Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RWPNxkbons8j71k42Hd-jr8jYb4.roa
File: RWPNxkbons8j71k42Hd-jr8jYb4.roa (raw, json)
Hash identifier: UaZGJ4fawFDAeQhjhgj5bDAicwN/pQrcBC2+cdPARc8=
Subject key identifier: 45:63:CD:C6:46:E8:9E:CF:23:EF:59:38:D8:77:7E:8E:BF:23:61:BE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF12593562B95775F49E5A111984283B4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RWPNxkbons8j71k42Hd-jr8jYb4.roa
Signing time: Wed 10 Jan 2024 02:13:40 +0000
ROA not before: Wed 10 Jan 2024 02:13:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f1:25:93:56:2b:95:77:5f:49:e5:a1:11:98:42:83:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 10 02:13:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4563cdc646e89ecf23ef5938d8777e8ebf2361be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:33:20:5e:50:67:6b:78:96:eb:4e:dd:19:3c:
3b:87:92:b9:be:9e:d1:4b:bd:38:71:54:c6:f9:74:
79:b8:55:20:2d:a7:d1:78:f9:7c:b2:1f:72:d8:2f:
de:d1:79:38:54:df:09:c4:14:07:3c:5e:53:d6:fc:
db:59:c9:de:77:3c:9e:ad:6d:2a:96:27:db:fb:2f:
6f:e4:80:74:58:37:44:38:1c:26:00:18:2d:d2:a0:
90:de:2b:1d:0f:f6:37:14:a3:1e:1f:7a:a4:c4:07:
ec:a7:9e:7e:62:e4:2d:28:d1:5f:ad:b6:a4:ce:ca:
b9:99:88:a0:68:00:d3:c5:7d:44:bd:54:ea:9d:3b:
31:07:1d:a9:2b:76:6b:ca:c1:df:36:ae:75:62:ee:
d5:06:69:b4:30:73:d0:d4:73:f1:a7:10:17:8e:9a:
0b:8d:0f:b2:6f:6a:88:da:6d:36:17:89:fb:95:ce:
da:45:56:31:fd:9d:97:82:16:ac:c7:67:b5:6c:85:
cc:5c:f5:00:7f:39:8a:12:3d:5c:73:0f:51:04:33:
33:de:5b:77:83:ae:30:15:80:45:74:dd:3d:16:0b:
9e:d5:ca:ec:73:42:b7:bf:86:3f:0a:91:a5:fb:59:
d0:81:4e:73:c1:18:8d:0c:5e:e0:3a:e9:4d:e1:2a:
07:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:63:CD:C6:46:E8:9E:CF:23:EF:59:38:D8:77:7E:8E:BF:23:61:BE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RWPNxkbons8j71k42Hd-jr8jYb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:a1:63:8b:0e:4c:e3:9f:7e:f5:b8:57:19:bb:12:95:25:6e:
4b:bf:13:90:78:fc:44:aa:10:44:e5:0f:48:0b:fd:f1:b6:05:
44:49:8e:e7:fb:be:62:0c:8d:a0:13:89:d5:0e:99:b8:35:b3:
9d:4f:14:bd:f5:6f:8a:f3:69:b4:af:30:fc:57:67:6f:b1:f7:
2f:b9:e2:5a:18:42:69:a3:0b:81:9c:bf:a8:ba:bb:59:3d:77:
60:29:1a:65:db:69:f1:04:bd:e9:5b:b9:5a:95:fa:1e:98:83:
7b:e8:33:92:04:12:9c:b7:de:4e:72:e7:72:85:bb:1e:cb:4a:
50:78:4c:46:16:f2:31:50:a1:20:d3:33:6e:0b:9d:fe:25:e6:
ee:b9:82:dc:d8:ab:c9:18:f0:51:bc:f2:e4:9f:8d:21:7b:61:
c0:0d:82:20:84:4b:a1:c7:bd:a5:52:0c:02:a3:56:98:33:c3:
aa:53:a8:5b:a4:ff:31:e9:e8:81:85:f8:5b:6d:62:bd:2f:c9:
8d:c9:82:29:c2:f9:dc:79:b3:b9:49:88:eb:e5:94:a5:f3:47:
aa:61:c1:31:92:49:14:78:5c:3d:2b:67:13:5f:55:9f:4e:60:
1a:09:7c:ab:2a:98:09:10:6c:58:43:52:2a:ac:6c:47:82:cf:
41:e3:c0:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzxJZNWK5V3X0nloRGYQoO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEwMDIxMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTYzY2RjNjQ2ZTg5ZWNmMjNlZjU5MzhkODc3N2U4ZWJmMjM2MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizMgXlBna3iW607dGTw7h5K5vp7R
S704cVTG+XR5uFUgLafRePl8sh9y2C/e0Xk4VN8JxBQHPF5T1vzbWcnedzyerW0q
lifb+y9v5IB0WDdEOBwmABgt0qCQ3isdD/Y3FKMeH3qkxAfsp55+YuQtKNFfrbak
zsq5mYigaADTxX1EvVTqnTsxBx2pK3ZrysHfNq51Yu7VBmm0MHPQ1HPxpxAXjpoL
jQ+yb2qI2m02F4n7lc7aRVYx/Z2Xghasx2e1bIXMXPUAfzmKEj1ccw9RBDMz3lt3
g64wFYBFdN09Fgue1crsc0K3v4Y/CpGl+1nQgU5zwRiNDF7gOulN4SoH7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEVjzcZG6J7PI+9ZONh3fo6/I2G+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUldQTnhrYm9uczhqNzFrNDJIZC1qcjhqWWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGmhY4sOTOOffvW4Vxm7
EpUlbku/E5B4/ESqEETlD0gL/fG2BURJjuf7vmIMjaATidUOmbg1s51PFL31b4rz
abSvMPxXZ2+x9y+54loYQmmjC4Gcv6i6u1k9d2ApGmXbafEEvelbuVqV+h6Yg3vo
M5IEEpy33k5y53KFux7LSlB4TEYW8jFQoSDTM24Lnf4l5u65gtzYq8kY8FG88uSf
jSF7YcANgiCES6HHvaVSDAKjVpgzw6pTqFuk/zHp6IGF+FttYr0vyY3JginC+dx5
s7lJiOvllKXzR6phwTGSSRR4XD0rZxNfVZ9OYBoJfKsqmAkQbFhDUiqsbEeCz0Hj
wOM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:16 2025 by rpki-client