Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0JhmqIpMYXxF8AyRD5La8HDPJyQ.roa
File: 0JhmqIpMYXxF8AyRD5La8HDPJyQ.roa (raw, json)
Hash identifier: ByNkq49p5X+6fuwfSqpKlr7wJ/LPKiqOUZSGgRVJf7E=
Subject key identifier: D0:98:66:A8:8A:4C:61:7C:45:F0:0C:91:0F:92:DA:F0:70:CF:27:24
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E11B8B4691E75036B98C7532FCC803A2F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0JhmqIpMYXxF8AyRD5La8HDPJyQ.roa
Signing time: Wed 06 Mar 2024 03:05:01 +0000
ROA not before: Wed 06 Mar 2024 03:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:11b8:1e95/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:11:b8:b4:69:1e:75:03:6b:98:c7:53:2f:cc:80:3a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 6 03:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d09866a88a4c617c45f00c910f92daf070cf2724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b6:f9:c8:68:c3:f0:7f:ed:55:4a:ee:03:72:
67:a5:a4:6e:3a:71:db:46:c4:c8:4a:9a:1e:67:18:
22:44:eb:6f:c3:f2:66:2d:60:1a:75:67:bc:20:00:
0c:08:bb:a8:84:89:b5:ee:3d:c0:f0:86:a3:05:12:
f4:73:a6:0e:4d:59:68:e2:55:50:a2:e4:3d:bb:e4:
63:bd:cb:dc:b0:23:a4:97:3b:cf:92:8d:2f:bf:b9:
0d:ab:4d:72:99:10:b1:46:63:9a:7c:40:fe:8f:59:
6f:71:d3:03:1d:44:73:07:25:ba:2a:82:42:d0:94:
df:d0:e9:57:aa:c3:29:78:db:c2:64:f2:d3:ce:f0:
f6:3d:62:45:74:ce:51:4d:61:15:b2:26:3c:d6:9e:
1c:cb:75:cd:81:d2:7a:eb:ca:89:8c:22:f3:ba:3f:
17:aa:80:de:8c:6b:db:d0:92:fa:62:60:a3:bd:b3:
8c:1c:a6:ce:f4:ab:f9:b5:91:b6:13:ae:81:24:86:
05:e9:9e:76:8d:cb:ed:a6:d3:6f:fe:c6:df:c5:c5:
fb:fa:6b:c7:64:82:ee:c7:4b:ef:fc:7f:55:88:30:
59:83:62:62:48:8e:4c:0a:28:9c:22:86:cd:c3:ef:
14:08:ac:87:d7:bc:3f:b1:21:03:78:81:4a:03:88:
b3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:98:66:A8:8A:4C:61:7C:45:F0:0C:91:0F:92:DA:F0:70:CF:27:24
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0JhmqIpMYXxF8AyRD5La8HDPJyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:ab:ff:5b:fa:ef:8d:e3:80:0f:e0:79:a0:54:ad:16:ee:18:
0c:66:e7:35:2b:a9:32:92:9a:c3:ae:f1:8b:e2:30:2a:7d:0c:
eb:af:e1:de:f3:c0:1e:f8:5d:3d:c3:8a:fd:96:f6:e7:20:e0:
91:c2:4a:17:bd:34:27:46:43:8b:a2:ff:54:ac:bc:da:3a:a0:
69:60:5e:d9:6a:f9:6f:a5:6c:60:5c:e6:5f:51:aa:9c:d1:48:
7d:c5:dd:3c:06:01:4d:50:b2:7e:9a:41:9a:8e:46:16:db:51:
36:14:62:e2:04:a4:5a:71:da:e8:63:49:7e:ea:5c:bd:1e:2e:
3e:70:e8:3f:e5:b8:6b:82:69:6e:75:12:ed:5e:fa:d8:b5:16:
87:dc:85:81:52:18:27:4c:21:6a:a7:80:75:a8:36:54:ae:2e:
32:d8:2a:36:98:e6:75:59:af:d8:10:d1:bc:5c:8d:91:80:06:
27:43:ac:0c:6d:b7:d4:29:92:70:45:6b:85:f1:7d:28:07:9c:
67:00:28:fb:e7:b7:05:cd:4b:b0:7e:d1:7d:88:46:80:90:42:
24:d5:8f:fa:a7:52:54:c4:5f:1b:49:3e:63:9b:91:d6:fc:72:
17:58:ea:b4:a7:19:b1:49:6b:d4:fb:0b:b2:73:db:9f:55:fd:
78:55:0b:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4RuLRpHnUDa5jHUy/MgDovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA2MDMwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk4NjZhODhhNGM2MTdjNDVmMDBjOTEwZjkyZGFmMDcwY2YyNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibb5yGjD8H/tVUruA3JnpaRuOnHb
RsTISpoeZxgiROtvw/JmLWAadWe8IAAMCLuohIm17j3A8IajBRL0c6YOTVlo4lVQ
ouQ9u+RjvcvcsCOklzvPko0vv7kNq01ymRCxRmOafED+j1lvcdMDHURzByW6KoJC
0JTf0OlXqsMpeNvCZPLTzvD2PWJFdM5RTWEVsiY81p4cy3XNgdJ668qJjCLzuj8X
qoDejGvb0JL6YmCjvbOMHKbO9Kv5tZG2E66BJIYF6Z52jcvtptNv/sbfxcX7+mvH
ZILux0vv/H9ViDBZg2JiSI5MCiicIobNw+8UCKyH17w/sSEDeIFKA4iz8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNCYZqiKTGF8RfAMkQ+S2vBwzyckMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMEpobXFJcE1ZWHhGOEF5UkQ1TGE4SERQSnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGSr/1v6743jgA/geaBU
rRbuGAxm5zUrqTKSmsOu8YviMCp9DOuv4d7zwB74XT3Div2W9ucg4JHCShe9NCdG
Q4ui/1SsvNo6oGlgXtlq+W+lbGBc5l9RqpzRSH3F3TwGAU1Qsn6aQZqORhbbUTYU
YuIEpFpx2uhjSX7qXL0eLj5w6D/luGuCaW51Eu1e+ti1FofchYFSGCdMIWqngHWo
NlSuLjLYKjaY5nVZr9gQ0bxcjZGABidDrAxtt9QpknBFa4XxfSgHnGcAKPvntwXN
S7B+0X2IRoCQQiTVj/qnUlTEXxtJPmObkdb8chdY6rSnGbFJa9T7C7Jz259V/XhV
C04=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:40:38 2025 by rpki-client