Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wIRieOCu_ys9VK8aZBv0PepHw3A.roa
File: wIRieOCu_ys9VK8aZBv0PepHw3A.roa (raw, json)
Hash identifier: kgN5v7/Xsg7MjmNiFxrN5qrSXppowUG1bWRi0g8whno=
Subject key identifier: C0:84:62:78:E0:AE:FF:2B:3D:54:AF:1A:64:1B:F4:3D:EA:47:C3:70
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D3A19E399E2B502B979D6D90A205DAE7E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wIRieOCu_ys9VK8aZBv0PepHw3A.roa
Signing time: Wed 24 Jan 2024 06:13:11 +0000
ROA not before: Wed 24 Jan 2024 06:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:19:e3:99:e2:b5:02:b9:79:d6:d9:0a:20:5d:ae:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 24 06:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0846278e0aeff2b3d54af1a641bf43dea47c370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:50:37:49:50:c7:9d:b2:70:19:ff:77:b6:c2:
62:8a:97:59:bc:16:aa:d5:8a:8b:a4:74:55:db:0c:
48:ad:bf:11:6d:fa:3d:6a:04:c6:82:29:58:b1:5b:
69:25:a9:c5:7e:6b:6a:43:0d:ae:84:30:b3:5c:c1:
d1:87:a6:65:bb:c8:31:de:11:6a:96:69:8f:f5:db:
08:cc:a3:5b:dd:34:e8:d3:12:90:6b:57:ed:53:c6:
ab:a0:8b:5f:4a:b5:cc:91:17:17:4d:26:79:88:51:
56:e4:96:ef:25:26:c1:16:11:f7:a7:8a:97:1b:61:
56:90:d3:5d:dc:09:23:5b:bb:58:cd:53:df:d4:16:
22:b1:23:d7:84:23:24:2f:7b:dd:a0:b8:5e:ef:b3:
0b:23:23:a0:e4:07:e9:71:8b:ee:74:6d:66:6a:d7:
9f:22:c9:c7:aa:75:ad:0c:5b:8f:d4:45:cd:85:8f:
20:17:29:32:6e:ad:fd:94:83:8d:8a:26:a8:8b:8d:
09:30:36:16:32:a9:f1:7b:b1:b2:fc:76:eb:fd:81:
a4:04:31:8f:57:a2:88:7d:07:01:b9:77:b7:ff:5d:
22:c5:70:f0:d3:f4:7f:24:71:b0:84:27:86:46:e4:
8a:eb:9f:b9:c2:44:53:2d:67:35:16:20:eb:6a:4c:
b9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:84:62:78:E0:AE:FF:2B:3D:54:AF:1A:64:1B:F4:3D:EA:47:C3:70
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wIRieOCu_ys9VK8aZBv0PepHw3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:5d:12:4a:26:21:13:11:b2:df:63:56:8e:f8:49:1a:38:ed:
b2:43:6f:15:24:d4:8c:58:59:2d:6a:67:8e:85:a7:26:b2:59:
48:44:2d:43:19:c2:53:48:6a:85:a6:35:94:19:78:e3:47:8a:
f4:08:d2:4b:c7:29:3f:3f:40:c0:3f:1e:86:f9:a7:fc:8b:ab:
43:d0:73:fb:c7:c7:66:a9:15:95:26:74:97:dc:9e:d8:04:38:
b1:55:14:ad:b4:93:66:bc:7a:3b:f1:70:ea:45:be:a7:0a:f8:
ef:60:79:ea:c7:52:ac:0b:8a:5f:21:f6:bc:61:fc:0d:28:da:
fd:dc:97:1a:2f:c5:4f:df:b3:39:ba:c9:07:61:8d:aa:84:94:
30:eb:71:b5:7d:fa:32:b1:fd:d4:85:4a:ba:66:2d:ee:6c:f8:
3f:8c:b5:9d:f1:30:e6:84:cd:4f:f7:e0:69:b6:8c:c8:14:f0:
b9:c1:68:50:65:9f:04:3d:6a:09:12:ad:f7:d4:07:11:b2:4b:
cd:26:ab:1c:b2:88:63:2a:7a:ce:a7:d7:d6:31:87:b3:3d:9e:
d0:bd:58:0c:ca:2c:85:e0:cf:ba:57:23:f1:76:ef:7d:7d:25:
7c:76:f4:d7:46:a6:f0:c8:c3:e0:23:2a:4f:be:d2:7d:a5:5b:
d3:b9:4f:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY06GeOZ4rUCuXnW2QogXa5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI0MDYxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDg0NjI3OGUwYWVmZjJiM2Q1NGFmMWE2NDFiZjQzZGVhNDdjMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVA3SVDHnbJwGf93tsJiipdZvBaq
1YqLpHRV2wxIrb8Rbfo9agTGgilYsVtpJanFfmtqQw2uhDCzXMHRh6Zlu8gx3hFq
lmmP9dsIzKNb3TTo0xKQa1ftU8aroItfSrXMkRcXTSZ5iFFW5JbvJSbBFhH3p4qX
G2FWkNNd3AkjW7tYzVPf1BYisSPXhCMkL3vdoLhe77MLIyOg5AfpcYvudG1matef
IsnHqnWtDFuP1EXNhY8gFykybq39lIONiiaoi40JMDYWMqnxe7Gy/Hbr/YGkBDGP
V6KIfQcBuXe3/10ixXDw0/R/JHGwhCeGRuSK65+5wkRTLWc1FiDraky5BwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMCEYnjgrv8rPVSvGmQb9D3qR8NwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd0lSaWVPQ3VfeXM5Vks4YVpCdjBQZXBIdzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1dEkomIRMRst9jVo74
SRo47bJDbxUk1IxYWS1qZ46FpyayWUhELUMZwlNIaoWmNZQZeONHivQI0kvHKT8/
QMA/Hob5p/yLq0PQc/vHx2apFZUmdJfcntgEOLFVFK20k2a8ejvxcOpFvqcK+O9g
eerHUqwLil8h9rxh/A0o2v3clxovxU/fszm6yQdhjaqElDDrcbV9+jKx/dSFSrpm
Le5s+D+MtZ3xMOaEzU/34Gm2jMgU8LnBaFBlnwQ9agkSrffUBxGyS80mqxyyiGMq
es6n19Yxh7M9ntC9WAzKLIXgz7pXI/F27319JXx29NdGpvDIw+AjKk++0n2lW9O5
T2g=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:54:48 2025 by rpki-client