Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L5UjpGuUNwXEB7LIKc3wU3e9Pcw.roa
File: L5UjpGuUNwXEB7LIKc3wU3e9Pcw.roa (raw, json)
Hash identifier: V5Pm0X/RSUinNQW7nRxnI0InOym4+zIkPZKLuGFs/dA=
Subject key identifier: 2F:95:23:A4:6B:94:37:05:C4:07:B2:C8:29:CD:F0:53:77:BD:3D:CC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D043E7DB8849BA1B6B7FFDCFED450071C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L5UjpGuUNwXEB7LIKc3wU3e9Pcw.roa
Signing time: Sat 13 Jan 2024 19:13:40 +0000
ROA not before: Sat 13 Jan 2024 19:13:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:04:3e:7d:b8:84:9b:a1:b6:b7:ff:dc:fe:d4:50:07:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 13 19:13:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f9523a46b943705c407b2c829cdf05377bd3dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b4:78:f9:95:9b:67:f4:07:a6:34:85:d4:b7:
7e:c5:a5:0a:6d:f5:d3:cd:e8:9c:a7:ee:3f:17:ae:
fa:5c:d4:e2:b5:19:04:6d:63:96:36:b0:7a:b3:17:
59:db:d0:a5:34:27:a0:78:a7:8f:6b:a2:87:bf:42:
52:b7:a9:b0:cd:74:15:87:49:ab:dc:d4:00:ca:d7:
eb:56:e4:98:bf:6d:64:81:ff:2c:66:73:cc:ea:d3:
88:25:e3:25:ef:8c:1c:a3:da:d6:21:c9:d1:9c:8d:
9c:a4:7f:36:fd:5e:1b:ba:16:31:d0:ab:af:54:36:
c7:1f:0d:53:f1:62:4e:41:0a:06:d4:80:ba:0d:76:
63:4c:36:f2:43:19:5e:0a:78:c7:7d:c9:96:20:24:
fa:cc:53:e1:47:a8:a0:4f:51:8f:bb:28:51:e6:7d:
66:c1:c4:5e:4c:1b:6f:29:97:e8:72:96:f4:ce:6d:
ce:5d:dc:f3:41:50:a0:98:ae:cc:dc:3d:94:9d:6f:
7b:a2:00:16:2f:08:ee:17:9c:83:42:80:36:4f:4c:
7a:ba:4b:e7:42:c0:52:2f:12:c9:0e:fa:2c:a9:db:
9b:25:57:82:35:c0:87:c1:5d:44:dc:8f:5d:04:3a:
c3:60:30:c4:f7:ba:77:42:8e:47:4e:7f:ba:6b:f5:
15:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:95:23:A4:6B:94:37:05:C4:07:B2:C8:29:CD:F0:53:77:BD:3D:CC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L5UjpGuUNwXEB7LIKc3wU3e9Pcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:3d:ff:d8:ea:6d:2b:73:5b:3b:bc:ef:66:b7:cb:39:ff:4a:
98:71:7a:e0:0f:37:5e:e1:14:49:32:9b:26:2c:bd:0e:57:5e:
4a:33:03:b2:f7:22:f1:54:18:4a:74:77:97:a4:56:2b:5c:b1:
fa:7c:df:72:03:f2:bf:b6:d2:3b:60:0e:d9:7a:07:88:22:cf:
f9:d4:8e:99:aa:9d:09:0b:be:9f:38:a6:66:4c:31:91:59:3e:
e6:5e:0d:5c:4f:fd:20:23:22:39:54:7a:2b:06:d7:67:b0:99:
37:cd:62:0d:e9:74:c8:45:84:b6:af:96:e0:84:40:9d:ee:67:
73:eb:16:4d:75:14:ae:3e:33:f6:67:07:ae:14:0f:44:b3:9d:
c1:25:aa:48:01:48:59:95:e8:c0:4a:8b:8e:6a:46:0d:f1:59:
ae:21:c4:00:a7:96:2e:ca:e0:de:b4:ba:7f:df:e3:7f:4d:1b:
62:09:57:2b:54:ee:be:0e:08:52:60:9d:44:8b:80:39:cf:03:
08:0f:ea:37:70:ac:6a:00:59:2f:a5:10:35:87:08:3d:77:ad:
00:98:17:90:e5:d1:7b:93:5c:ad:d7:db:6e:28:1a:22:88:34:
12:bd:eb:c8:3f:85:6d:fa:e9:3f:32:66:ef:40:b7:d3:97:8f:
5f:ad:ff:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0EPn24hJuhtrf/3P7UUAccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEzMTkxMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk1MjNhNDZiOTQzNzA1YzQwN2IyYzgyOWNkZjA1Mzc3YmQzZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7R4+ZWbZ/QHpjSF1Ld+xaUKbfXT
zeicp+4/F676XNTitRkEbWOWNrB6sxdZ29ClNCegeKePa6KHv0JSt6mwzXQVh0mr
3NQAytfrVuSYv21kgf8sZnPM6tOIJeMl74wco9rWIcnRnI2cpH82/V4buhYx0Kuv
VDbHHw1T8WJOQQoG1IC6DXZjTDbyQxleCnjHfcmWICT6zFPhR6igT1GPuyhR5n1m
wcReTBtvKZfocpb0zm3OXdzzQVCgmK7M3D2UnW97ogAWLwjuF5yDQoA2T0x6ukvn
QsBSLxLJDvosqdubJVeCNcCHwV1E3I9dBDrDYDDE97p3Qo5HTn+6a/UVaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC+VI6RrlDcFxAeyyCnN8FN3vT3MMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTDVVanBHdVVOd1hFQjdMSUtjM3dVM2U5UGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF89/9jqbStzWzu872a3
yzn/SphxeuAPN17hFEkymyYsvQ5XXkozA7L3IvFUGEp0d5ekVitcsfp833ID8r+2
0jtgDtl6B4giz/nUjpmqnQkLvp84pmZMMZFZPuZeDVxP/SAjIjlUeisG12ewmTfN
Yg3pdMhFhLavluCEQJ3uZ3PrFk11FK4+M/ZnB64UD0SzncElqkgBSFmV6MBKi45q
Rg3xWa4hxACnli7K4N60un/f439NG2IJVytU7r4OCFJgnUSLgDnPAwgP6jdwrGoA
WS+lEDWHCD13rQCYF5Dl0XuTXK3X224oGiKINBK968g/hW366T8yZu9At9OXj1+t
//c=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:07:25 2025 by rpki-client