Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c2lZd10__OuCJwUDzoWP1h-OjMk.roa
File: c2lZd10__OuCJwUDzoWP1h-OjMk.roa (raw, json)
Hash identifier: N6VT8sCqRsjjVK/QGl08HwBmIwzJnbkE87MBcet4CXw=
Subject key identifier: 73:69:59:77:5D:3F:FC:EB:82:27:05:03:CE:85:8F:D6:1F:8E:8C:C9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA15171AF3400BFB7F42EF1F7AB59C76F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c2lZd10__OuCJwUDzoWP1h-OjMk.roa
Signing time: Mon 25 Dec 2023 14:11:58 +0000
ROA not before: Mon 25 Dec 2023 14:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:51:71:af:34:00:bf:b7:f4:2e:f1:f7:ab:59:c7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 14:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=736959775d3ffceb82270503ce858fd61f8e8cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:57:76:8c:25:5d:d5:7b:30:e2:c8:56:6d:
ff:60:72:cb:28:26:07:30:af:78:dc:69:7e:69:18:
af:e8:bc:a1:c9:ba:87:01:1c:cd:a0:84:b8:99:65:
a1:b3:10:4c:51:da:ba:b1:96:b8:b9:4f:22:b4:94:
a6:43:e8:34:bc:5f:3c:ca:09:50:13:5a:3d:0c:fc:
90:4d:19:8a:42:7e:92:fd:d8:64:a4:1f:37:f1:f7:
c8:79:8a:cb:bf:a0:bd:3f:cb:10:14:cf:c0:50:7c:
d4:c3:c6:e6:1d:6d:3c:c6:0c:21:6e:74:d5:25:45:
ea:1b:8b:c8:0e:5e:e8:10:67:ae:df:17:62:43:0a:
54:f7:40:d5:1f:02:6f:05:6f:fe:f1:76:29:18:4d:
6d:6e:e8:b6:6c:19:d4:18:81:c3:d9:d4:fd:9b:63:
47:12:9a:14:5f:45:77:0b:47:54:cd:1c:81:a0:7f:
ff:39:04:e5:94:2f:aa:6a:a4:68:0c:99:76:28:e1:
0c:22:1c:b2:2a:54:65:bd:b2:91:eb:bb:eb:69:ad:
31:67:ae:0e:16:2f:7d:50:df:ca:61:68:ec:f8:a5:
74:a1:c6:2b:cc:13:8e:5c:60:ab:5b:1f:f9:bb:f4:
56:36:eb:4c:40:4e:70:75:89:53:78:e3:ed:24:15:
02:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:69:59:77:5D:3F:FC:EB:82:27:05:03:CE:85:8F:D6:1F:8E:8C:C9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c2lZd10__OuCJwUDzoWP1h-OjMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:27:56:6b:84:9b:fc:57:98:3a:fc:f2:4e:b0:af:52:ae:7e:
f5:c6:21:26:60:bb:9c:32:ca:94:ba:c6:2a:e1:02:a2:59:cc:
09:8b:de:b7:4b:94:93:27:69:5c:29:a0:97:e0:4a:a0:d7:e3:
8d:17:d2:12:a2:c3:9b:b6:be:e2:a0:78:f0:15:f6:97:26:98:
a6:9f:8a:23:bb:cc:be:34:bd:0b:98:14:06:63:07:ab:18:7d:
74:26:64:83:ab:a3:1b:9d:b2:87:b3:c0:de:87:4d:74:70:1d:
0c:99:3b:62:6f:02:39:90:6c:46:da:bd:cb:bd:ef:f5:e3:00:
74:8e:12:53:cd:eb:b0:ec:f5:ec:11:c9:b2:62:b9:94:d3:a9:
77:a0:a3:9d:82:f8:f5:4c:f3:be:5b:0e:a3:72:86:fe:64:be:
d6:16:22:a4:be:cf:9e:51:ae:6a:59:5f:55:94:57:17:12:5f:
c8:5c:83:05:8e:45:9a:23:0d:93:45:33:7e:4f:6f:8d:47:e5:
ec:68:da:df:6d:eb:81:82:d6:c4:01:85:9d:5c:f8:ac:c5:c6:
e6:2a:37:b5:31:ec:4a:6e:4a:81:71:6a:7c:bf:64:ed:54:38:
8a:26:29:b6:fa:ff:47:27:a5:d8:04:ec:34:f0:a9:ee:36:58:
74:f7:01:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyhUXGvNAC/t/Qu8ferWcdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MTQxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY5NTk3NzVkM2ZmY2ViODIyNzA1MDNjZTg1OGZkNjFmOGU4Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu99XdowlXdV7MOLIVm3/YHLLKCYH
MK943Gl+aRiv6LyhybqHARzNoIS4mWWhsxBMUdq6sZa4uU8itJSmQ+g0vF88yglQ
E1o9DPyQTRmKQn6S/dhkpB838ffIeYrLv6C9P8sQFM/AUHzUw8bmHW08xgwhbnTV
JUXqG4vIDl7oEGeu3xdiQwpU90DVHwJvBW/+8XYpGE1tbui2bBnUGIHD2dT9m2NH
EpoUX0V3C0dUzRyBoH//OQTllC+qaqRoDJl2KOEMIhyyKlRlvbKR67vraa0xZ64O
Fi99UN/KYWjs+KV0ocYrzBOOXGCrWx/5u/RWNutMQE5wdYlTeOPtJBUC2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHNpWXddP/zrgicFA86Fj9YfjozJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYzJsWmQxMF9fT3VDSndVRHpvV1AxaC1Pak1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAConVmuEm/xXmDr88k6w
r1KufvXGISZgu5wyypS6xirhAqJZzAmL3rdLlJMnaVwpoJfgSqDX440X0hKiw5u2
vuKgePAV9pcmmKafiiO7zL40vQuYFAZjB6sYfXQmZIOroxudsoezwN6HTXRwHQyZ
O2JvAjmQbEbavcu97/XjAHSOElPN67Ds9ewRybJiuZTTqXego52C+PVM875bDqNy
hv5kvtYWIqS+z55RrmpZX1WUVxcSX8hcgwWORZojDZNFM35Pb41H5exo2t9t64GC
1sQBhZ1c+KzFxuYqN7Ux7EpuSoFxany/ZO1UOIomKbb6/0cnpdgE7DTwqe42WHT3
AeY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:59:49 2025 by rpki-client