Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wNsixnYl2dYvyC-VX-jltrR0G5c.roa
File: wNsixnYl2dYvyC-VX-jltrR0G5c.roa (raw, json)
Hash identifier: i7EJ9GHkYVLx00u1fpLP5hWKf8PRuWiB7hN/3Akg/Ag=
Subject key identifier: C0:DB:22:C6:76:25:D9:D6:2F:C8:2F:95:5F:E8:E5:B6:B4:74:1B:97
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D72F6D7F907D279DF368E6A38D4A98679
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wNsixnYl2dYvyC-VX-jltrR0G5c.roa
Signing time: Sun 04 Feb 2024 07:13:16 +0000
ROA not before: Sun 04 Feb 2024 07:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:72:f6:d7:f9:07:d2:79:df:36:8e:6a:38:d4:a9:86:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 07:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0db22c67625d9d62fc82f955fe8e5b6b4741b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:09:19:e6:9c:0f:f5:b1:ab:16:23:d0:c3:c4:
a5:51:fa:1b:50:e0:5a:00:3d:d6:a9:ac:7b:6e:b4:
a9:8e:c0:74:98:c3:a2:33:93:f3:b2:3c:e6:1f:65:
27:b4:70:8c:48:be:e3:fe:d5:f1:b4:ab:f4:7b:d3:
2f:38:9c:a4:20:38:e0:5c:a0:39:dc:1b:29:f9:fd:
4d:71:46:de:7c:d8:ea:44:68:bb:d7:75:26:20:09:
38:17:5e:34:a5:8f:e0:96:70:74:29:87:d5:19:33:
b4:3f:ea:ac:3c:6c:d7:1d:01:c6:a0:39:63:34:68:
85:1c:39:09:2a:1d:c1:9f:68:5e:b2:35:34:d1:ca:
78:12:fc:96:45:4f:b6:b2:e2:50:17:4c:ec:2b:4a:
45:cf:b0:c0:c6:8a:a5:e3:2c:b2:d0:15:8e:c0:86:
b1:da:d1:b7:f5:ed:40:d2:85:bf:84:2c:44:17:03:
7a:f0:6f:b0:c1:5f:bd:71:94:c2:0f:78:56:b9:08:
5d:be:ba:55:57:e3:c4:95:9f:e1:7a:d3:ba:6d:e2:
1a:db:2b:a5:a1:74:a8:00:da:38:c3:ea:a1:20:1e:
54:c7:33:ae:e2:97:4d:2a:2e:2c:c0:33:4b:c3:62:
3a:ca:97:26:a1:d6:70:7c:ec:e3:5f:07:f9:0b:07:
b5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:DB:22:C6:76:25:D9:D6:2F:C8:2F:95:5F:E8:E5:B6:B4:74:1B:97
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wNsixnYl2dYvyC-VX-jltrR0G5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:74:4a:57:a6:57:12:c3:50:8d:cd:8a:6d:2a:6b:9f:a0:69:
86:d0:6c:bf:34:c6:03:24:22:2e:d9:fc:5e:fd:45:f6:d9:d6:
24:dd:21:f4:e9:a5:0e:ca:f2:72:33:45:14:38:54:f1:73:52:
dd:77:12:af:ff:ef:38:65:15:47:07:d4:30:a1:7e:83:de:3d:
5a:6b:88:4c:4f:c0:63:e3:c9:b4:ab:bf:3d:97:78:ea:e1:00:
47:3f:47:61:c6:fb:b6:b2:ec:18:48:7d:aa:09:ec:c9:41:49:
78:93:a0:e9:e9:07:db:2e:d2:07:82:f0:f8:74:29:46:51:bf:
84:5f:6b:67:11:96:f5:7d:21:9a:57:16:05:6c:5f:a7:64:31:
52:15:f2:b6:4e:e1:ac:de:8d:e9:df:bb:bf:55:cb:6b:b2:f1:
1e:c0:fb:c5:4a:71:d4:41:76:6f:a9:2d:78:cb:eb:74:55:9f:
cb:aa:bc:5b:09:f4:9f:b3:6b:0f:ec:39:5b:06:39:b3:ab:b5:
4f:99:34:7e:1f:ae:23:15:62:93:3d:7a:b8:7e:34:33:00:7d:
e8:9d:0e:87:d2:1e:be:84:84:68:08:74:e3:31:76:7c:13:02:
24:a0:7e:06:58:46:81:96:93:f2:e4:52:5e:0d:58:54:33:fa:
77:49:88:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1y9tf5B9J53zaOajjUqYZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MDcxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGRiMjJjNjc2MjVkOWQ2MmZjODJmOTU1ZmU4ZTViNmI0NzQxYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwkZ5pwP9bGrFiPQw8SlUfobUOBa
AD3Wqax7brSpjsB0mMOiM5PzsjzmH2UntHCMSL7j/tXxtKv0e9MvOJykIDjgXKA5
3Bsp+f1NcUbefNjqRGi713UmIAk4F140pY/glnB0KYfVGTO0P+qsPGzXHQHGoDlj
NGiFHDkJKh3Bn2hesjU00cp4EvyWRU+2suJQF0zsK0pFz7DAxoql4yyy0BWOwIax
2tG39e1A0oW/hCxEFwN68G+wwV+9cZTCD3hWuQhdvrpVV+PElZ/hetO6beIa2yul
oXSoANo4w+qhIB5UxzOu4pdNKi4swDNLw2I6ypcmodZwfOzjXwf5Cwe1uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMDbIsZ2JdnWL8gvlV/o5ba0dBuXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd05zaXhuWWwyZFl2eUMtVlgtamx0clIwRzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGB0SlemVxLDUI3Nim0q
a5+gaYbQbL80xgMkIi7Z/F79RfbZ1iTdIfTppQ7K8nIzRRQ4VPFzUt13Eq//7zhl
FUcH1DChfoPePVpriExPwGPjybSrvz2XeOrhAEc/R2HG+7ay7BhIfaoJ7MlBSXiT
oOnpB9su0geC8Ph0KUZRv4Rfa2cRlvV9IZpXFgVsX6dkMVIV8rZO4azejenfu79V
y2uy8R7A+8VKcdRBdm+pLXjL63RVn8uqvFsJ9J+zaw/sOVsGObOrtU+ZNH4friMV
YpM9erh+NDMAfeidDofSHr6EhGgIdOMxdnwTAiSgfgZYRoGWk/LkUl4NWFQz+ndJ
iCo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:18:29 2025 by rpki-client