:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:82:34:8a:5f:f8:ef:dd:64:e2:53:ad:e8:7b:70:a4:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 27 23:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdc9c2287677aa03ecb3bd9f328b3f0559f83fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:c9:96:d8:25:ae:8b:24:10:cc:63:99:60:
a8:a1:44:79:13:c9:38:76:1c:a9:69:e1:02:20:9c:
96:4f:c7:86:7d:6c:cc:40:12:d8:bb:c5:b3:e2:7b:
30:dc:6d:20:42:3c:aa:a3:be:1b:40:06:47:a1:39:
b2:a2:ab:8f:fa:f1:a7:c0:e0:eb:31:9d:49:f8:b4:
38:f5:f0:52:7d:25:19:0e:56:39:87:68:ec:4b:de:
28:fa:ab:a2:1d:c8:93:eb:7c:64:f4:d8:57:ff:55:
da:4f:05:f1:85:56:8f:5d:bc:f8:bf:78:a4:db:c6:
c2:dd:13:e0:af:b9:ea:5a:63:8e:ab:e4:d2:22:d3:
a7:91:4f:69:fb:81:48:33:0b:12:48:cf:06:a0:ca:
92:3c:e3:d9:c2:fb:51:2f:dd:c7:16:7c:53:c4:71:
18:64:6f:40:67:35:59:74:ca:65:6b:bb:a4:ac:62:
53:2d:33:e5:4d:45:93:09:9b:6a:dc:ce:0c:dd:76:
a2:fa:5a:c5:af:58:0b:cb:c6:4b:05:5a:a0:c7:f1:
ae:87:97:79:0b:60:d2:04:76:28:3e:71:25:d4:c9:
4f:13:70:73:44:70:25:c4:bb:84:d7:1a:50:38:b9:
33:c4:00:e2:03:d4:52:f4:71:e8:23:91:e5:3b:00:
bb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C9:C2:28:76:77:AA:03:EC:B3:BD:9F:32:8B:3F:05:59:F8:3F:CD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vcnCKHZ3qgPss72fMos_BVn4P80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:cc:f8:24:6e:0a:4f:65:c3:a2:c5:64:9a:e0:66:1b:59:58:
9f:47:31:66:7b:01:45:87:08:0c:2a:23:16:2e:7f:ca:24:9c:
10:79:a5:a5:4e:9b:45:28:79:d2:73:bd:0f:1e:15:88:2e:79:
64:ba:34:fb:a8:fa:46:1e:74:98:6d:8b:70:a3:94:57:19:dd:
dd:4a:ae:37:8e:e8:fa:9b:35:a4:95:84:4b:55:e2:e3:a9:67:
cd:4d:eb:b6:69:f7:4a:11:bd:de:86:74:4a:4c:47:13:94:40:
dd:a2:5e:51:c5:8c:f4:c1:2a:b6:e9:9b:64:07:ac:f2:ba:3a:
b9:33:63:48:d5:04:f8:60:e7:46:21:c9:7a:02:52:25:76:6b:
c8:9b:1f:be:68:86:d3:cf:db:99:46:05:72:3f:d7:e7:e9:cf:
55:18:e4:1c:de:66:02:fc:35:89:06:9c:f6:06:40:7b:b2:37:
99:7d:22:b5:cd:40:78:de:82:f5:df:dd:e7:3f:b2:da:db:ad:
cb:3b:6e:c6:06:bb:14:ec:de:3b:27:ff:d5:14:f2:f1:b1:6e:
c5:de:99:9e:d2:a8:2b:e1:2a:ce:bc:ec:4b:fe:07:2e:b0:dc:
c3:82:37:b1:47:73:5f:0c:4f:fc:6a:09:e1:fa:14:76:47:0f:
c8:ad:95:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6CNIpf+O/dZOJTreh7cKReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI3MjMxNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGM5YzIyODc2NzdhYTAzZWNiM2JkOWYzMjhiM2YwNTU5ZjgzZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstfJltglroskEMxjmWCooUR5E8k4
dhypaeECIJyWT8eGfWzMQBLYu8Wz4nsw3G0gQjyqo74bQAZHoTmyoquP+vGnwODr
MZ1J+LQ49fBSfSUZDlY5h2jsS94o+quiHciT63xk9NhX/1XaTwXxhVaPXbz4v3ik
28bC3RPgr7nqWmOOq+TSItOnkU9p+4FIMwsSSM8GoMqSPOPZwvtRL93HFnxTxHEY
ZG9AZzVZdMpla7ukrGJTLTPlTUWTCZtq3M4M3Xai+lrFr1gLy8ZLBVqgx/Guh5d5
C2DSBHYoPnEl1MlPE3BzRHAlxLuE1xpQOLkzxADiA9RS9HHoI5HlOwC7+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL3Jwih2d6oD7LO9nzKLPwVZ+D/NMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdmNuQ0tIWjNxZ1BzczcyZk1vc19CVm40UDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACjM+CRuCk9lw6LFZJrg
ZhtZWJ9HMWZ7AUWHCAwqIxYuf8oknBB5paVOm0UoedJzvQ8eFYgueWS6NPuo+kYe
dJhti3CjlFcZ3d1KrjeO6PqbNaSVhEtV4uOpZ81N67Zp90oRvd6GdEpMRxOUQN2i
XlHFjPTBKrbpm2QHrPK6OrkzY0jVBPhg50YhyXoCUiV2a8ibH75ohtPP25lGBXI/
1+fpz1UY5BzeZgL8NYkGnPYGQHuyN5l9IrXNQHjegvXf3ec/strbrcs7bsYGuxTs
3jsn/9UU8vGxbsXemZ7SqCvhKs687Ev+By6w3MOCN7FHc18MT/xqCeH6FHZHD8it
les=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:08:57 2025 by rpki-client