Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0Dv5IVZI6xhoNg6aLaxONtW1rRQ.roa
File: 0Dv5IVZI6xhoNg6aLaxONtW1rRQ.roa (raw, json)
Hash identifier: BSWkBMWYi8btaQYlCJsjl7sTb/+ll0jX3WYiqgQFTug=
Subject key identifier: D0:3B:F9:21:56:48:EB:18:68:36:0E:9A:2D:AC:4E:36:D5:B5:AD:14
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA0A0EE1ADF5DD4E9362D6243982D5F44
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0Dv5IVZI6xhoNg6aLaxONtW1rRQ.roa
Signing time: Tue 02 Apr 2024 21:04:44 +0000
ROA not before: Tue 02 Apr 2024 21:04:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:a0a0:633b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a0:a0:ee:1a:df:5d:d4:e9:36:2d:62:43:98:2d:5f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 21:04:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d03bf9215648eb1868360e9a2dac4e36d5b5ad14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3a:78:3f:f5:7d:93:9e:f6:6b:30:9d:4f:b2:
80:9a:b3:0d:27:3c:cb:69:fc:d4:24:98:b0:f6:40:
45:de:12:8b:e2:e7:0c:db:6c:06:93:a3:5f:69:d2:
37:2e:d6:15:46:c7:5a:ee:db:ba:bc:60:f2:3b:ad:
ac:34:c2:a7:1a:0c:8c:82:8d:bc:ee:0a:57:0b:65:
91:f4:1b:3a:9e:c0:49:6c:f7:92:74:6e:a5:d7:28:
da:92:d0:e5:06:fc:50:9b:e2:12:53:fa:1a:94:db:
33:11:ac:fc:7f:b0:13:06:79:08:40:30:9c:3d:5e:
a6:01:72:a7:19:f7:95:e7:05:34:27:0b:1f:a6:c0:
94:bc:fe:6c:b0:64:c9:11:8f:09:b7:e5:a8:3b:8a:
53:0f:7b:d1:7f:0e:22:f9:56:69:84:e2:1e:91:f1:
49:aa:cf:19:f9:65:af:a5:a0:a6:36:93:6c:ed:ee:
83:80:1e:b9:8e:7e:8a:41:09:d9:2a:f3:fb:51:01:
df:0c:5c:ca:18:ae:e8:f7:78:2f:7f:ac:c9:a8:f6:
45:76:d2:76:e4:3c:6c:0e:e6:a5:79:65:35:98:e7:
cf:35:7b:e5:82:75:a6:d8:af:16:91:86:62:92:b5:
0f:8f:3c:8e:f0:dc:00:61:56:69:cb:fd:df:b3:d3:
d4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3B:F9:21:56:48:EB:18:68:36:0E:9A:2D:AC:4E:36:D5:B5:AD:14
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0Dv5IVZI6xhoNg6aLaxONtW1rRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:2e:59:9f:f1:c2:d8:53:29:5a:08:16:10:64:ff:58:69:d2:
23:4b:d6:40:e5:df:50:4e:ba:85:d3:a3:7b:f1:e2:56:4b:95:
9e:ac:be:a7:41:e9:dc:17:32:61:99:9f:c4:91:04:3f:37:24:
39:d0:93:6b:bb:ee:89:35:6d:f7:ea:47:23:6c:66:5e:9f:b1:
f8:d0:35:b6:0e:c6:b9:e4:51:2f:fd:4b:09:e8:ab:12:af:09:
4d:6c:32:bd:36:26:85:f2:12:7f:d7:90:6b:7e:ac:0c:7e:8d:
29:33:45:d8:ae:b0:6f:d1:8e:c2:aa:ae:23:21:7b:bc:1b:7a:
f0:d7:24:2a:0e:12:9c:3d:e8:71:9a:b2:38:b8:42:bb:05:0a:
da:02:02:b8:b7:53:80:ee:aa:de:5a:0e:11:11:d2:91:d1:b6:
6f:67:17:6b:50:ef:74:66:c8:b7:75:68:3d:51:fd:3d:9e:c1:
0a:c5:50:a0:cf:10:09:12:cd:5d:85:4b:1a:2e:1e:f8:e3:56:
62:2c:83:d8:f3:f9:a4:b9:50:5c:d6:eb:b0:79:0a:03:2a:02:
c9:84:74:67:b7:68:4b:f0:31:c1:fa:7b:e3:86:69:7b:69:e8:
63:3b:43:ac:a6:92:95:d2:40:39:f4:f5:d6:4a:df:31:e3:a5:
bd:6e:b4:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6goO4a313U6TYtYkOYLV9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMjEwNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDNiZjkyMTU2NDhlYjE4NjgzNjBlOWEyZGFjNGUzNmQ1YjVhZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzp4P/V9k572azCdT7KAmrMNJzzL
afzUJJiw9kBF3hKL4ucM22wGk6NfadI3LtYVRsda7tu6vGDyO62sNMKnGgyMgo28
7gpXC2WR9Bs6nsBJbPeSdG6l1yjaktDlBvxQm+ISU/oalNszEaz8f7ATBnkIQDCc
PV6mAXKnGfeV5wU0JwsfpsCUvP5ssGTJEY8Jt+WoO4pTD3vRfw4i+VZphOIekfFJ
qs8Z+WWvpaCmNpNs7e6DgB65jn6KQQnZKvP7UQHfDFzKGK7o93gvf6zJqPZFdtJ2
5DxsDualeWU1mOfPNXvlgnWm2K8WkYZikrUPjzyO8NwAYVZpy/3fs9PUVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNA7+SFWSOsYaDYOmi2sTjbVta0UMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMER2NUlWWkk2eGhvTmc2YUxheE9OdFcxclJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQuWZ/xwthTKVoIFhBk
/1hp0iNL1kDl31BOuoXTo3vx4lZLlZ6svqdB6dwXMmGZn8SRBD83JDnQk2u77ok1
bffqRyNsZl6fsfjQNbYOxrnkUS/9SwnoqxKvCU1sMr02JoXyEn/XkGt+rAx+jSkz
RdiusG/RjsKqriMhe7wbevDXJCoOEpw96HGasji4QrsFCtoCAri3U4Duqt5aDhER
0pHRtm9nF2tQ73RmyLd1aD1R/T2ewQrFUKDPEAkSzV2FSxouHvjjVmIsg9jz+aS5
UFzW67B5CgMqAsmEdGe3aEvwMcH6e+OGaXtp6GM7Q6ymkpXSQDn09dZK3zHjpb1u
tNM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:29:20 2025 by rpki-client