Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vgfqOH3xW13yMF8erFDW6LNL-Fo.roa
File: vgfqOH3xW13yMF8erFDW6LNL-Fo.roa (raw, json)
Hash identifier: NkyqrpMhcWUXVZdzciGgJ9TzGMOTL7UKzESeNrarGFM=
Subject key identifier: BE:07:EA:38:7D:F1:5B:5D:F2:30:5F:1E:AC:50:D6:E8:B3:4B:F8:5A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C992A0985B98F0F726CCFEDB1382C56BE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vgfqOH3xW13yMF8erFDW6LNL-Fo.roa
Signing time: Sun 24 Dec 2023 00:11:58 +0000
ROA not before: Sun 24 Dec 2023 00:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:99:2a:09:85:b9:8f:0f:72:6c:cf:ed:b1:38:2c:56:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 00:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be07ea387df15b5df2305f1eac50d6e8b34bf85a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:31:05:79:34:5c:fe:04:fe:e1:85:a4:b6:80:
b1:57:28:3d:bf:43:dd:78:41:f5:2b:c8:dc:e5:ad:
f4:27:86:b1:d3:e9:b4:57:8b:d9:4c:d7:94:dc:35:
f7:9b:d6:9c:b4:9f:85:78:72:be:af:3b:f9:05:61:
19:08:f3:0e:6d:f5:2c:4a:40:fe:d0:e0:22:cb:27:
19:ee:82:0e:76:21:28:84:6e:43:db:ad:b5:a6:41:
f3:67:64:19:a1:2a:55:38:e0:49:75:36:09:34:72:
28:45:a1:ab:97:ed:cb:37:00:f2:8d:be:25:60:68:
97:ca:ee:d1:9c:26:87:34:7e:5a:88:56:85:76:de:
94:f5:b3:80:f8:f3:cc:cc:41:07:7d:aa:06:e4:f8:
b2:5a:95:9a:66:99:df:08:92:00:bc:12:16:6d:18:
f1:92:c0:29:23:b4:d8:7f:eb:78:0b:3b:30:6a:42:
c5:5c:31:16:f1:08:05:e9:10:2b:67:f4:2b:70:68:
fd:37:93:a2:bc:21:65:a5:8f:bc:fa:19:92:9f:3c:
2b:ec:cf:d6:1a:b9:be:68:c1:d7:98:6b:3c:48:0a:
f8:d6:95:d6:7a:57:4a:9e:39:ad:fa:02:4f:a5:2b:
ea:a7:8a:a2:e5:7d:54:b0:1e:87:cb:c6:d1:e0:7c:
a6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:07:EA:38:7D:F1:5B:5D:F2:30:5F:1E:AC:50:D6:E8:B3:4B:F8:5A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vgfqOH3xW13yMF8erFDW6LNL-Fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:41:aa:bc:2f:f6:2a:df:71:46:c4:05:0b:07:27:79:b7:01:
b4:8c:f3:47:70:07:90:51:57:e7:bc:c6:b2:21:39:67:18:df:
23:96:e6:e7:58:7f:94:4f:0c:89:6c:4a:42:3b:e5:07:e6:8d:
5b:5d:a0:b2:6f:25:05:4c:2c:4a:28:4b:5c:09:71:56:af:07:
03:d4:91:56:3c:0f:d3:91:1c:62:f2:6c:95:33:6b:90:30:15:
26:5b:43:f3:df:ab:42:2b:5a:f7:5b:1c:92:16:da:31:d2:95:
a2:b7:94:64:e9:ff:77:ae:85:0b:66:98:99:26:9b:47:9c:f0:
08:f1:53:8d:4f:9d:61:6d:cd:b7:41:b8:9c:1f:85:6d:87:bc:
7e:cd:8c:57:bb:30:cd:b8:3c:a1:11:c7:29:d4:c4:21:2b:df:
e0:26:6b:fd:71:45:6c:dc:f3:fb:78:98:48:1d:fd:ef:4e:59:
20:49:27:66:d4:bc:43:d8:0a:ae:c5:f7:24:c9:34:f6:33:76:
ab:df:e4:7f:e3:09:68:d0:6f:57:43:a7:6f:39:41:10:be:1e:
be:10:b8:96:2d:d9:78:94:49:03:cd:4e:ec:b4:e7:64:04:04:
f5:5b:06:38:8b:f1:d3:f6:14:84:f0:37:2f:4d:89:53:88:93:
48:ab:2e:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyZKgmFuY8PcmzP7bE4LFa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MDAxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTA3ZWEzODdkZjE1YjVkZjIzMDVmMWVhYzUwZDZlOGIzNGJmODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DEFeTRc/gT+4YWktoCxVyg9v0Pd
eEH1K8jc5a30J4ax0+m0V4vZTNeU3DX3m9actJ+FeHK+rzv5BWEZCPMObfUsSkD+
0OAiyycZ7oIOdiEohG5D2621pkHzZ2QZoSpVOOBJdTYJNHIoRaGrl+3LNwDyjb4l
YGiXyu7RnCaHNH5aiFaFdt6U9bOA+PPMzEEHfaoG5PiyWpWaZpnfCJIAvBIWbRjx
ksApI7TYf+t4CzswakLFXDEW8QgF6RArZ/QrcGj9N5OivCFlpY+8+hmSnzwr7M/W
Grm+aMHXmGs8SAr41pXWeldKnjmt+gJPpSvqp4qi5X1UsB6Hy8bR4Hym0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL4H6jh98Vtd8jBfHqxQ1uizS/haMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdmdmcU9IM3hXMTN5TUY4ZXJGRFc2TE5MLUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFxBqrwv9irfcUbEBQsH
J3m3AbSM80dwB5BRV+e8xrIhOWcY3yOW5udYf5RPDIlsSkI75QfmjVtdoLJvJQVM
LEooS1wJcVavBwPUkVY8D9ORHGLybJUza5AwFSZbQ/Pfq0IrWvdbHJIW2jHSlaK3
lGTp/3euhQtmmJkmm0ec8AjxU41PnWFtzbdBuJwfhW2HvH7NjFe7MM24PKERxynU
xCEr3+Ama/1xRWzc8/t4mEgd/e9OWSBJJ2bUvEPYCq7F9yTJNPYzdqvf5H/jCWjQ
b1dDp285QRC+Hr4QuJYt2XiUSQPNTuy052QEBPVbBjiL8dP2FITwNy9NiVOIk0ir
Lj4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:26 2025 by rpki-client