Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SG7twRBqTQRNLBPG8TuTpg2MWx0.roa
File: SG7twRBqTQRNLBPG8TuTpg2MWx0.roa (raw, json)
Hash identifier: pJPheY0vZMsaqptrVgctBb4zNxpNWSZ4Gd0EhG+bAmY=
Subject key identifier: 48:6E:ED:C1:10:6A:4D:04:4D:2C:13:C6:F1:3B:93:A6:0D:8C:5B:1D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8CEEF024F9E1E56BB27EEF863156CF5B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SG7twRBqTQRNLBPG8TuTpg2MWx0.roa
Signing time: Thu 21 Dec 2023 15:11:58 +0000
ROA not before: Thu 21 Dec 2023 15:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:ee:f0:24:f9:e1:e5:6b:b2:7e:ef:86:31:56:cf:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 21 15:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=486eedc1106a4d044d2c13c6f13b93a60d8c5b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:41:05:1f:94:ac:61:cc:9c:3e:2c:98:ba:
b6:dc:c1:f4:d7:bc:ac:3e:28:45:e7:5f:33:11:9e:
48:20:b1:29:75:eb:42:43:2d:f9:c4:ee:67:ec:04:
78:8d:0d:1c:d9:45:16:70:07:ce:94:90:44:f9:50:
d4:51:2c:b2:7e:f3:28:5f:e5:63:18:cd:2f:69:99:
ae:79:a2:e0:ec:c5:b0:74:3f:a0:69:9a:7c:f3:92:
1a:8f:15:20:b8:84:45:68:81:aa:6f:62:7a:51:cf:
0d:e3:0d:66:c8:ec:6b:f1:77:53:02:77:62:11:22:
6a:15:53:12:ab:54:9a:c2:54:46:b5:78:9a:f5:0b:
52:f9:4f:2b:d8:bb:cd:eb:fe:e7:4d:1c:d1:f5:0a:
d7:2e:c1:89:e7:13:0f:55:66:57:21:e2:15:f3:51:
82:a5:ac:1d:5a:52:2b:27:42:0b:e2:d0:2b:83:f0:
ef:32:4e:b0:6c:01:bd:08:88:c3:2d:6a:61:7d:c5:
d8:82:a8:8c:39:07:08:0a:1a:c4:11:8f:25:46:94:
eb:4b:07:98:40:57:fe:a6:34:27:7b:97:ff:b1:8f:
67:74:d8:ed:5e:32:23:28:e3:f4:74:61:66:2c:d0:
55:66:4e:60:3d:23:6d:b6:f5:eb:ee:84:fa:bc:a3:
13:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6E:ED:C1:10:6A:4D:04:4D:2C:13:C6:F1:3B:93:A6:0D:8C:5B:1D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SG7twRBqTQRNLBPG8TuTpg2MWx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:8a:d9:0c:0d:fd:dc:e6:6e:17:66:92:fd:8a:30:5c:d0:1d:
ca:9d:16:1d:b8:04:89:19:7b:48:b4:d7:35:6c:99:9b:4c:ad:
67:23:19:b6:40:e4:77:33:d5:5d:ea:5d:ed:6b:4d:c2:0d:95:
ac:ce:6b:23:98:2c:7f:ee:7a:2d:c9:3a:0e:af:58:78:96:f3:
3c:a0:1d:bf:ab:ce:0e:66:79:01:7a:be:6d:0e:8e:97:d6:c5:
99:b8:2c:06:cd:a9:33:d5:ff:fa:64:9f:53:22:13:f3:cd:2f:
3e:95:e5:e2:91:5b:fb:61:58:fa:60:b7:4c:b2:87:1d:97:0a:
e4:91:f1:ed:c1:fe:c3:2d:21:55:3b:1d:b1:7e:e8:b1:ea:ca:
d8:b4:13:8c:a9:8c:1c:f3:59:dc:96:5b:13:87:76:3e:dd:18:
f4:20:8c:bf:64:af:46:4f:d0:1a:41:fc:1a:96:e4:17:8a:de:
ba:71:3d:f0:7a:67:94:c4:e4:c2:af:fb:ee:32:1e:bc:f3:d3:
10:0c:ea:d3:f1:7e:bf:da:51:50:45:b7:61:f1:58:c7:b7:49:
37:14:64:0a:4e:5e:7d:b9:73:0a:36:23:fd:0e:ab:cd:f1:c4:
60:91:85:29:b0:00:64:3f:75:1b:8d:8d:dc:eb:c6:4f:ce:31:
27:ac:aa:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyM7vAk+eHla7J+74YxVs9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIxMTUxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZlZWRjMTEwNmE0ZDA0NGQyYzEzYzZmMTNiOTNhNjBkOGM1YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKRBBR+UrGHMnD4smLq23MH017ys
PihF518zEZ5IILEpdetCQy35xO5n7AR4jQ0c2UUWcAfOlJBE+VDUUSyyfvMoX+Vj
GM0vaZmueaLg7MWwdD+gaZp885IajxUguIRFaIGqb2J6Uc8N4w1myOxr8XdTAndi
ESJqFVMSq1SawlRGtXia9QtS+U8r2LvN6/7nTRzR9QrXLsGJ5xMPVWZXIeIV81GC
pawdWlIrJ0IL4tArg/DvMk6wbAG9CIjDLWphfcXYgqiMOQcIChrEEY8lRpTrSweY
QFf+pjQne5f/sY9ndNjtXjIjKOP0dGFmLNBVZk5gPSNttvXr7oT6vKMTHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhu7cEQak0ETSwTxvE7k6YNjFsdMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvU0c3dHdSQnFUUVJOTEJQRzhUdVRwZzJNV3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI2K2QwN/dzmbhdmkv2K
MFzQHcqdFh24BIkZe0i01zVsmZtMrWcjGbZA5Hcz1V3qXe1rTcINlazOayOYLH/u
ei3JOg6vWHiW8zygHb+rzg5meQF6vm0OjpfWxZm4LAbNqTPV//pkn1MiE/PNLz6V
5eKRW/thWPpgt0yyhx2XCuSR8e3B/sMtIVU7HbF+6LHqyti0E4ypjBzzWdyWWxOH
dj7dGPQgjL9kr0ZP0BpB/BqW5BeK3rpxPfB6Z5TE5MKv++4yHrzz0xAM6tPxfr/a
UVBFt2HxWMe3STcUZApOXn25cwo2I/0Oq83xxGCRhSmwAGQ/dRuNjdzrxk/OMSes
qso=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:25:55 2025 by rpki-client