Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/woyLZv_fAnV0vHwoaWsscUBg-Mw.roa
File: woyLZv_fAnV0vHwoaWsscUBg-Mw.roa (raw, json)
Hash identifier: p3Ru4i1XZUnCyXcsqRJ1PVlj11yoGW5jIoRA7u9RnGE=
Subject key identifier: C2:8C:8B:66:FF:DF:02:75:74:BC:7C:28:69:6B:2C:71:40:60:F8:CC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D867BC79A2B4E59F546F07A6967F285BE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/woyLZv_fAnV0vHwoaWsscUBg-Mw.roa
Signing time: Thu 08 Feb 2024 02:11:15 +0000
ROA not before: Thu 08 Feb 2024 02:11:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:86:7b:c7:9a:2b:4e:59:f5:46:f0:7a:69:67:f2:85:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 8 02:11:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c28c8b66ffdf027574bc7c28696b2c714060f8cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:db:b3:28:fb:3f:40:94:56:a8:2c:e5:e0:dc:
5e:c3:4b:2d:6f:30:1d:59:32:d3:86:fb:0e:a7:53:
75:8f:86:54:d9:19:7b:d5:88:6d:75:4e:3c:3b:c7:
a4:40:9f:ca:10:be:a3:20:c1:60:56:60:75:5f:96:
57:ae:78:69:f6:fd:80:93:40:cc:7d:3f:6e:76:d1:
9a:59:2c:77:8e:88:c2:5a:a9:aa:08:fd:d7:a5:c1:
26:ed:2e:0d:32:da:52:7d:d1:f7:e8:c6:37:20:fa:
e4:c9:cc:db:cd:03:05:34:ca:ee:e4:f6:ad:90:99:
19:df:d4:1e:c7:16:33:ea:4e:a5:cc:98:22:4e:02:
ed:44:d3:1b:1d:18:c4:cb:db:aa:88:81:ed:f4:b6:
33:15:20:70:bb:39:47:89:65:02:5a:71:76:1d:ba:
e0:6c:d4:ec:94:1e:a9:f6:2c:98:88:a2:d6:47:a7:
f6:b2:7d:88:1a:c7:aa:95:d2:a5:86:7a:46:cb:8b:
c6:6e:76:1d:0f:38:d8:32:22:48:fe:71:96:0c:35:
c9:46:71:98:a0:95:84:ab:a1:c1:6d:22:dd:b8:cf:
4b:93:81:97:94:5a:52:c1:93:43:3b:1a:78:3b:93:
fc:59:db:45:4a:9e:ad:5e:21:38:55:50:9f:ca:a5:
07:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:8C:8B:66:FF:DF:02:75:74:BC:7C:28:69:6B:2C:71:40:60:F8:CC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/woyLZv_fAnV0vHwoaWsscUBg-Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:64:59:f0:06:86:0e:49:28:5f:04:b3:1d:35:cc:65:4d:44:
ff:2d:b1:22:84:c4:3c:10:6e:0e:4e:4e:f0:dd:8c:e7:2f:9f:
f0:3e:f9:0a:73:b3:0a:db:86:60:ad:90:8a:06:38:ca:b2:68:
c4:72:2d:c2:97:5b:d7:1f:04:7e:fb:d0:34:26:ea:92:99:d1:
ea:54:ac:97:a2:b8:e5:83:60:48:20:dc:8a:2c:2e:c8:67:0c:
f7:42:b9:cf:a1:49:b4:09:17:4d:64:d3:2a:ca:43:c3:f0:f9:
6c:b2:de:4d:6a:de:da:42:c6:95:9d:ff:1a:eb:58:b9:8d:39:
42:e2:40:dd:fc:d0:9a:39:de:2b:d5:c8:df:61:4e:4f:dc:d0:
f4:2c:09:7f:7a:e5:49:62:cc:a6:eb:7f:7c:62:ea:08:fc:de:
e1:14:b3:51:03:ff:2e:09:11:2e:b6:3f:20:51:8f:e9:9c:cd:
da:eb:f6:fa:d6:21:81:47:e9:a6:2d:98:c5:4c:75:48:08:8b:
34:8f:6a:22:c5:15:31:1e:d8:6e:9d:43:e8:d9:b1:3f:f3:34:
cc:52:52:38:c8:37:55:73:93:e4:60:4e:94:55:63:74:c8:1f:
40:4d:bd:f8:f2:fa:8d:98:09:a6:ee:40:da:f9:1a:4f:a7:ef:
e4:2a:ee:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2Ge8eaK05Z9Ubwemln8oW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA4MDIxMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhjOGI2NmZmZGYwMjc1NzRiYzdjMjg2OTZiMmM3MTQwNjBmOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19uzKPs/QJRWqCzl4Nxew0stbzAd
WTLThvsOp1N1j4ZU2Rl71YhtdU48O8ekQJ/KEL6jIMFgVmB1X5ZXrnhp9v2Ak0DM
fT9udtGaWSx3jojCWqmqCP3XpcEm7S4NMtpSfdH36MY3IPrkyczbzQMFNMru5Pat
kJkZ39QexxYz6k6lzJgiTgLtRNMbHRjEy9uqiIHt9LYzFSBwuzlHiWUCWnF2Hbrg
bNTslB6p9iyYiKLWR6f2sn2IGseqldKlhnpGy4vGbnYdDzjYMiJI/nGWDDXJRnGY
oJWEq6HBbSLduM9Lk4GXlFpSwZNDOxp4O5P8WdtFSp6tXiE4VVCfyqUHhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMKMi2b/3wJ1dLx8KGlrLHFAYPjMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd295TFp2X2ZBblYwdkh3b2FXc3NjVUJnLU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIpkWfAGhg5JKF8Esx01
zGVNRP8tsSKExDwQbg5OTvDdjOcvn/A++QpzswrbhmCtkIoGOMqyaMRyLcKXW9cf
BH770DQm6pKZ0epUrJeiuOWDYEgg3IosLshnDPdCuc+hSbQJF01k0yrKQ8Pw+Wyy
3k1q3tpCxpWd/xrrWLmNOULiQN380Jo53ivVyN9hTk/c0PQsCX965UlizKbrf3xi
6gj83uEUs1ED/y4JES62PyBRj+mczdrr9vrWIYFH6aYtmMVMdUgIizSPaiLFFTEe
2G6dQ+jZsT/zNMxSUjjIN1Vzk+RgTpRVY3TIH0BNvfjy+o2YCabuQNr5Gk+n7+Qq
7vY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:12 2025 by rpki-client