Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wcaD4W8cFSuHReuowyewWR8VRG8.roa
File: wcaD4W8cFSuHReuowyewWR8VRG8.roa (raw, json)
Hash identifier: nwFh9gZGFHyIbXofjWGJaifPe/NAjSW2rZIqwkuznVk=
Subject key identifier: C1:C6:83:E1:6F:1C:15:2B:87:45:EB:A8:C3:27:B0:59:1F:15:44:6F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB5AD898E6FD46796C709E605B48F99AD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wcaD4W8cFSuHReuowyewWR8VRG8.roa
Signing time: Fri 29 Dec 2023 13:04:58 +0000
ROA not before: Fri 29 Dec 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:b5ac:e1a3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:ad:89:8e:6f:d4:67:96:c7:09:e6:05:b4:8f:99:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 29 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1c683e16f1c152b8745eba8c327b0591f15446f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:0c:98:97:9b:85:39:0b:e7:a4:9d:0a:5b:
01:b3:ab:a6:96:4e:a0:0a:cd:eb:87:f0:a0:09:39:
92:5f:88:a5:f5:54:7f:da:ff:0c:69:f3:97:1b:77:
e8:0d:1a:72:57:86:87:41:ac:77:b5:72:77:da:f5:
cc:bb:2a:06:02:4e:d7:b2:86:11:6a:65:26:36:11:
7a:e6:e3:ad:69:b5:1e:97:1d:12:e2:aa:e7:7b:23:
ec:e0:df:06:fa:79:41:d5:ab:af:bf:de:6a:a6:70:
ad:75:e3:59:56:31:09:3a:e5:ff:26:61:ca:f4:d0:
0a:fe:80:4b:da:20:8b:fe:08:a4:80:fd:34:0d:8a:
56:3d:db:aa:1e:93:83:87:b0:e7:84:00:37:e7:26:
69:8e:ad:82:33:d2:cf:5a:af:a3:5d:b8:6f:92:ce:
d2:60:5b:8e:22:04:58:a6:fe:a0:ab:70:86:c1:0f:
78:8c:45:5b:ed:1b:bc:5e:27:5f:90:52:c2:64:cf:
56:88:75:d7:eb:68:2b:d3:12:a3:f6:bd:4b:87:5e:
3d:61:aa:48:35:21:11:1e:23:e7:c6:48:74:a4:c6:
89:87:f3:aa:1c:d4:3f:83:84:ef:47:79:83:23:ce:
57:2a:92:22:5c:0a:53:0a:6e:f5:67:b2:e0:92:24:
d4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C6:83:E1:6F:1C:15:2B:87:45:EB:A8:C3:27:B0:59:1F:15:44:6F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wcaD4W8cFSuHReuowyewWR8VRG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:e1:3c:d2:ea:74:1b:5a:b0:df:cb:aa:8d:c8:db:61:d4:f4:
14:17:17:24:df:c7:96:61:b2:0a:2f:28:26:26:a2:99:98:96:
15:88:e9:d9:79:1e:0c:87:16:95:88:dc:f4:aa:be:df:f0:a3:
3c:25:c6:b1:ca:c5:de:18:54:8b:40:ff:07:ca:39:87:ff:9d:
cf:d7:9f:54:83:09:0a:52:a3:2f:4f:b2:09:5f:fb:ee:da:09:
88:e8:62:96:8f:6d:26:52:27:67:72:2d:6f:05:fd:80:89:bd:
e8:03:7d:f9:fc:a0:dc:70:96:60:88:e2:85:2a:71:52:72:9b:
83:7d:29:ec:af:e7:ad:a4:e5:5a:d8:96:9c:7d:71:46:fc:e1:
1a:dc:fb:43:d6:89:e4:f0:88:dc:84:8a:6a:6b:a5:ee:87:47:
f4:59:ee:c6:3d:9d:5a:0d:b8:c2:b0:4b:d6:b7:72:06:5b:3d:
28:af:82:52:01:8e:c4:4c:14:41:3c:a6:6a:7b:5a:d1:78:a7:
6a:a3:5c:74:78:e3:c3:e0:01:e7:d9:58:a1:c8:8b:66:16:b9:
f8:df:6f:40:02:10:80:2f:36:ac:7f:45:a5:b7:c3:76:9a:fc:
cf:57:fb:0f:47:3f:fd:6b:d1:e4:a3:a8:8f:38:03:b1:3c:bb:
65:f9:9e:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy1rYmOb9RnlscJ5gW0j5mtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI5MTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM2ODNlMTZmMWMxNTJiODc0NWViYThjMzI3YjA1OTFmMTU0NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY0MmJebhTkL56SdClsBs6umlk6g
Cs3rh/CgCTmSX4il9VR/2v8MafOXG3foDRpyV4aHQax3tXJ32vXMuyoGAk7XsoYR
amUmNhF65uOtabUelx0S4qrneyPs4N8G+nlB1auvv95qpnCtdeNZVjEJOuX/JmHK
9NAK/oBL2iCL/gikgP00DYpWPduqHpODh7DnhAA35yZpjq2CM9LPWq+jXbhvks7S
YFuOIgRYpv6gq3CGwQ94jEVb7Ru8XidfkFLCZM9WiHXX62gr0xKj9r1Lh149YapI
NSERHiPnxkh0pMaJh/OqHNQ/g4TvR3mDI85XKpIiXApTCm71Z7LgkiTUwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMHGg+FvHBUrh0XrqMMnsFkfFURvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd2NhRDRXOGNGU3VIUmV1b3d5ZXdXUjhWUkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEnhPNLqdBtasN/Lqo3I
22HU9BQXFyTfx5ZhsgovKCYmopmYlhWI6dl5HgyHFpWI3PSqvt/wozwlxrHKxd4Y
VItA/wfKOYf/nc/Xn1SDCQpSoy9Psglf++7aCYjoYpaPbSZSJ2dyLW8F/YCJvegD
ffn8oNxwlmCI4oUqcVJym4N9Keyv562k5VrYlpx9cUb84Rrc+0PWieTwiNyEimpr
pe6HR/RZ7sY9nVoNuMKwS9a3cgZbPSivglIBjsRMFEE8pmp7WtF4p2qjXHR448Pg
AefZWKHIi2YWufjfb0ACEIAvNqx/RaW3w3aa/M9X+w9HP/1r0eSjqI84A7E8u2X5
nng=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:25:58 2025 by rpki-client