Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TKD2mUz9-q4_ojpaTBeAj0363ak.roa
File: TKD2mUz9-q4_ojpaTBeAj0363ak.roa (raw, json)
Hash identifier: Lw7PaN5T4xMBWG5QMWLGb6j/+5/w2yTDwpdEWyBspac=
Subject key identifier: 4C:A0:F6:99:4C:FD:FA:AE:3F:A2:3A:5A:4C:17:80:8F:4D:FA:DD:A9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6B730A69662F7995290740A339FE71D1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TKD2mUz9-q4_ojpaTBeAj0363ak.roa
Signing time: Sat 23 Mar 2024 13:14:45 +0000
ROA not before: Sat 23 Mar 2024 13:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6b:73:0a:69:66:2f:79:95:29:07:40:a3:39:fe:71:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 13:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ca0f6994cfdfaae3fa23a5a4c17808f4dfadda9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7e:ec:3a:cf:76:7f:bb:0d:c3:7b:05:84:97:
bd:92:bf:d1:0e:bb:83:2c:3e:e2:26:93:76:a7:8d:
b1:f2:b2:38:84:ce:da:e7:9a:d0:ef:ab:cc:00:ed:
8d:d5:1b:9c:8f:23:6f:3c:12:f3:0e:75:dd:ad:d4:
1e:c8:da:47:8c:00:73:5c:9c:55:bf:a3:2f:e9:27:
3e:0d:4a:b9:c6:bb:e6:d1:48:95:e3:7c:62:bd:28:
27:c2:e7:b0:e9:c4:1d:03:47:3a:90:0a:ec:5b:f1:
e1:75:4b:ec:f6:7d:9f:38:33:11:a0:89:e9:47:a7:
8a:88:b9:19:51:a1:74:1e:71:44:e5:fa:77:93:b1:
2e:fa:21:ee:99:53:64:60:b8:43:01:b5:0f:b3:a3:
89:1a:5f:5e:8d:7f:89:b1:c1:55:92:b0:58:2b:56:
fc:44:ae:96:63:7e:06:cf:e0:92:7b:31:fa:6a:b2:
a6:43:be:20:4f:f5:a4:8f:dd:ed:0c:7b:8d:78:ed:
81:97:c3:b5:9f:9c:10:02:ba:10:38:4a:f8:e5:c2:
71:1c:58:4b:46:21:0f:8a:4b:f6:34:d6:45:17:2c:
05:b2:34:5e:fb:f4:a8:27:7a:91:fe:a1:65:54:e2:
71:35:29:b5:5a:4f:17:67:68:c2:82:17:0c:c9:29:
77:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A0:F6:99:4C:FD:FA:AE:3F:A2:3A:5A:4C:17:80:8F:4D:FA:DD:A9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TKD2mUz9-q4_ojpaTBeAj0363ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:6b:9f:df:06:5e:ba:1a:9e:02:76:82:9c:98:a2:16:2f:35:
81:67:b0:ea:01:ff:6a:24:d5:a6:57:36:85:2c:f1:a8:af:05:
e3:39:94:28:10:ec:75:f2:01:95:bb:f6:05:ea:6b:53:0e:37:
a1:19:37:c7:e3:71:58:3f:64:16:a2:e9:6f:11:b5:49:05:e6:
56:fb:b1:d7:a5:48:d8:f1:53:7e:18:66:4c:df:cb:a0:cc:19:
1b:14:b5:0a:11:1e:78:d8:76:50:6d:9f:17:b1:70:37:c4:0c:
b1:30:3f:12:bb:a8:97:cb:e8:a1:b8:ec:5d:9e:f4:1f:7b:e3:
e3:d2:92:b6:0a:b4:3e:9f:b8:86:b8:d5:1a:e0:1f:0e:96:7b:
d8:28:a5:9e:1f:2c:ef:a8:72:4f:67:a8:f4:45:96:01:6a:06:
15:55:0d:22:7b:c0:68:f0:0c:d3:b9:8c:0f:51:f5:9e:78:58:
90:a1:c4:13:b2:6f:f3:ae:2e:28:d7:43:dd:33:a7:bb:4f:55:
aa:71:9d:f9:db:54:d2:d0:99:10:80:5f:bd:3e:69:82:2f:a7:
d0:b1:21:5e:44:09:a3:a9:75:3f:a4:71:8e:23:0a:7a:a6:9e:
a4:d4:78:d8:b0:fb:8a:84:6a:01:1a:0f:8e:f6:5f:74:ae:a8:
1a:2a:ad:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5rcwppZi95lSkHQKM5/nHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMTMxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2EwZjY5OTRjZmRmYWFlM2ZhMjNhNWE0YzE3ODA4ZjRkZmFkZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH7sOs92f7sNw3sFhJe9kr/RDruD
LD7iJpN2p42x8rI4hM7a55rQ76vMAO2N1RucjyNvPBLzDnXdrdQeyNpHjABzXJxV
v6Mv6Sc+DUq5xrvm0UiV43xivSgnwuew6cQdA0c6kArsW/HhdUvs9n2fODMRoInp
R6eKiLkZUaF0HnFE5fp3k7Eu+iHumVNkYLhDAbUPs6OJGl9ejX+JscFVkrBYK1b8
RK6WY34Gz+CSezH6arKmQ74gT/Wkj93tDHuNeO2Bl8O1n5wQAroQOEr45cJxHFhL
RiEPikv2NNZFFywFsjRe+/SoJ3qR/qFlVOJxNSm1Wk8XZ2jCghcMySl35QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEyg9plM/fquP6I6WkwXgI9N+t2pMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVEtEMm1VejktcTRfb2pwYVRCZUFqMDM2M2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFJrn98GXroangJ2gpyY
ohYvNYFnsOoB/2ok1aZXNoUs8aivBeM5lCgQ7HXyAZW79gXqa1MON6EZN8fjcVg/
ZBai6W8RtUkF5lb7sdelSNjxU34YZkzfy6DMGRsUtQoRHnjYdlBtnxexcDfEDLEw
PxK7qJfL6KG47F2e9B974+PSkrYKtD6fuIa41RrgHw6We9gopZ4fLO+ock9nqPRF
lgFqBhVVDSJ7wGjwDNO5jA9R9Z54WJChxBOyb/OuLijXQ90zp7tPVapxnfnbVNLQ
mRCAX70+aYIvp9CxIV5ECaOpdT+kcY4jCnqmnqTUeNiw+4qEagEaD472X3SuqBoq
rZQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:23:03 2025 by rpki-client