Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4X5SnxrbeRuuu992bMSkMzctHJY.roa
File: 4X5SnxrbeRuuu992bMSkMzctHJY.roa (raw, json)
Hash identifier: IS8pfA9woRFEWdudyH0tv/bx7OysiYH2Z5fDQl+q4zU=
Subject key identifier: E1:7E:52:9F:1A:DB:79:1B:AE:BB:DF:76:6C:C4:A4:33:37:2D:1C:96
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CAAC359124E8DE3994CC5A8502C3CCE4B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4X5SnxrbeRuuu992bMSkMzctHJY.roa
Signing time: Wed 27 Dec 2023 10:12:58 +0000
ROA not before: Wed 27 Dec 2023 10:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:c3:59:12:4e:8d:e3:99:4c:c5:a8:50:2c:3c:ce:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 27 10:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e17e529f1adb791baebbdf766cc4a433372d1c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:16:aa:6f:6c:38:87:75:39:3f:f0:2e:4f:3f:
07:64:46:c8:ec:e1:a3:c4:df:2a:a4:3c:b8:34:90:
17:1b:80:93:2a:6f:86:4a:b3:ca:3e:d1:fb:95:94:
b5:7f:43:fb:d0:66:7c:60:1a:dd:26:2c:18:db:9d:
19:65:db:19:d8:af:cf:aa:43:ce:d2:33:05:b7:33:
d1:53:90:49:d7:b9:13:d4:f6:fa:0f:0c:f6:35:03:
28:fa:ae:63:e9:33:1c:eb:51:39:73:a9:51:f8:c3:
df:e5:05:4c:58:b2:62:bb:54:a5:d1:0b:e3:97:ad:
36:54:06:05:24:91:7e:0d:ba:43:22:dc:0a:57:d2:
ba:e0:32:c5:43:14:16:9d:e9:be:cf:fd:e9:88:89:
88:c9:98:43:53:74:26:a4:1a:bf:e5:7e:81:05:f1:
65:14:9b:a3:c9:fd:ac:be:53:de:1a:df:9e:62:b6:
e6:1d:23:b8:c5:f3:b9:7d:26:6a:d4:ec:f9:89:94:
51:72:b0:0f:ab:63:d5:0e:d5:39:65:9e:9c:45:61:
bc:83:e3:2f:fc:51:12:75:46:8a:61:0d:72:26:e5:
25:f4:b1:ba:e5:be:c5:2a:10:0f:9c:6c:06:84:a1:
62:30:e0:f7:56:4e:63:ba:b8:69:55:11:df:bc:ab:
f3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7E:52:9F:1A:DB:79:1B:AE:BB:DF:76:6C:C4:A4:33:37:2D:1C:96
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4X5SnxrbeRuuu992bMSkMzctHJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:3f:77:f0:f6:88:79:c9:1e:04:8e:b7:71:c1:88:cd:b5:a0:
8f:7f:06:be:c9:81:4b:68:0b:bd:9d:88:d5:7d:b6:d4:9d:3d:
7c:33:0a:fa:76:e4:7b:e4:33:6f:24:aa:4f:00:f4:55:8c:f9:
af:a9:67:92:c8:81:bb:dc:c6:4e:c0:e4:23:ba:ab:30:7e:0f:
a4:06:c9:60:93:47:68:29:59:b0:23:ae:9c:21:b0:a6:15:d0:
59:1c:4a:1b:5d:a9:e7:f3:93:83:ee:91:8e:11:cd:1c:a0:0f:
89:a8:64:66:22:83:4b:9e:74:6c:b0:0c:94:c1:92:bf:01:3b:
8f:42:df:a6:53:b2:59:ab:3a:2d:9a:08:97:4a:45:ef:78:28:
f3:34:72:93:71:0c:3c:01:0d:d2:fb:81:9c:51:6d:5c:30:ac:
a1:25:01:47:3f:80:87:f0:54:68:16:cb:89:08:84:62:e1:82:
6a:57:86:ca:e5:5d:23:13:41:1a:5b:f9:02:bf:8f:8e:ad:63:
09:11:d1:00:48:f4:39:f7:34:3c:f7:a2:28:a1:de:5a:0d:16:
b6:d8:29:4f:01:2d:1e:1c:58:66:a1:7c:e0:05:1f:63:3f:e0:
72:01:32:19:48:02:f7:2d:79:31:ae:60:a9:a8:69:17:de:21:
7d:aa:4a:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyqw1kSTo3jmUzFqFAsPM5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI3MTAxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdlNTI5ZjFhZGI3OTFiYWViYmRmNzY2Y2M0YTQzMzM3MmQxYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhaqb2w4h3U5P/AuTz8HZEbI7OGj
xN8qpDy4NJAXG4CTKm+GSrPKPtH7lZS1f0P70GZ8YBrdJiwY250ZZdsZ2K/PqkPO
0jMFtzPRU5BJ17kT1Pb6Dwz2NQMo+q5j6TMc61E5c6lR+MPf5QVMWLJiu1Sl0Qvj
l602VAYFJJF+DbpDItwKV9K64DLFQxQWnem+z/3piImIyZhDU3QmpBq/5X6BBfFl
FJujyf2svlPeGt+eYrbmHSO4xfO5fSZq1Oz5iZRRcrAPq2PVDtU5ZZ6cRWG8g+Mv
/FESdUaKYQ1yJuUl9LG65b7FKhAPnGwGhKFiMOD3Vk5jurhpVRHfvKvz+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOF+Up8a23kbrrvfdmzEpDM3LRyWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNFg1U254cmJlUnV1dTk5MmJNU2tNemN0SEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFc/d/D2iHnJHgSOt3HB
iM21oI9/Br7JgUtoC72diNV9ttSdPXwzCvp25HvkM28kqk8A9FWM+a+pZ5LIgbvc
xk7A5CO6qzB+D6QGyWCTR2gpWbAjrpwhsKYV0FkcShtdqefzk4PukY4RzRygD4mo
ZGYig0uedGywDJTBkr8BO49C36ZTslmrOi2aCJdKRe94KPM0cpNxDDwBDdL7gZxR
bVwwrKElAUc/gIfwVGgWy4kIhGLhgmpXhsrlXSMTQRpb+QK/j46tYwkR0QBI9Dn3
NDz3oiih3loNFrbYKU8BLR4cWGahfOAFH2M/4HIBMhlIAvcteTGuYKmoaRfeIX2q
Srw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:49 2025 by rpki-client