Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sTaeaVl555D031dYKtDLeEuVhnQ.roa
File: sTaeaVl555D031dYKtDLeEuVhnQ.roa (raw, json)
Hash identifier: wliff7saIoUCw4ug2JNUoBR1+AZD6LCX5h/9vD6tw8g=
Subject key identifier: B1:36:9E:69:59:79:E7:90:F4:DF:57:58:2A:D0:CB:78:4B:95:86:74
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEDB2668379FF69DCF403D272FD0B91A7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sTaeaVl555D031dYKtDLeEuVhnQ.roa
Signing time: Wed 28 Feb 2024 03:11:48 +0000
ROA not before: Wed 28 Feb 2024 03:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:b2:66:83:79:ff:69:dc:f4:03:d2:72:fd:0b:91:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 03:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1369e695979e790f4df57582ad0cb784b958674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7e:00:4a:e7:75:a5:be:e4:3a:55:c9:ac:15:
79:94:a0:42:18:ea:84:c1:40:5d:e8:3a:d1:34:40:
9d:63:8e:a5:7d:fd:fb:d1:ba:c4:9b:cb:e1:9b:e6:
3a:d2:bc:6b:a1:05:8e:96:8b:94:c1:b6:87:13:83:
50:53:9d:f9:96:c4:6c:17:df:a7:d6:5c:6a:d9:fa:
40:42:5e:b1:39:6d:8b:92:a8:85:38:e1:12:f1:d2:
0d:84:c0:0f:fd:ab:c3:aa:5b:f9:10:10:9b:a5:56:
97:61:5c:6b:28:1a:5b:67:65:b3:29:95:e5:48:ba:
d6:37:fb:c2:42:ab:d2:76:4c:61:f6:01:da:6e:20:
55:ce:b2:33:f6:59:a1:99:06:f6:40:83:c2:02:23:
28:15:f8:a8:ca:50:06:c7:99:0c:cb:cd:36:1e:fb:
d5:73:dc:ee:d6:33:17:61:57:94:7d:53:ea:1d:7f:
5d:21:dd:54:fb:0e:9d:fd:8a:2c:29:37:b3:a2:6e:
76:af:36:da:07:2d:4c:f0:78:8e:69:e6:f8:9f:7d:
77:22:48:72:1c:63:3b:cf:7d:b0:7f:01:85:33:7a:
e7:d9:28:0e:8a:b1:1f:cc:4d:bf:64:90:12:09:71:
a2:cf:4f:e7:c8:a5:37:71:f2:f8:03:96:a1:71:15:
9e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:36:9E:69:59:79:E7:90:F4:DF:57:58:2A:D0:CB:78:4B:95:86:74
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sTaeaVl555D031dYKtDLeEuVhnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:1d:ff:46:6e:d9:b4:ef:4d:d6:3c:0c:47:cd:dd:1e:fc:2f:
9b:ac:4c:d5:74:da:11:1e:4d:81:55:c2:9b:94:ce:ae:38:81:
c5:f7:25:a8:d4:ec:d7:f9:7e:42:f8:84:e9:5a:76:c2:66:4d:
1c:58:44:93:47:45:de:01:44:1d:72:51:73:82:98:bf:7c:8f:
72:19:a7:f1:50:dc:98:e8:b1:6e:64:56:7a:c4:ab:bc:f2:e6:
8b:80:80:eb:9e:d1:2b:9e:4a:b0:6d:05:f0:cc:15:0d:e2:ed:
63:c7:47:74:f2:2f:51:b0:02:dc:ce:3c:d7:d1:84:36:e7:a0:
59:b1:ca:69:b9:45:09:9f:91:70:26:e1:67:8c:ad:49:d4:d6:
cb:5f:52:33:62:0e:af:bb:61:f8:3a:79:3a:1f:80:d7:a7:33:
ca:2a:d9:19:bc:b2:51:f8:f9:8c:35:6b:9d:06:dc:f6:be:a7:
3b:bd:dc:e5:51:93:09:d4:1f:fb:d4:08:4f:2a:a7:1a:c8:72:
a5:cd:cd:df:e5:59:88:1e:74:fa:c9:ba:c4:56:e0:d9:00:5c:
dc:c1:a3:d4:52:66:3f:a0:64:dc:7e:fa:7b:bf:c1:d3:7a:cb:
4a:b7:49:a3:69:28:d8:73:d8:04:51:3c:60:04:56:49:42:4a:
3b:68:db:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3tsmaDef9p3PQD0nL9C5GnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDMxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTM2OWU2OTU5NzllNzkwZjRkZjU3NTgyYWQwY2I3ODRiOTU4Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn4ASud1pb7kOlXJrBV5lKBCGOqE
wUBd6DrRNECdY46lff370brEm8vhm+Y60rxroQWOlouUwbaHE4NQU535lsRsF9+n
1lxq2fpAQl6xOW2LkqiFOOES8dINhMAP/avDqlv5EBCbpVaXYVxrKBpbZ2WzKZXl
SLrWN/vCQqvSdkxh9gHabiBVzrIz9lmhmQb2QIPCAiMoFfioylAGx5kMy802HvvV
c9zu1jMXYVeUfVPqHX9dId1U+w6d/YosKTezom52rzbaBy1M8HiOaeb4n313Ikhy
HGM7z32wfwGFM3rn2SgOirEfzE2/ZJASCXGiz0/nyKU3cfL4A5ahcRWevwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLE2nmlZeeeQ9N9XWCrQy3hLlYZ0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvc1RhZWFWbDU1NUQwMzFkWUt0RExlRXVWaG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABUd/0Zu2bTvTdY8DEfN
3R78L5usTNV02hEeTYFVwpuUzq44gcX3JajU7Nf5fkL4hOladsJmTRxYRJNHRd4B
RB1yUXOCmL98j3IZp/FQ3JjosW5kVnrEq7zy5ouAgOue0SueSrBtBfDMFQ3i7WPH
R3TyL1GwAtzOPNfRhDbnoFmxymm5RQmfkXAm4WeMrUnU1stfUjNiDq+7Yfg6eTof
gNenM8oq2Rm8slH4+Yw1a50G3Pa+pzu93OVRkwnUH/vUCE8qpxrIcqXNzd/lWYge
dPrJusRW4NkAXNzBo9RSZj+gZNx++nu/wdN6y0q3SaNpKNhz2ARRPGAEVklCSjto
29Q=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:41:35 2025 by rpki-client