Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CWztebvKLrCQRUT3-w5lppYhWEk.roa
File: CWztebvKLrCQRUT3-w5lppYhWEk.roa (raw, json)
Hash identifier: 0ykkDhzIpVJFkkYOVjweiI7gzVGXCa6+FWSeOGIWR9U=
Subject key identifier: 09:6C:ED:79:BB:CA:2E:B0:90:45:44:F7:FB:0E:65:A6:96:21:58:49
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8C0CCC557F87A5D47744EF701853CF3C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CWztebvKLrCQRUT3-w5lppYhWEk.roa
Signing time: Thu 21 Dec 2023 11:04:58 +0000
ROA not before: Thu 21 Dec 2023 11:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:8c0c:1c06/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:0c:cc:55:7f:87:a5:d4:77:44:ef:70:18:53:cf:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 21 11:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=096ced79bbca2eb0904544f7fb0e65a696215849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f1:de:d2:a5:e7:f8:53:8e:f8:a7:a7:eb:58:
37:6e:b1:a4:56:8b:11:c6:11:3c:59:3a:82:e2:4f:
65:09:4b:4f:7c:06:59:3d:7a:6a:3d:8f:f3:ec:6f:
be:79:93:c1:fa:6a:a7:67:87:bd:cc:0e:31:fc:35:
ab:4b:da:f8:7a:24:7f:ad:e2:84:65:fe:ef:d9:80:
1e:cc:4b:69:ef:c1:85:9c:1b:b5:8c:ac:db:e1:ec:
73:14:2e:79:a0:b1:45:55:46:8d:13:61:85:4c:9a:
f1:2b:ff:3c:da:a3:45:e9:a8:91:c1:94:f6:32:54:
08:45:3a:f8:4a:29:ee:72:ee:a5:af:ed:cc:cc:3b:
b3:d6:79:b3:83:a8:c3:68:df:2c:ff:fe:c5:c5:45:
ee:b0:9d:28:69:d7:82:bc:4c:6b:ab:b5:91:14:bb:
6a:8e:8b:0c:cf:a4:e1:fd:d6:09:96:e8:2e:8c:98:
a1:87:51:14:84:c8:a7:18:70:ac:9d:6a:1a:37:c8:
21:14:d0:57:f1:0b:e1:d9:67:98:94:52:dc:31:ff:
74:2d:5e:10:14:a2:53:0d:d3:b9:cc:42:17:c7:0f:
83:7a:15:4c:d6:af:22:0a:6e:75:8e:4f:e2:94:25:
f3:16:b9:3c:cb:67:3f:74:16:27:ff:85:87:db:56:
11:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6C:ED:79:BB:CA:2E:B0:90:45:44:F7:FB:0E:65:A6:96:21:58:49
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CWztebvKLrCQRUT3-w5lppYhWEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:50:b1:78:25:79:b8:b8:2f:d9:d5:db:d9:81:f5:78:91:bf:
d8:c7:ac:52:55:97:88:d9:c7:1c:b9:05:30:61:6a:fa:46:ff:
9a:05:e2:c1:6f:fb:53:2a:b2:0e:b2:de:f0:9e:5c:3d:33:24:
91:40:25:e1:d9:2e:7a:49:84:b2:c0:8d:f5:c3:8e:63:ac:2a:
7e:00:e8:3c:47:30:cb:13:05:6d:8b:c8:00:18:9b:ee:02:d7:
74:79:26:cd:fd:5b:84:fb:47:4e:2e:60:dc:88:46:aa:8c:6e:
76:86:64:ae:36:a8:7b:1d:22:73:30:c6:47:ae:58:e8:8e:ca:
89:e6:5e:49:0f:81:3f:90:5b:f7:59:8a:83:79:0c:67:f9:ba:
9a:f8:79:63:ee:83:fb:44:c4:79:28:83:44:a9:c0:37:f4:27:
b8:c1:bd:cc:51:a9:fa:5e:5e:43:d2:da:89:52:da:49:91:70:
aa:bf:74:55:19:79:0f:e8:a7:91:f1:5c:03:a1:b1:f7:09:70:
ce:d5:3b:7e:d9:e2:e7:60:9a:e7:50:99:16:aa:b3:ad:0d:28:
c4:3e:dc:a9:b1:2a:4a:3c:f2:c5:e5:67:aa:bb:a6:49:67:f2:
fc:ac:3f:6f:f5:a5:17:ee:1a:12:dc:a7:7d:07:b6:ba:f0:19:
45:db:2a:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyMDMxVf4el1HdE73AYU888MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIxMTEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZjZWQ3OWJiY2EyZWIwOTA0NTQ0ZjdmYjBlNjVhNjk2MjE1ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvHe0qXn+FOO+Ken61g3brGkVosR
xhE8WTqC4k9lCUtPfAZZPXpqPY/z7G++eZPB+mqnZ4e9zA4x/DWrS9r4eiR/reKE
Zf7v2YAezEtp78GFnBu1jKzb4exzFC55oLFFVUaNE2GFTJrxK/882qNF6aiRwZT2
MlQIRTr4Sinucu6lr+3MzDuz1nmzg6jDaN8s//7FxUXusJ0oadeCvExrq7WRFLtq
josMz6Th/dYJlugujJihh1EUhMinGHCsnWoaN8ghFNBX8Qvh2WeYlFLcMf90LV4Q
FKJTDdO5zEIXxw+DehVM1q8iCm51jk/ilCXzFrk8y2c/dBYn/4WH21YRDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAls7Xm7yi6wkEVE9/sOZaaWIVhJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ1d6dGVidktMckNRUlVUMy13NWxwcFloV0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGxQsXglebi4L9nV29mB
9XiRv9jHrFJVl4jZxxy5BTBhavpG/5oF4sFv+1Mqsg6y3vCeXD0zJJFAJeHZLnpJ
hLLAjfXDjmOsKn4A6DxHMMsTBW2LyAAYm+4C13R5Js39W4T7R04uYNyIRqqMbnaG
ZK42qHsdInMwxkeuWOiOyonmXkkPgT+QW/dZioN5DGf5upr4eWPug/tExHkog0Sp
wDf0J7jBvcxRqfpeXkPS2olS2kmRcKq/dFUZeQ/op5HxXAOhsfcJcM7VO37Z4udg
mudQmRaqs60NKMQ+3KmxKko88sXlZ6q7pkln8vysP2/1pRfuGhLcp30HtrrwGUXb
KpU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:34:18 2025 by rpki-client