Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5Kwgoi0mgQd2PC8TZF4SpGVrfwM.roa
File: 5Kwgoi0mgQd2PC8TZF4SpGVrfwM.roa (raw, json)
Hash identifier: iZDJmIOIJbUESTjQzE5FU7bTXDh52GVP9Ad1OPHxJBM=
Subject key identifier: E4:AC:20:A2:2D:26:81:07:76:3C:2F:13:64:5E:12:A4:65:6B:7F:03
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA181F7FB74B83778D2E711DE8BEFD230
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5Kwgoi0mgQd2PC8TZF4SpGVrfwM.roa
Signing time: Mon 25 Dec 2023 15:04:58 +0000
ROA not before: Mon 25 Dec 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:a181:671d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:81:f7:fb:74:b8:37:78:d2:e7:11:de:8b:ef:d2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4ac20a22d268107763c2f13645e12a4656b7f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ea:e8:be:e6:ac:22:42:e0:9b:29:18:23:8c:
70:8b:ee:f4:b8:b6:63:d2:d8:a6:14:07:6c:2e:3e:
39:28:bf:ae:8d:95:01:75:eb:4f:1e:8b:ab:13:6f:
ad:1e:73:23:4e:0e:0d:c4:46:e3:5b:db:e0:1f:7e:
64:09:11:41:08:d8:28:1e:1b:05:64:ed:d3:91:0f:
96:68:27:e6:cb:3f:8f:3b:3a:4e:72:7a:56:42:4c:
45:8f:dd:95:47:6b:9a:ea:26:b7:a8:bb:bb:18:f2:
91:88:13:e4:ea:0e:2b:83:18:23:20:35:ea:16:60:
d1:8d:d1:fa:3b:02:5d:b7:45:30:83:1d:cb:d0:45:
d8:f8:ab:ca:ae:ee:e0:49:33:73:10:ac:2c:5c:88:
d7:59:ec:4e:c9:af:28:bd:02:87:95:5d:40:14:95:
6d:14:8f:4b:c9:c6:f7:8c:52:70:d4:a7:80:31:06:
3e:7c:c8:73:f9:ec:e6:c4:c2:37:e7:22:dd:e0:db:
b1:51:03:32:0b:5d:e2:37:b4:db:b7:0a:97:7e:4a:
06:c2:d5:24:82:18:2a:d5:15:da:4c:dc:82:00:66:
f8:32:ee:15:81:47:ba:e2:74:2e:af:7f:e2:db:98:
5d:a3:e3:c7:dd:54:67:87:44:00:8b:67:58:f9:fe:
f2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AC:20:A2:2D:26:81:07:76:3C:2F:13:64:5E:12:A4:65:6B:7F:03
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5Kwgoi0mgQd2PC8TZF4SpGVrfwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:a9:01:76:72:dd:0b:11:33:9f:a6:a8:f0:d7:70:dd:1e:98:
31:ce:d1:dc:72:69:bc:bd:e8:ef:ca:fb:c1:c7:be:23:b4:c2:
dc:8a:23:68:f9:bc:c0:25:72:ed:a8:0f:0f:ef:cb:c0:8c:73:
ff:6f:45:de:4a:b6:eb:28:92:c4:1e:32:8b:50:10:46:4d:80:
5c:a4:f3:27:24:e5:0d:1f:04:9f:d8:f6:8d:31:d6:5d:40:00:
e6:85:17:3d:2c:56:11:e9:f2:61:c6:80:d7:24:6b:e5:5d:56:
e6:b2:13:c4:eb:b8:18:00:97:8b:da:38:4a:e2:be:32:2e:ac:
ce:1a:86:b0:6d:9d:35:42:a7:62:0a:3d:a4:8e:5d:33:5a:dc:
e0:26:d6:c1:07:e3:3e:f8:1e:7d:6e:55:db:22:a8:55:e1:c4:
3c:fb:34:d2:24:da:f4:84:60:30:fe:57:df:81:f2:06:23:7f:
38:d9:4f:d3:d0:98:eb:38:5a:2e:9a:b5:d3:ee:e7:2b:51:ab:
a8:29:8c:1e:d8:5e:35:45:c5:92:9a:ef:f8:0e:a0:a1:3c:be:
13:54:c5:25:12:5b:9a:2c:11:e6:52:9f:7f:66:b1:cd:f3:6c:
29:4c:5f:2b:82:6c:e0:14:a7:fd:bd:a3:c5:99:c7:86:3d:d1:
0c:18:50:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyhgff7dLg3eNLnEd6L79IwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFjMjBhMjJkMjY4MTA3NzYzYzJmMTM2NDVlMTJhNDY1NmI3ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+rovuasIkLgmykYI4xwi+70uLZj
0timFAdsLj45KL+ujZUBdetPHourE2+tHnMjTg4NxEbjW9vgH35kCRFBCNgoHhsF
ZO3TkQ+WaCfmyz+POzpOcnpWQkxFj92VR2ua6ia3qLu7GPKRiBPk6g4rgxgjIDXq
FmDRjdH6OwJdt0Uwgx3L0EXY+KvKru7gSTNzEKwsXIjXWexOya8ovQKHlV1AFJVt
FI9Lycb3jFJw1KeAMQY+fMhz+ezmxMI35yLd4NuxUQMyC13iN7TbtwqXfkoGwtUk
ghgq1RXaTNyCAGb4Mu4VgUe64nQur3/i25hdo+PH3VRnh0QAi2dY+f7yCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOSsIKItJoEHdjwvE2ReEqRla38DMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNUt3Z29pMG1nUWQyUEM4VFpGNFNwR1ZyZndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAACpAXZy3QsRM5+mqPDX
cN0emDHO0dxyaby96O/K+8HHviO0wtyKI2j5vMAlcu2oDw/vy8CMc/9vRd5Ktuso
ksQeMotQEEZNgFyk8yck5Q0fBJ/Y9o0x1l1AAOaFFz0sVhHp8mHGgNcka+VdVuay
E8TruBgAl4vaOErivjIurM4ahrBtnTVCp2IKPaSOXTNa3OAm1sEH4z74Hn1uVdsi
qFXhxDz7NNIk2vSEYDD+V9+B8gYjfzjZT9PQmOs4Wi6atdPu5ytRq6gpjB7YXjVF
xZKa7/gOoKE8vhNUxSUSW5osEeZSn39msc3zbClMXyuCbOAUp/29o8WZx4Y90QwY
UKk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:54:47 2025 by rpki-client