Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5tXo6b3kDiPV5XwoPGlhW8PoTRs.roa
File: 5tXo6b3kDiPV5XwoPGlhW8PoTRs.roa (raw, json)
Hash identifier: QExvY7eRhQMxG67oQmKZiyvb4A/yZjj51gNfARIZfko=
Subject key identifier: E6:D5:E8:E9:BD:E4:0E:23:D5:E5:7C:28:3C:69:61:5B:C3:E8:4D:1B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9F63F994FAB7E5EA9E2DE41C246EF65D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5tXo6b3kDiPV5XwoPGlhW8PoTRs.roa
Signing time: Mon 25 Dec 2023 05:12:58 +0000
ROA not before: Mon 25 Dec 2023 05:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9f:63:f9:94:fa:b7:e5:ea:9e:2d:e4:1c:24:6e:f6:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 05:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6d5e8e9bde40e23d5e57c283c69615bc3e84d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0e:5a:c4:52:e3:e7:0a:b3:23:0f:4b:18:a6:
60:37:2f:cc:1d:17:c5:5b:09:44:23:a8:32:73:b3:
b1:ee:64:dd:e2:40:db:81:46:75:77:61:26:cc:ae:
2a:43:1f:8d:41:eb:6e:5f:cf:bf:97:d0:17:46:f8:
76:56:2a:94:da:b5:a2:be:b8:c0:ee:81:5a:e0:b6:
fa:24:40:7d:63:55:60:1a:f9:b9:06:3e:37:0c:5e:
46:04:87:2a:ac:16:c2:43:85:1a:86:2a:02:bf:ac:
76:6c:d4:83:ab:54:94:81:7d:42:a2:5b:2e:34:96:
a7:54:93:14:05:09:58:86:a6:d8:51:85:3b:fc:82:
c1:00:95:1e:1d:4a:c0:8c:4f:70:a2:fd:cd:f1:fe:
50:4f:f2:5d:8b:f5:e7:4f:79:56:ea:60:a4:0a:7f:
42:db:9a:d3:d4:06:97:3f:b6:d2:79:69:d2:7d:f9:
9b:cc:44:82:15:37:9f:c4:c8:14:b5:a5:5a:12:28:
1d:01:ac:e7:71:8c:7b:75:e3:42:4c:a6:96:bd:cb:
ed:3a:8c:26:2c:30:2a:5b:5a:3a:f2:8d:0f:71:3c:
fe:01:92:11:fe:ad:5b:55:b3:58:bd:a6:32:7f:af:
21:c2:bd:bb:54:99:38:16:5a:74:02:da:48:ea:92:
17:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D5:E8:E9:BD:E4:0E:23:D5:E5:7C:28:3C:69:61:5B:C3:E8:4D:1B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5tXo6b3kDiPV5XwoPGlhW8PoTRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:00:61:e2:aa:94:cf:a4:05:c4:f8:8b:76:86:19:cc:50:b7:
b0:29:3d:e0:80:bf:1a:98:81:3b:69:bf:64:a2:8d:a8:cf:1d:
41:c7:aa:c2:ab:8e:0c:d1:7b:c8:17:e4:74:37:55:d2:8b:67:
6f:8a:12:a2:46:fd:4b:30:2a:b8:7f:c9:75:93:a1:2b:a0:4c:
40:c9:d0:ea:81:e6:4d:d7:0d:64:fb:69:f0:aa:55:67:1c:59:
a5:c1:2b:71:2e:05:d9:28:d1:cc:d1:4a:0c:5a:c0:90:e7:c2:
20:4e:aa:0a:18:af:e5:97:2a:26:57:d3:e1:40:de:1c:59:f3:
8c:1a:af:ec:51:89:a6:cf:29:8c:4f:f5:82:1b:ba:4c:3f:86:
cb:97:6c:19:32:04:cf:2b:01:90:e5:dc:78:18:6f:58:2d:4c:
b9:00:d3:7b:b0:5b:38:10:f3:e2:29:6c:0c:40:c6:95:5a:f7:
3c:a5:24:6d:1e:aa:90:bc:61:8e:52:59:45:9b:bb:43:e9:bc:
79:a9:77:4a:ed:4d:4f:39:be:93:26:6b:8e:02:e7:10:56:53:
49:85:bc:c7:49:19:5c:c6:99:06:1c:c2:60:cd:91:dc:1e:bf:
bb:4e:63:49:fc:de:fa:05:2c:17:df:b1:ef:86:99:f0:36:a2:
cb:c0:38:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyfY/mU+rfl6p4t5BwkbvZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDUxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ1ZThlOWJkZTQwZTIzZDVlNTdjMjgzYzY5NjE1YmMzZTg0ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5A5axFLj5wqzIw9LGKZgNy/MHRfF
WwlEI6gyc7Ox7mTd4kDbgUZ1d2EmzK4qQx+NQetuX8+/l9AXRvh2ViqU2rWivrjA
7oFa4Lb6JEB9Y1VgGvm5Bj43DF5GBIcqrBbCQ4UahioCv6x2bNSDq1SUgX1Colsu
NJanVJMUBQlYhqbYUYU7/ILBAJUeHUrAjE9wov3N8f5QT/Jdi/XnT3lW6mCkCn9C
25rT1AaXP7bSeWnSffmbzESCFTefxMgUtaVaEigdAazncYx7deNCTKaWvcvtOowm
LDAqW1o68o0PcTz+AZIR/q1bVbNYvaYyf68hwr27VJk4Flp0AtpI6pIXdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFObV6Om95A4j1eV8KDxpYVvD6E0bMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNXRYbzZiM2tEaVBWNVh3b1BHbGhXOFBvVFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACgAYeKqlM+kBcT4i3aG
GcxQt7ApPeCAvxqYgTtpv2SijajPHUHHqsKrjgzRe8gX5HQ3VdKLZ2+KEqJG/Usw
Krh/yXWToSugTEDJ0OqB5k3XDWT7afCqVWccWaXBK3EuBdko0czRSgxawJDnwiBO
qgoYr+WXKiZX0+FA3hxZ84war+xRiabPKYxP9YIbukw/hsuXbBkyBM8rAZDl3HgY
b1gtTLkA03uwWzgQ8+IpbAxAxpVa9zylJG0eqpC8YY5SWUWbu0PpvHmpd0rtTU85
vpMma44C5xBWU0mFvMdJGVzGmQYcwmDNkdwev7tOY0n83voFLBffse+GmfA2osvA
ODw=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:51:22 2025 by rpki-client