Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wr5Lz6WFN0VevfynWebbcIyOst4.roa
File: wr5Lz6WFN0VevfynWebbcIyOst4.roa (raw, json)
Hash identifier: W8DjLf4T/T75curiNNyRJ7q82/dzHECSWjjXNDrYB4M=
Subject key identifier: C2:BE:4B:CF:A5:85:37:45:5E:BD:FC:A7:59:E6:DB:70:8C:8E:B2:DE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8484E2DC52145F4BD97CA032037138C9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wr5Lz6WFN0VevfynWebbcIyOst4.roa
Signing time: Thu 28 Mar 2024 10:04:45 +0000
ROA not before: Thu 28 Mar 2024 10:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:8484:6866/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:84:e2:dc:52:14:5f:4b:d9:7c:a0:32:03:71:38:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 10:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2be4bcfa58537455ebdfca759e6db708c8eb2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6a:51:78:b3:7c:bc:4e:aa:06:e0:b5:21:56:
ee:39:72:f8:4a:83:dd:ab:6a:8b:3f:32:4d:bd:c7:
dc:f0:0b:9b:14:f0:a9:22:21:ef:0e:cb:87:35:4e:
fa:ee:70:21:77:7e:c0:c9:30:a8:e1:bc:7d:ff:85:
1f:b3:05:54:97:71:75:29:06:05:64:c6:3e:72:4a:
80:dd:cf:96:75:86:fb:e1:28:3e:ad:e4:60:20:70:
84:69:86:e8:49:29:57:e9:20:f1:28:67:1e:cf:c0:
5d:95:bc:21:27:e3:af:4c:62:07:91:97:fc:d9:dc:
93:8d:14:9e:ad:bc:6f:b8:1c:71:78:9b:04:cd:86:
ad:20:13:d1:c9:81:0f:39:5a:cb:94:b8:7f:de:1d:
16:79:00:3f:cc:52:86:84:63:e3:e3:8a:f7:7a:9f:
be:55:d7:96:bc:8c:f2:cc:ec:ca:88:f5:01:ad:60:
fe:35:83:77:b9:2a:6d:b3:60:0b:59:52:09:fc:57:
ce:d1:cf:64:30:33:ea:dd:78:c4:c0:21:e1:11:78:
ce:af:24:b4:a9:d9:70:45:eb:27:64:65:72:0b:6b:
57:d6:9a:92:b7:40:2a:b7:47:98:ab:10:24:00:ad:
84:07:91:ec:09:86:e2:41:11:9a:65:b1:7e:1b:22:
03:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BE:4B:CF:A5:85:37:45:5E:BD:FC:A7:59:E6:DB:70:8C:8E:B2:DE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wr5Lz6WFN0VevfynWebbcIyOst4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:ac:54:8e:2e:7c:4e:5b:cd:96:32:33:1a:93:6d:dc:41:c5:
59:ba:60:c4:0e:11:04:5f:bb:1a:53:99:7c:ac:22:39:f8:46:
e4:f7:d2:28:d0:51:fe:cc:d7:15:53:2c:bd:6f:65:d2:a2:f6:
fd:c3:d2:9f:a1:0f:1c:5f:3a:5b:31:61:a4:bb:14:5c:21:46:
aa:7d:c2:e3:98:09:c6:97:ec:6b:96:d4:18:36:32:dd:cf:39:
4d:24:bf:9d:01:62:87:3f:70:a1:45:b6:39:03:5b:8f:67:05:
d9:5e:6d:43:b5:2d:cc:65:cd:a0:38:53:90:4d:46:8e:00:d7:
38:32:de:a0:13:28:fc:bc:54:ed:ba:4d:5e:5a:cb:71:47:70:
0e:ca:64:f8:e3:13:28:68:33:fb:5a:63:b9:20:57:85:60:aa:
9b:94:59:b6:cd:4e:0b:c3:7c:60:cc:7c:48:05:af:56:fb:29:
10:d6:d8:2b:96:dd:1a:50:4a:eb:dd:92:e3:2d:e7:4d:ab:c9:
58:fe:8b:b7:03:1b:f5:89:25:2a:8f:52:a0:6b:a1:31:f2:50:
5e:bb:5e:85:2a:72:66:2c:98:64:17:b5:d9:85:33:5c:a1:fc:
9a:2c:2d:46:f1:17:15:24:9e:a3:02:ba:e0:ff:43:74:12:a5:
17:5c:fa:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6EhOLcUhRfS9l8oDIDcTjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MTAwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJlNGJjZmE1ODUzNzQ1NWViZGZjYTc1OWU2ZGI3MDhjOGViMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGpReLN8vE6qBuC1IVbuOXL4SoPd
q2qLPzJNvcfc8AubFPCpIiHvDsuHNU767nAhd37AyTCo4bx9/4UfswVUl3F1KQYF
ZMY+ckqA3c+WdYb74Sg+reRgIHCEaYboSSlX6SDxKGcez8BdlbwhJ+OvTGIHkZf8
2dyTjRSerbxvuBxxeJsEzYatIBPRyYEPOVrLlLh/3h0WeQA/zFKGhGPj44r3ep++
VdeWvIzyzOzKiPUBrWD+NYN3uSpts2ALWVIJ/FfO0c9kMDPq3XjEwCHhEXjOryS0
qdlwResnZGVyC2tX1pqSt0Aqt0eYqxAkAK2EB5HsCYbiQRGaZbF+GyIDzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMK+S8+lhTdFXr38p1nm23CMjrLeMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd3I1THo2V0ZOMFZldmZ5bldlYmJjSXlPc3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIisVI4ufE5bzZYyMxqT
bdxBxVm6YMQOEQRfuxpTmXysIjn4RuT30ijQUf7M1xVTLL1vZdKi9v3D0p+hDxxf
OlsxYaS7FFwhRqp9wuOYCcaX7GuW1Bg2Mt3POU0kv50BYoc/cKFFtjkDW49nBdle
bUO1LcxlzaA4U5BNRo4A1zgy3qATKPy8VO26TV5ay3FHcA7KZPjjEyhoM/taY7kg
V4VgqpuUWbbNTgvDfGDMfEgFr1b7KRDW2CuW3RpQSuvdkuMt502ryVj+i7cDG/WJ
JSqPUqBroTHyUF67XoUqcmYsmGQXtdmFM1yh/JosLUbxFxUknqMCuuD/Q3QSpRdc
+j0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:52:44 2025 by rpki-client