Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/w1zGdTv3lkQE9Yorl5rBuacE-XQ.roa
File: w1zGdTv3lkQE9Yorl5rBuacE-XQ.roa (raw, json)
Hash identifier: cBeCSl/h0ZIPvE2LKeAjm8M2Fk50nyCH6S3FjQhI1k0=
Subject key identifier: C3:5C:C6:75:3B:F7:96:44:04:F5:8A:2B:97:9A:C1:B9:A7:04:F9:74
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCA100B48991C99FCA9B0713021E4552B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/w1zGdTv3lkQE9Yorl5rBuacE-XQ.roa
Signing time: Tue 02 Jan 2024 12:04:58 +0000
ROA not before: Tue 02 Jan 2024 12:04:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:ca0f:7739/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:10:0b:48:99:1c:99:fc:a9:b0:71:30:21:e4:55:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 2 12:04:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c35cc6753bf7964404f58a2b979ac1b9a704f974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c1:de:e7:e9:77:15:94:2c:f0:7e:94:c0:c8:
b7:e7:e7:98:0d:b6:3e:04:b7:41:84:0d:8c:08:4f:
4f:7a:7f:cb:c7:37:c1:41:fc:d0:33:bb:d7:ea:e6:
d3:9d:37:0a:e3:2f:44:0d:e6:c5:09:62:f8:ee:f3:
a5:d6:e5:82:a8:5e:af:98:40:25:22:e4:a7:de:e5:
85:e6:d5:90:07:7a:55:bb:98:3d:11:a9:19:c9:d1:
13:a1:fa:77:5c:80:18:1b:e4:3f:98:be:4c:28:b8:
cb:74:18:6d:91:53:bf:49:c3:43:dd:2d:00:ff:5d:
47:8d:53:a7:84:12:80:29:2a:c1:08:74:55:c6:a3:
b4:52:cd:50:f5:8e:7d:a2:0a:3d:6c:8a:30:0d:50:
eb:ee:12:d2:d2:f6:95:28:05:94:ad:2f:9c:93:9a:
33:c3:4d:82:20:30:a0:d7:8b:3d:21:d6:45:70:68:
ec:ce:2f:d6:2e:f8:36:74:7e:7c:bb:6e:65:d4:aa:
ca:29:eb:80:34:9a:09:21:80:14:9b:1e:32:db:72:
29:2b:41:da:f7:4f:b6:de:60:90:d3:76:39:79:73:
da:31:8f:bd:f3:c1:0f:36:a9:5d:56:26:c9:51:a8:
91:8d:ec:f4:bc:fa:9b:17:ef:c0:6d:c9:85:c0:fb:
ef:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:5C:C6:75:3B:F7:96:44:04:F5:8A:2B:97:9A:C1:B9:A7:04:F9:74
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/w1zGdTv3lkQE9Yorl5rBuacE-XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:11:a4:1f:b2:e9:33:f8:f2:b5:6f:48:77:c9:39:90:cc:32:
53:bc:10:99:4f:43:30:4b:ae:4b:98:a4:a2:1f:13:a7:56:0a:
56:63:dc:51:91:b2:4c:c4:fc:df:fd:c7:15:9b:40:ff:f7:d6:
69:10:2b:24:9f:09:0a:e9:58:8b:34:4a:8d:cc:e4:50:06:97:
f0:ce:56:d8:30:93:70:a3:4a:a7:cf:50:eb:ca:f8:bd:3b:42:
c8:b9:95:f6:a5:14:65:c6:55:e4:47:3b:56:3c:6b:9e:48:c2:
fc:5c:7e:5c:71:c4:75:54:6d:8b:99:9e:6f:40:51:af:e4:41:
d7:b0:d8:12:8c:f8:4f:95:3b:1d:f6:4d:35:37:20:45:05:44:
1e:3f:7a:8f:3b:00:77:9e:8e:7e:45:2e:f1:36:d2:4e:78:42:
4e:eb:15:53:af:f9:d5:f8:88:3c:98:12:b4:b7:da:dd:12:c9:
3a:d6:b5:11:27:fc:bf:ac:3f:37:0d:83:03:8f:c3:ca:08:9e:
b2:00:dc:a5:78:de:31:7f:4f:67:8d:77:94:c9:10:b2:cf:c8:
8a:0b:31:f8:04:9e:98:9f:dd:fe:33:e4:1c:34:b2:de:7d:b0:
0c:6a:10:9b:e9:73:eb:a5:4f:95:96:a0:e6:79:63:81:58:eb:
61:91:61:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKEAtImRyZ/KmwcTAh5FUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAyMTIwNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzVjYzY3NTNiZjc5NjQ0MDRmNThhMmI5NzlhYzFiOWE3MDRmOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsHe5+l3FZQs8H6UwMi35+eYDbY+
BLdBhA2MCE9Pen/LxzfBQfzQM7vX6ubTnTcK4y9EDebFCWL47vOl1uWCqF6vmEAl
IuSn3uWF5tWQB3pVu5g9EakZydETofp3XIAYG+Q/mL5MKLjLdBhtkVO/ScND3S0A
/11HjVOnhBKAKSrBCHRVxqO0Us1Q9Y59ogo9bIowDVDr7hLS0vaVKAWUrS+ck5oz
w02CIDCg14s9IdZFcGjszi/WLvg2dH58u25l1KrKKeuANJoJIYAUmx4y23IpK0Ha
90+23mCQ03Y5eXPaMY+988EPNqldVibJUaiRjez0vPqbF+/AbcmFwPvvnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMNcxnU795ZEBPWKK5eawbmnBPl0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdzF6R2RUdjNsa1FFOVlvcmw1ckJ1YWNFLVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEoRpB+y6TP48rVvSHfJ
OZDMMlO8EJlPQzBLrkuYpKIfE6dWClZj3FGRskzE/N/9xxWbQP/31mkQKySfCQrp
WIs0So3M5FAGl/DOVtgwk3CjSqfPUOvK+L07Qsi5lfalFGXGVeRHO1Y8a55Iwvxc
flxxxHVUbYuZnm9AUa/kQdew2BKM+E+VOx32TTU3IEUFRB4/eo87AHeejn5FLvE2
0k54Qk7rFVOv+dX4iDyYErS32t0SyTrWtREn/L+sPzcNgwOPw8oInrIA3KV43jF/
T2eNd5TJELLPyIoLMfgEnpif3f4z5Bw0st59sAxqEJvpc+ulT5WWoOZ5Y4FY62GR
YUc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:19:22 2025 by rpki-client