Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Vxg53lvo5S0iql60H60plqW3HTw.roa
File: Vxg53lvo5S0iql60H60plqW3HTw.roa (raw, json)
Hash identifier: ghwQwMHahuxw3F6mDrrUnZs4loJNbsoCHZv9aL6ULXg=
Subject key identifier: 57:18:39:DE:5B:E8:E5:2D:22:AA:5E:B4:1F:AD:29:96:A5:B7:1D:3C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9A3D9CDF9786B79CA64B487E9DFC8396
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Vxg53lvo5S0iql60H60plqW3HTw.roa
Signing time: Sun 24 Dec 2023 05:12:58 +0000
ROA not before: Sun 24 Dec 2023 05:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9a:3d:9c:df:97:86:b7:9c:a6:4b:48:7e:9d:fc:83:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 05:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=571839de5be8e52d22aa5eb41fad2996a5b71d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:27:88:c1:d3:bf:45:f7:26:de:2d:db:5a:f9:
e8:51:0f:28:05:18:85:a8:5f:95:d7:14:50:09:9e:
93:7b:4b:81:19:a4:0a:cf:80:c7:e8:25:96:31:00:
a7:00:7b:b7:da:b8:e2:8f:b7:d6:c9:bb:ed:80:07:
ac:84:ea:8c:49:fc:f0:fc:e0:da:45:cf:6a:98:c8:
c4:3e:a5:58:de:f2:24:58:2d:6c:48:80:96:9f:bd:
18:85:9a:74:ea:ef:e3:91:e5:87:ac:63:b7:70:d0:
d8:23:2e:ca:15:d1:1f:32:a8:c4:5a:67:80:50:86:
35:50:4f:73:44:7e:83:0b:9b:e5:20:dc:50:8c:9a:
e9:e5:92:2d:b4:03:6c:f4:68:ea:0b:78:c6:db:74:
5f:b8:d3:95:33:21:ef:c7:3d:c2:a6:eb:3a:11:98:
40:c8:f7:cd:81:ce:16:95:52:87:d1:23:c8:88:37:
b1:c3:d0:c0:07:ae:32:3a:c6:5e:58:8d:45:89:02:
f6:a2:9f:b7:dc:ab:3c:2f:4c:99:72:59:f4:37:3e:
97:93:15:1e:10:e9:df:83:92:8d:6d:7a:97:41:8b:
af:0f:67:8e:7d:e3:30:d7:a0:1a:17:b5:9a:9d:e1:
3d:c6:a3:47:14:dc:a9:13:22:c3:53:7d:c7:09:c3:
6d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:18:39:DE:5B:E8:E5:2D:22:AA:5E:B4:1F:AD:29:96:A5:B7:1D:3C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Vxg53lvo5S0iql60H60plqW3HTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:5f:db:51:1e:b7:12:22:93:cc:d4:1e:a9:cf:0c:53:88:54:
11:78:09:c2:f1:45:11:2d:0a:3e:94:ae:38:47:6d:98:c6:4c:
ef:3c:17:fa:05:a3:37:c4:eb:f0:9c:db:42:b7:36:d2:5b:a1:
cf:76:69:8f:81:d9:ea:49:d3:6d:48:e5:bd:04:83:4c:44:fe:
cc:6d:a2:84:53:bc:4f:e1:3c:31:87:bb:89:6e:51:7b:0a:35:
c9:77:da:d9:5f:06:f0:d2:dd:5e:3f:e0:4f:50:96:20:75:f6:
4b:4b:aa:70:63:d5:b7:25:68:1e:33:72:29:4a:fd:a2:41:c6:
14:65:e8:2b:a8:8c:9e:25:d6:1c:a5:bb:be:d6:4a:bc:4c:bd:
9b:bc:15:c5:cd:3e:cf:67:10:b3:e2:48:73:88:21:72:b4:93:
94:35:81:51:16:c2:d0:aa:19:d1:88:fa:c6:1e:21:c4:64:db:
db:f9:bf:be:b1:5c:c6:5d:a9:0f:ee:0c:46:8d:2e:5a:ae:29:
b0:f3:30:26:7b:3f:94:39:4f:6e:35:ac:5b:d9:9a:12:f5:c2:
cf:31:09:9d:f7:55:a0:e8:9a:ba:2f:56:03:4b:9c:fe:1f:cc:
b4:ae:ed:49:c4:04:fd:93:a0:e4:de:58:55:55:30:77:36:2a:
70:18:c9:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyaPZzfl4a3nKZLSH6d/IOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MDUxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzE4MzlkZTViZThlNTJkMjJhYTVlYjQxZmFkMjk5NmE1YjcxZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvieIwdO/Rfcm3i3bWvnoUQ8oBRiF
qF+V1xRQCZ6Te0uBGaQKz4DH6CWWMQCnAHu32rjij7fWybvtgAeshOqMSfzw/ODa
Rc9qmMjEPqVY3vIkWC1sSICWn70YhZp06u/jkeWHrGO3cNDYIy7KFdEfMqjEWmeA
UIY1UE9zRH6DC5vlINxQjJrp5ZIttANs9GjqC3jG23RfuNOVMyHvxz3Cpus6EZhA
yPfNgc4WlVKH0SPIiDexw9DAB64yOsZeWI1FiQL2op+33Ks8L0yZcln0Nz6XkxUe
EOnfg5KNbXqXQYuvD2eOfeMw16AaF7WaneE9xqNHFNypEyLDU33HCcNtBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFcYOd5b6OUtIqpetB+tKZaltx08MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVnhnNTNsdm81UzBpcWw2MEg2MHBscVczSFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAhf21EetxIik8zUHqnP
DFOIVBF4CcLxRREtCj6UrjhHbZjGTO88F/oFozfE6/Cc20K3NtJboc92aY+B2epJ
021I5b0Eg0xE/sxtooRTvE/hPDGHu4luUXsKNcl32tlfBvDS3V4/4E9QliB19ktL
qnBj1bclaB4zcilK/aJBxhRl6CuojJ4l1hylu77WSrxMvZu8FcXNPs9nELPiSHOI
IXK0k5Q1gVEWwtCqGdGI+sYeIcRk29v5v76xXMZdqQ/uDEaNLlquKbDzMCZ7P5Q5
T241rFvZmhL1ws8xCZ33VaDomrovVgNLnP4fzLSu7UnEBP2ToOTeWFVVMHc2KnAY
yRQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:42 2025 by rpki-client