Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wQetX8yZGVhohNF70EMNBr_138c.roa
File: wQetX8yZGVhohNF70EMNBr_138c.roa (raw, json)
Hash identifier: 5pQJKNdmz2bdHuwDGrM4pU0qrXFve/bqyM/gae2Swmg=
Subject key identifier: C1:07:AD:5F:CC:99:19:58:68:84:D1:7B:D0:43:0D:06:BF:F5:DF:C7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECBC8EEFB1C1A2A6C72620CC42FE37D0F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wQetX8yZGVhohNF70EMNBr_138c.roa
Signing time: Thu 11 Apr 2024 06:12:06 +0000
ROA not before: Thu 11 Apr 2024 06:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cb:c8:ee:fb:1c:1a:2a:6c:72:62:0c:c4:2f:e3:7d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 06:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c107ad5fcc9919586884d17bd0430d06bff5dfc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c4:89:c7:a1:d6:ac:c6:a4:84:74:67:ac:50:
eb:30:fc:cf:96:cb:63:60:e5:d9:c5:00:38:74:b5:
bd:49:3a:5a:46:af:6c:49:84:68:e2:10:b4:57:69:
d7:cf:3d:05:aa:e5:0c:ce:4b:f1:f7:08:ac:06:3c:
d5:f9:cd:c1:28:f7:b7:08:7f:e7:ed:b9:56:54:df:
b5:3a:45:49:af:6c:f3:da:10:5c:1b:c2:9b:26:0b:
a7:a9:2f:61:eb:bc:3e:1b:e5:d1:53:09:f4:00:8c:
50:40:ba:80:b9:b2:b4:51:9b:78:74:18:78:d9:57:
6d:9e:ab:56:4c:26:b0:01:39:75:a6:d9:73:ad:81:
ac:cc:e3:e1:f9:a5:80:e4:5d:df:49:7e:b1:55:a8:
3e:e1:2d:3e:45:ac:1a:a5:6c:b2:0a:dd:a7:3e:35:
16:5a:2a:de:11:94:66:8c:ba:06:2c:56:7f:f7:55:
5e:32:cd:e3:27:7f:67:e2:94:a9:87:97:da:be:00:
e3:f5:52:9a:24:2a:33:05:16:77:10:db:40:7b:ff:
5a:4d:6a:45:84:b3:99:e7:ca:6a:79:c0:d1:c4:67:
32:e9:b9:67:eb:84:19:53:23:32:34:3a:71:e1:62:
7e:be:e1:8f:c1:f9:f7:09:22:fc:76:23:32:b0:21:
a3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:07:AD:5F:CC:99:19:58:68:84:D1:7B:D0:43:0D:06:BF:F5:DF:C7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wQetX8yZGVhohNF70EMNBr_138c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:d8:36:18:c6:2f:0e:6c:24:45:49:39:1c:20:bf:ae:7e:e9:
13:ba:07:e9:1e:3f:be:f4:ba:7b:7b:8f:12:1c:5a:94:69:bc:
76:56:fd:9e:66:23:12:5e:52:58:5f:df:69:1b:87:6e:d5:0c:
08:49:98:db:04:47:e9:6b:4f:25:93:21:4d:e1:b7:3c:c1:d0:
e0:c8:77:fa:90:c8:9f:d4:cc:90:7d:e2:1b:d6:68:bb:b2:a4:
ad:19:8d:32:15:ab:23:a5:88:ca:b5:ff:49:d4:e0:a6:37:fa:
f3:05:09:a6:d4:59:48:86:4e:3f:1c:fd:f0:f9:2f:d4:72:44:
ec:db:83:02:22:ef:ab:d0:8d:4b:1f:df:64:bd:c4:28:85:7b:
81:3b:a2:88:57:4a:09:9e:f3:27:4b:f0:87:aa:49:2d:8c:76:
6f:c4:91:b3:96:f5:29:b5:4f:a3:5c:cd:f1:51:b4:f8:47:cc:
a5:38:6f:7c:0e:c0:44:8e:3f:3a:78:69:d6:8b:df:f6:4a:cd:
d7:9a:de:2a:61:68:de:81:e0:c6:a9:08:d8:8b:6e:90:9a:80:
b9:3a:5f:48:66:cf:84:eb:1c:53:a4:c3:9b:11:a0:41:ac:2e:
8d:ef:82:19:71:0e:da:95:be:c5:3c:b7:77:d5:1b:68:ed:47:
f5:69:19:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7LyO77HBoqbHJiDMQv430PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMDYxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA3YWQ1ZmNjOTkxOTU4Njg4NGQxN2JkMDQzMGQwNmJmZjVkZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMSJx6HWrMakhHRnrFDrMPzPlstj
YOXZxQA4dLW9STpaRq9sSYRo4hC0V2nXzz0FquUMzkvx9wisBjzV+c3BKPe3CH/n
7blWVN+1OkVJr2zz2hBcG8KbJgunqS9h67w+G+XRUwn0AIxQQLqAubK0UZt4dBh4
2VdtnqtWTCawATl1ptlzrYGszOPh+aWA5F3fSX6xVag+4S0+RawapWyyCt2nPjUW
WireEZRmjLoGLFZ/91VeMs3jJ39n4pSph5favgDj9VKaJCozBRZ3ENtAe/9aTWpF
hLOZ58pqecDRxGcy6bln64QZUyMyNDpx4WJ+vuGPwfn3CSL8diMysCGj/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMEHrV/MmRlYaITRe9BDDQa/9d/HMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd1FldFg4eVpHVmhvaE5GNzBFTU5Ccl8xMzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFfYNhjGLw5sJEVJORwg
v65+6RO6B+keP770unt7jxIcWpRpvHZW/Z5mIxJeUlhf32kbh27VDAhJmNsER+lr
TyWTIU3htzzB0ODId/qQyJ/UzJB94hvWaLuypK0ZjTIVqyOliMq1/0nU4KY3+vMF
CabUWUiGTj8c/fD5L9RyROzbgwIi76vQjUsf32S9xCiFe4E7oohXSgme8ydL8Ieq
SS2Mdm/EkbOW9Sm1T6NczfFRtPhHzKU4b3wOwESOPzp4adaL3/ZKzdea3iphaN6B
4MapCNiLbpCagLk6X0hmz4TrHFOkw5sRoEGsLo3vghlxDtqVvsU8t3fVG2jtR/Vp
GTk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:20:10 2025 by rpki-client