Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rnIWDedcgm5aECxLTWrpkwubsIw.roa
File: rnIWDedcgm5aECxLTWrpkwubsIw.roa (raw, json)
Hash identifier: TG7WGKWLbmaAeAMqTyUmJCrNKTfOOCYd0pxtVwTsUco=
Subject key identifier: AE:72:16:0D:E7:5C:82:6E:5A:10:2C:4B:4D:6A:E9:93:0B:9B:B0:8C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9EC101E4F37C4F9D6CF45B56DA362FAB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rnIWDedcgm5aECxLTWrpkwubsIw.roa
Signing time: Mon 25 Dec 2023 02:14:58 +0000
ROA not before: Mon 25 Dec 2023 02:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9e:c1:01:e4:f3:7c:4f:9d:6c:f4:5b:56:da:36:2f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 02:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae72160de75c826e5a102c4b4d6ae9930b9bb08c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7e:e9:20:62:87:b4:c3:f7:b1:61:a6:4f:90:
50:53:91:b8:5f:26:e3:c7:0a:96:53:36:44:8c:92:
2e:6d:37:5d:5e:48:d6:bd:44:f1:4f:1a:91:a7:32:
64:d8:a1:97:f3:aa:e5:76:9d:1e:c8:41:ed:12:18:
0a:be:d7:d1:88:fd:fe:ac:99:d8:ee:3f:cb:9d:8d:
61:08:a8:22:f6:dc:2d:1a:45:c5:e6:70:47:3c:e5:
47:d8:2b:54:d6:6e:5c:a1:cb:02:6d:75:f8:e3:00:
67:c4:ce:3c:63:e2:a0:fe:e5:5d:5b:c6:69:5f:60:
76:b3:b7:3e:3d:a0:94:c5:45:83:2b:f8:14:ac:bd:
ff:43:64:8d:8f:27:ad:f9:37:cb:7c:7e:35:ca:20:
01:15:b1:07:35:1c:c7:ae:45:42:18:78:66:fe:e7:
32:95:d7:74:66:c6:f6:79:f8:03:9d:b5:88:4b:72:
84:9d:7d:5f:3f:c5:b2:7f:cf:0b:02:df:d5:d5:91:
bb:7e:00:02:9b:5b:84:ac:f9:ce:c6:f1:8e:56:96:
41:95:28:fc:b0:73:98:31:c8:38:f1:62:91:d4:26:
8d:ff:71:9b:86:ea:b7:da:f6:4a:77:f4:ae:d0:e3:
2a:7c:25:f1:6b:14:30:25:ed:f3:a5:5d:03:67:87:
5b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:72:16:0D:E7:5C:82:6E:5A:10:2C:4B:4D:6A:E9:93:0B:9B:B0:8C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rnIWDedcgm5aECxLTWrpkwubsIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:f5:30:8d:84:4a:f3:c4:15:47:83:87:75:60:ce:4b:9b:eb:
02:76:d6:eb:a1:45:ee:ec:d4:08:ef:6c:cd:1a:33:c3:0d:80:
c3:ed:d4:a8:2f:ab:60:e7:74:c1:30:bf:dd:fe:c4:ea:48:d5:
f4:8d:75:ba:f6:a0:68:ab:bb:79:8a:2e:3c:ed:53:33:a4:ad:
70:aa:32:3d:03:4b:42:2a:17:22:3a:84:d5:48:34:18:b1:d2:
1b:76:0f:0a:2a:c2:59:02:78:23:a2:49:6d:a0:28:89:5b:99:
e4:f8:a2:d3:c3:f4:d3:b0:20:f5:fd:0c:34:c5:93:4e:8f:78:
d5:eb:1a:3f:b4:b2:33:37:98:da:2a:b6:80:f5:bb:5f:da:7c:
c8:26:d3:43:d2:56:5a:95:2e:bc:3c:81:20:da:84:8e:2f:48:
7a:7e:fb:4b:f8:fb:47:ed:9e:ae:a7:0c:87:24:a5:e4:4e:0c:
35:21:eb:87:6f:cf:f2:6f:cf:fe:98:af:dc:1e:9f:26:f2:0d:
2f:00:8a:e9:8c:db:62:e0:5f:f5:6e:20:e9:f5:31:b4:1e:3f:
91:77:c3:7f:4d:30:8a:69:c6:25:54:08:5d:d1:12:bd:6d:11:
fb:52:cd:54:57:42:55:2a:2d:8a:70:49:08:66:3e:6a:92:4e:
e5:cd:9d:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyewQHk83xPnWz0W1baNi+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTcyMTYwZGU3NWM4MjZlNWExMDJjNGI0ZDZhZTk5MzBiOWJiMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn7pIGKHtMP3sWGmT5BQU5G4Xybj
xwqWUzZEjJIubTddXkjWvUTxTxqRpzJk2KGX86rldp0eyEHtEhgKvtfRiP3+rJnY
7j/LnY1hCKgi9twtGkXF5nBHPOVH2CtU1m5cocsCbXX44wBnxM48Y+Kg/uVdW8Zp
X2B2s7c+PaCUxUWDK/gUrL3/Q2SNjyet+TfLfH41yiABFbEHNRzHrkVCGHhm/ucy
ldd0Zsb2efgDnbWIS3KEnX1fP8Wyf88LAt/V1ZG7fgACm1uErPnOxvGOVpZBlSj8
sHOYMcg48WKR1CaN/3Gbhuq32vZKd/Su0OMqfCXxaxQwJe3zpV0DZ4dbXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK5yFg3nXIJuWhAsS01q6ZMLm7CMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcm5JV0RlZGNnbTVhRUN4TFRXcnBrd3Vic0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABD1MI2ESvPEFUeDh3Vg
zkub6wJ21uuhRe7s1AjvbM0aM8MNgMPt1Kgvq2DndMEwv93+xOpI1fSNdbr2oGir
u3mKLjztUzOkrXCqMj0DS0IqFyI6hNVINBix0ht2DwoqwlkCeCOiSW2gKIlbmeT4
otPD9NOwIPX9DDTFk06PeNXrGj+0sjM3mNoqtoD1u1/afMgm00PSVlqVLrw8gSDa
hI4vSHp++0v4+0ftnq6nDIckpeRODDUh64dvz/Jvz/6Yr9wenybyDS8AiumM22Lg
X/VuIOn1MbQeP5F3w39NMIppxiVUCF3REr1tEftSzVRXQlUqLYpwSQhmPmqSTuXN
nc8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:08 2025 by rpki-client