Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-33i7CpF-LarkF4bEr8Vzx_39Y.roa
File: 4-33i7CpF-LarkF4bEr8Vzx_39Y.roa (raw, json)
Hash identifier: +/DOdJlXy0J/jfBoLPKN/aE7JyrsUN79cUG4jL4UTCI=
Subject key identifier: E3:ED:F7:8B:B0:A9:17:E2:DA:AE:41:78:6C:4A:FC:57:3C:7F:DF:D6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9EEEC8C1745743EEF33A9D7BDC6BD984
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-33i7CpF-LarkF4bEr8Vzx_39Y.roa
Signing time: Mon 25 Dec 2023 03:04:58 +0000
ROA not before: Mon 25 Dec 2023 03:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9eee:3f53/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9e:ee:c8:c1:74:57:43:ee:f3:3a:9d:7b:dc:6b:d9:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 03:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3edf78bb0a917e2daae41786c4afc573c7fdfd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2b:0c:da:fb:33:b4:e9:ae:f0:72:6f:87:2d:
33:69:bb:22:ee:cc:8b:46:7f:28:f8:0b:30:e7:e3:
db:b5:05:5a:e0:af:ad:f5:81:c2:ef:56:07:19:0a:
1a:9d:3b:af:ce:ad:40:47:cd:27:4d:39:69:f6:87:
40:c1:a7:8e:a8:c9:ea:0b:19:6d:aa:e3:63:6c:a0:
fb:97:c8:a5:11:96:e0:bf:77:ee:af:ad:0b:2b:e0:
e6:63:59:62:6e:5e:90:3a:aa:b0:cf:de:03:80:a9:
c0:18:8d:17:fb:06:94:d5:44:31:21:da:d2:70:88:
0e:0a:d6:6e:5e:e3:ef:0d:e1:c5:3f:d5:cd:28:78:
62:0c:d1:a7:50:da:a7:c5:55:e5:92:e5:36:e8:50:
8e:8d:2d:1a:c3:30:4e:d6:2b:e9:8e:2d:7e:a8:83:
3d:45:14:c3:48:d3:40:8f:ac:f9:30:e5:7e:6e:80:
01:7c:e4:6b:14:32:5f:79:22:20:82:ce:f0:d5:42:
93:0f:b4:c2:04:a0:08:1b:1f:f7:fb:15:16:4a:e8:
38:7a:ba:a3:8e:a5:ec:3c:f2:58:75:25:b2:00:d8:
9f:06:c0:c2:e5:c6:cd:a0:78:80:61:5e:5e:ab:1e:
4c:c8:0d:ae:51:34:f5:72:bb:29:6e:85:05:4f:13:
73:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:ED:F7:8B:B0:A9:17:E2:DA:AE:41:78:6C:4A:FC:57:3C:7F:DF:D6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-33i7CpF-LarkF4bEr8Vzx_39Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:a9:e8:13:5d:f0:f4:41:ac:e7:c2:80:b4:c8:9c:83:db:e8:
da:c0:43:74:2c:d3:be:da:2e:63:b1:ad:49:e0:e4:42:41:4f:
02:91:92:f6:d8:6d:84:c8:fa:87:3f:99:f6:24:99:4c:bb:7d:
44:3a:d7:d0:08:57:3c:3a:d0:8c:ed:f1:6f:64:05:1b:15:59:
d9:78:58:a4:e5:c4:95:c6:a5:b5:a0:7c:65:b7:a4:4d:e7:5b:
08:d2:ce:57:c5:66:f1:b7:e7:46:a9:89:9a:96:76:21:5c:00:
0d:c0:bb:5d:26:fd:58:03:45:67:c0:6d:bf:08:b2:ec:9b:45:
80:e5:fb:80:02:9c:8f:7e:3f:de:1c:0f:2f:c0:69:26:c9:95:
45:a9:5c:66:d4:9b:1e:4d:fb:44:14:46:84:a9:3d:a7:e2:5d:
8b:87:4f:0b:00:34:5c:2f:e7:75:52:88:68:5e:fe:45:b3:54:
b5:51:f4:28:ee:3a:22:35:02:8a:0b:74:db:34:70:e8:71:50:
02:ff:9f:e3:93:4a:14:34:e5:a9:9a:a0:84:ac:cf:22:e3:fa:
f5:cc:58:09:69:7a:12:8c:e0:94:d9:fe:56:ff:5c:9c:3b:89:
eb:ff:45:d7:41:96:9c:31:0f:d2:99:cf:e7:4e:c0:cf:74:58:
2b:35:a2:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYye7sjBdFdD7vM6nXvca9mEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2VkZjc4YmIwYTkxN2UyZGFhZTQxNzg2YzRhZmM1NzNjN2ZkZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjysM2vsztOmu8HJvhy0zabsi7syL
Rn8o+Asw5+PbtQVa4K+t9YHC71YHGQoanTuvzq1AR80nTTlp9odAwaeOqMnqCxlt
quNjbKD7l8ilEZbgv3fur60LK+DmY1libl6QOqqwz94DgKnAGI0X+waU1UQxIdrS
cIgOCtZuXuPvDeHFP9XNKHhiDNGnUNqnxVXlkuU26FCOjS0awzBO1ivpji1+qIM9
RRTDSNNAj6z5MOV+boABfORrFDJfeSIggs7w1UKTD7TCBKAIGx/3+xUWSug4erqj
jqXsPPJYdSWyANifBsDC5cbNoHiAYV5eqx5MyA2uUTT1crspboUFTxNzGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOPt94uwqRfi2q5BeGxK/Fc8f9/WMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNC0zM2k3Q3BGLUxhcmtGNGJFcjhWenhfMzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAqp6BNd8PRBrOfCgLTI
nIPb6NrAQ3Qs077aLmOxrUng5EJBTwKRkvbYbYTI+oc/mfYkmUy7fUQ619AIVzw6
0Izt8W9kBRsVWdl4WKTlxJXGpbWgfGW3pE3nWwjSzlfFZvG350apiZqWdiFcAA3A
u10m/VgDRWfAbb8IsuybRYDl+4ACnI9+P94cDy/AaSbJlUWpXGbUmx5N+0QURoSp
PafiXYuHTwsANFwv53VSiGhe/kWzVLVR9CjuOiI1AooLdNs0cOhxUAL/n+OTShQ0
5amaoISszyLj+vXMWAlpehKM4JTZ/lb/XJw7iev/RddBlpwxD9KZz+dOwM90WCs1
orI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:04 2025 by rpki-client