Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-wmTJvxp-2AE-xFZVp7r-YwaNCY.roa
File: 1-wmTJvxp-2AE-xFZVp7r-YwaNCY.roa (raw, json)
Hash identifier: CpPp3WdEY3k/IG5fErxz9E8bpDUq03aUAI77MN6/+58=
Subject key identifier: FB:09:93:26:FC:69:FB:60:04:FB:11:59:56:9E:EB:F9:8C:1A:34:26
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC40EDDF36D2BEE398B1480ADE4EF5B25
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-wmTJvxp-2AE-xFZVp7r-YwaNCY.roa
Signing time: Tue 09 Apr 2024 18:11:32 +0000
ROA not before: Tue 09 Apr 2024 18:11:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:0e:dd:f3:6d:2b:ee:39:8b:14:80:ad:e4:ef:5b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 9 18:11:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb099326fc69fb6004fb1159569eebf98c1a3426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:15:e5:c2:17:47:83:9c:e3:12:93:3a:97:48:
a9:de:bc:c7:c9:5b:e7:21:75:bf:bd:1a:04:b2:5f:
3e:e7:ea:6e:d4:c1:6e:99:f6:a2:0a:fc:c5:64:df:
98:0a:cc:56:8b:47:b5:c9:03:be:c7:11:d7:50:9e:
b6:27:be:b8:0a:1b:0b:4d:5f:91:22:08:74:9e:49:
58:cc:f0:5e:64:c2:40:c0:65:c0:c9:42:e3:3a:94:
bb:02:c9:e0:c0:0a:59:6e:bf:b5:b7:ac:e5:4c:b5:
5c:d5:fe:3a:fe:ad:27:72:e7:0a:d5:c1:c3:40:98:
62:8e:7d:63:42:32:d5:29:28:2d:0e:e9:5a:b8:ad:
ad:08:61:d6:f4:b5:90:90:ed:60:52:3d:7a:fa:cc:
6f:70:05:98:64:a1:c7:4b:8a:cc:88:ea:9e:93:f2:
88:c0:99:4d:2f:34:6a:6e:98:8f:e6:62:ce:cf:83:
5b:4e:e9:75:81:b1:8f:a7:06:71:85:67:7b:81:7d:
a4:49:e3:eb:31:ad:7b:74:4f:60:fa:3c:54:e3:26:
ee:9e:6e:b0:d5:22:f4:2a:c0:02:1d:1e:1c:f0:89:
0d:8d:8c:42:f5:6a:00:fb:c8:22:e5:9a:da:5d:7f:
64:cf:2a:41:9f:e7:8f:e9:49:cc:b6:95:0d:8a:ef:
e1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:09:93:26:FC:69:FB:60:04:FB:11:59:56:9E:EB:F9:8C:1A:34:26
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-wmTJvxp-2AE-xFZVp7r-YwaNCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:33:95:09:81:10:d7:3b:1a:f8:2b:99:d1:54:15:61:34:92:
2f:04:13:dc:74:25:ed:d0:7b:72:e0:df:12:3d:0b:79:3d:be:
1f:6c:18:fb:db:23:c7:4a:a6:fd:b4:05:4b:94:b7:e3:33:a1:
24:0f:ba:6a:f7:49:e8:83:49:58:8a:c4:33:2f:83:48:bb:8c:
b1:83:ad:78:77:09:ab:3c:5a:ab:2f:f0:b4:6e:67:e0:38:f0:
33:2b:8f:9f:77:c1:8d:27:be:e9:e4:87:89:bc:b0:34:e9:db:
7f:ee:d0:f5:08:a6:b7:b6:48:e8:ff:bc:e1:61:b6:c6:20:e6:
23:8c:f7:7e:ac:41:22:89:f4:fd:83:02:fc:bb:5e:72:4b:7a:
3b:33:95:d6:f1:f9:b8:d6:c7:90:5e:7b:f2:f5:df:32:1a:e9:
63:e4:31:30:52:88:3a:35:e4:10:2b:b1:a2:cb:4f:d4:c7:1e:
8c:9d:d7:ab:c8:8b:b0:4c:ee:d0:43:84:9e:83:28:70:78:43:
26:82:cf:93:04:c4:af:7e:0f:5e:f5:37:9d:77:9b:39:13:f5:
1b:7c:58:0f:c6:c7:bb:bd:fa:0a:ce:a1:09:4d:02:60:16:6f:
74:69:4d:2e:a8:7c:8c:5c:9d:ef:6a:62:16:5f:cf:ea:83:be:
83:11:84:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7EDt3zbSvuOYsUgK3k71slMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA5MTgxMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA5OTMyNmZjNjlmYjYwMDRmYjExNTk1NjllZWJmOThjMWEzNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRXlwhdHg5zjEpM6l0ip3rzHyVvn
IXW/vRoEsl8+5+pu1MFumfaiCvzFZN+YCsxWi0e1yQO+xxHXUJ62J764ChsLTV+R
Igh0nklYzPBeZMJAwGXAyULjOpS7AsngwApZbr+1t6zlTLVc1f46/q0ncucK1cHD
QJhijn1jQjLVKSgtDulauK2tCGHW9LWQkO1gUj16+sxvcAWYZKHHS4rMiOqek/KI
wJlNLzRqbpiP5mLOz4NbTul1gbGPpwZxhWd7gX2kSePrMa17dE9g+jxU4ybunm6w
1SL0KsACHR4c8IkNjYxC9WoA+8gi5ZraXX9kzypBn+eP6UnMtpUNiu/hlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPsJkyb8aftgBPsRWVae6/mMGjQmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS13bVRKdnhwLTJBRS14RlpWcDdyLVl3YU5DWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQAOM5UJgRDXOxr4K5nR
VBVhNJIvBBPcdCXt0Hty4N8SPQt5Pb4fbBj72yPHSqb9tAVLlLfjM6EkD7pq90no
g0lYisQzL4NIu4yxg614dwmrPFqrL/C0bmfgOPAzK4+fd8GNJ77p5IeJvLA06dt/
7tD1CKa3tkjo/7zhYbbGIOYjjPd+rEEiifT9gwL8u15yS3o7M5XW8fm41seQXnvy
9d8yGulj5DEwUog6NeQQK7Giy0/Uxx6MnderyIuwTO7QQ4SegyhweEMmgs+TBMSv
fg9e9Tedd5s5E/UbfFgPxse7vfoKzqEJTQJgFm90aU0uqHyMXJ3vamIWX8/qg76D
EYTh
-----END CERTIFICATE-----
Generated at Sun Jun 8 22:06:54 2025 by rpki-client