Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WPqaxhq4G5GUqSixUue_sd5jQlM.roa
File: WPqaxhq4G5GUqSixUue_sd5jQlM.roa (raw, json)
Hash identifier: Ugi65nlUni1yo+XGbFTtx3j238PVgOdV8ksxPge+myQ=
Subject key identifier: 58:FA:9A:C6:1A:B8:1B:91:94:A9:28:B1:52:E7:BF:B1:DE:63:42:53
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF684B2CD2B75855D41EFB1435A72582C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WPqaxhq4G5GUqSixUue_sd5jQlM.roa
Signing time: Thu 11 Jan 2024 03:15:40 +0000
ROA not before: Thu 11 Jan 2024 03:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f6:84:b2:cd:2b:75:85:5d:41:ef:b1:43:5a:72:58:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 03:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58fa9ac61ab81b9194a928b152e7bfb1de634253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:41:c2:b6:5f:76:e9:8e:31:d1:3c:1e:5a:77:
2e:0a:30:9f:63:d6:c6:25:49:28:6a:61:6d:17:ad:
08:b8:c8:50:35:83:2c:1d:2d:b3:eb:bb:6a:7d:48:
bf:7e:3a:a1:23:f4:0d:45:ca:90:ae:03:63:bb:6f:
62:17:1c:5a:4a:cb:6e:a2:9a:b4:3a:20:b6:bc:8c:
5b:89:c0:10:61:76:ac:e8:03:fa:47:34:31:25:e1:
6e:42:b9:c0:f5:51:85:58:59:d1:9c:2c:ca:92:85:
24:84:ba:51:a1:4d:29:76:e4:fb:97:e3:b4:00:15:
3a:dd:ed:9f:8c:b5:da:f1:6e:4a:cc:5f:1e:f7:01:
83:66:14:51:a6:fc:fd:63:87:be:9a:e7:9c:e7:a0:
4c:43:df:55:ce:f3:41:90:d3:46:23:1b:59:4a:1d:
be:b0:1b:d9:1d:d9:41:fd:86:aa:81:c9:4a:c4:c4:
de:48:e2:e1:1a:13:11:19:bc:c9:65:cd:5b:f8:6c:
26:5e:db:21:69:d3:d1:00:b9:af:65:b8:23:f8:5a:
5d:4d:1a:04:8e:3b:fc:e5:9a:e3:20:4a:8f:b4:e4:
4b:a0:56:15:1d:43:d9:be:bf:e5:9f:fa:80:ac:0d:
09:57:d7:f2:ab:79:1e:75:1c:dd:28:44:68:c5:d1:
e0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:FA:9A:C6:1A:B8:1B:91:94:A9:28:B1:52:E7:BF:B1:DE:63:42:53
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WPqaxhq4G5GUqSixUue_sd5jQlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:eb:e9:59:9f:26:39:88:6b:9f:36:48:52:a0:39:3c:0f:e5:
1f:3a:c6:08:68:f1:d9:f6:92:3f:80:71:51:0c:57:2c:8d:ef:
ec:f4:61:3c:b4:a9:6e:4b:a9:18:59:b4:24:03:6a:78:18:21:
c9:80:6a:3f:94:0c:0f:15:85:60:aa:d5:ae:ae:4c:bf:15:d1:
e3:7c:a4:75:cc:c8:b8:81:dc:d6:4a:36:77:ea:48:fc:39:88:
09:c2:b6:a7:63:62:dd:89:94:b4:28:a8:93:61:3b:57:c1:1c:
17:2d:68:91:55:1f:a9:40:50:a0:e0:bb:80:4c:1f:1c:a0:4d:
ee:f0:4f:50:78:58:74:fd:b7:44:a3:13:f2:01:b0:77:e1:42:
1d:da:b9:b9:83:d0:e1:95:43:16:71:12:bc:d2:3b:be:11:98:
6a:d1:81:48:5d:c8:bb:3e:ac:54:54:b5:0e:7f:20:34:c4:b8:
e8:5f:90:c8:01:80:ac:b7:6c:93:f2:27:70:9b:74:64:68:c6:
4a:3f:45:9b:e1:be:55:8a:ff:ba:0f:d8:34:c2:a2:a5:79:05:
b4:7d:a4:95:dc:77:04:6b:aa:aa:81:7a:f2:62:be:20:f7:e5:
d3:ab:3d:a6:0b:b8:3c:9a:65:9a:9e:76:74:0f:49:a7:db:be:
00:c0:f6:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz2hLLNK3WFXUHvsUNaclgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDMxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGZhOWFjNjFhYjgxYjkxOTRhOTI4YjE1MmU3YmZiMWRlNjM0MjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUHCtl926Y4x0TweWncuCjCfY9bG
JUkoamFtF60IuMhQNYMsHS2z67tqfUi/fjqhI/QNRcqQrgNju29iFxxaSstuopq0
OiC2vIxbicAQYXas6AP6RzQxJeFuQrnA9VGFWFnRnCzKkoUkhLpRoU0pduT7l+O0
ABU63e2fjLXa8W5KzF8e9wGDZhRRpvz9Y4e+muec56BMQ99VzvNBkNNGIxtZSh2+
sBvZHdlB/YaqgclKxMTeSOLhGhMRGbzJZc1b+GwmXtshadPRALmvZbgj+FpdTRoE
jjv85ZrjIEqPtORLoFYVHUPZvr/ln/qArA0JV9fyq3kedRzdKERoxdHghQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFj6msYauBuRlKkosVLnv7HeY0JTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvV1BxYXhocTRHNUdVcVNpeFV1ZV9zZDVqUWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEfr6VmfJjmIa582SFKg
OTwP5R86xgho8dn2kj+AcVEMVyyN7+z0YTy0qW5LqRhZtCQDangYIcmAaj+UDA8V
hWCq1a6uTL8V0eN8pHXMyLiB3NZKNnfqSPw5iAnCtqdjYt2JlLQoqJNhO1fBHBct
aJFVH6lAUKDgu4BMHxygTe7wT1B4WHT9t0SjE/IBsHfhQh3aubmD0OGVQxZxErzS
O74RmGrRgUhdyLs+rFRUtQ5/IDTEuOhfkMgBgKy3bJPyJ3CbdGRoxko/RZvhvlWK
/7oP2DTCoqV5BbR9pJXcdwRrqqqBevJiviD35dOrPaYLuDyaZZqednQPSafbvgDA
9mQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:57 2025 by rpki-client