Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/S2KWzA9Zw_-ZL2tuRGbNgFl5YE0.roa
File: S2KWzA9Zw_-ZL2tuRGbNgFl5YE0.roa (raw, json)
Hash identifier: fj02b8TvI2KKW8qs1pjqcVimkpnO0jHQzMrFyYK+i4A=
Subject key identifier: 4B:62:96:CC:0F:59:C3:FF:99:2F:6B:6E:44:66:CD:80:59:79:60:4D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9AE09321EC5E8575B8088D77BA79C5F8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/S2KWzA9Zw_-ZL2tuRGbNgFl5YE0.roa
Signing time: Sun 24 Dec 2023 08:10:58 +0000
ROA not before: Sun 24 Dec 2023 08:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9a:e0:93:21:ec:5e:85:75:b8:08:8d:77:ba:79:c5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 08:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b6296cc0f59c3ff992f6b6e4466cd805979604d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0c:73:b3:ed:23:5f:cb:e7:8e:b4:d5:14:27:
19:22:09:17:40:29:44:ed:c4:ac:50:dd:3e:21:c2:
5e:fc:f6:f3:1f:c4:3a:32:13:05:78:53:ed:f5:dd:
ac:cb:35:d9:e4:29:2f:4a:82:e3:9b:ec:cd:f6:49:
6f:94:29:26:1c:00:bb:e7:de:d7:b0:24:91:3e:77:
be:c4:76:01:f3:af:cb:80:0f:d9:e7:d7:be:52:ca:
cb:95:1f:c1:cd:a7:84:a7:f8:7d:01:1b:9a:29:4b:
a0:b1:66:4c:fd:2d:27:7d:28:37:2a:63:5d:df:ee:
a6:7c:a4:a1:0b:00:78:28:a9:ba:76:7a:f9:5a:61:
77:d3:a7:cd:ae:f6:3f:37:e5:a6:95:d9:2d:ac:e2:
93:ca:2f:89:5c:c6:85:77:b0:90:16:4b:4a:5c:78:
19:80:47:d1:88:48:78:ff:9c:9a:df:83:36:97:03:
0c:16:7a:37:4e:fc:0e:3c:44:38:cc:ac:ed:c6:ca:
16:4b:b7:7c:50:27:af:ea:88:71:c9:db:b1:9e:78:
71:e9:cb:d9:92:26:2e:bf:c6:c0:9c:7c:f7:94:db:
5b:47:f1:a2:2b:21:47:3f:43:7e:06:e2:f2:9d:33:
60:a9:80:5c:5d:18:06:f4:0f:54:ec:71:f7:bf:8c:
0c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:62:96:CC:0F:59:C3:FF:99:2F:6B:6E:44:66:CD:80:59:79:60:4D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/S2KWzA9Zw_-ZL2tuRGbNgFl5YE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:76:76:08:e4:cd:d4:82:2d:bb:b5:60:01:f2:1c:8f:15:19:
40:10:4a:56:a5:9c:6c:e5:6f:36:4d:90:35:ce:62:7b:d9:8f:
1c:42:76:af:56:e2:b4:db:0c:c3:84:15:e7:f8:a4:20:78:c3:
a3:45:0f:63:fb:85:41:bf:18:41:de:d7:95:ed:9a:ad:49:b5:
4f:83:52:be:2b:94:7a:17:bd:f1:92:f3:21:c9:51:b5:9e:97:
23:36:6e:5b:b0:14:e2:6f:f0:c9:58:c9:38:47:cb:d0:da:9c:
f0:95:70:b2:39:69:85:e5:ab:d3:a6:36:06:bb:2c:6c:90:6e:
93:54:a7:26:c8:e2:e8:03:a6:58:b0:46:6a:a6:6d:84:24:b7:
7f:32:3d:61:99:84:4b:8e:85:42:03:6e:92:00:f4:f0:7f:d5:
3d:de:32:92:2c:7a:2f:ca:55:aa:95:cc:a4:59:16:5e:cf:52:
f0:b9:18:40:ae:80:3a:61:9f:e7:d0:9e:4b:0f:d6:d8:0e:34:
a1:a3:2c:6c:c3:d7:a4:6c:93:f7:a2:4d:7c:3c:6d:62:65:af:
8b:46:60:38:48:ec:f6:37:72:a7:b6:4e:81:8a:36:87:4c:79:
e4:c8:ef:75:98:4a:ab:23:16:2b:1c:f0:7e:fe:11:c3:52:36:
2f:dd:3f:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYya4JMh7F6FdbgIjXe6ecX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MDgxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjYyOTZjYzBmNTljM2ZmOTkyZjZiNmU0NDY2Y2Q4MDU5Nzk2MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Axzs+0jX8vnjrTVFCcZIgkXQClE
7cSsUN0+IcJe/PbzH8Q6MhMFeFPt9d2syzXZ5CkvSoLjm+zN9klvlCkmHAC7597X
sCSRPne+xHYB86/LgA/Z59e+UsrLlR/BzaeEp/h9ARuaKUugsWZM/S0nfSg3KmNd
3+6mfKShCwB4KKm6dnr5WmF306fNrvY/N+WmldktrOKTyi+JXMaFd7CQFktKXHgZ
gEfRiEh4/5ya34M2lwMMFno3TvwOPEQ4zKztxsoWS7d8UCev6ohxyduxnnhx6cvZ
kiYuv8bAnHz3lNtbR/GiKyFHP0N+BuLynTNgqYBcXRgG9A9U7HH3v4wMnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEtilswPWcP/mS9rbkRmzYBZeWBNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUzJLV3pBOVp3Xy1aTDJ0dVJHYk5nRmw1WUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAId2dgjkzdSCLbu1YAHy
HI8VGUAQSlalnGzlbzZNkDXOYnvZjxxCdq9W4rTbDMOEFef4pCB4w6NFD2P7hUG/
GEHe15Xtmq1JtU+DUr4rlHoXvfGS8yHJUbWelyM2bluwFOJv8MlYyThHy9DanPCV
cLI5aYXlq9OmNga7LGyQbpNUpybI4ugDpliwRmqmbYQkt38yPWGZhEuOhUIDbpIA
9PB/1T3eMpIsei/KVaqVzKRZFl7PUvC5GECugDphn+fQnksP1tgONKGjLGzD16Rs
k/eiTXw8bWJlr4tGYDhI7PY3cqe2ToGKNodMeeTI73WYSqsjFisc8H7+EcNSNi/d
Pw4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:21 2025 by rpki-client