Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0bl0zUETaQdd8161p3OV0ZeDoto.roa
File: 0bl0zUETaQdd8161p3OV0ZeDoto.roa (raw, json)
Hash identifier: Kse6Fs1wzP4qjkdXHJZyyzerpoR+tpY6l+JQhCyxYVo=
Subject key identifier: D1:B9:74:CD:41:13:69:07:5D:F3:5E:B5:A7:73:95:D1:97:83:A2:DA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D4BE166EA590EF61BA47DBDD987C2B783
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0bl0zUETaQdd8161p3OV0ZeDoto.roa
Signing time: Sat 27 Jan 2024 17:04:39 +0000
ROA not before: Sat 27 Jan 2024 17:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:4be0:fb40/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4b:e1:66:ea:59:0e:f6:1b:a4:7d:bd:d9:87:c2:b7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 27 17:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1b974cd411369075df35eb5a77395d19783a2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cb:44:f7:c8:72:ae:5b:ef:31:ef:b0:f8:3b:
98:48:17:dd:39:d4:21:71:ea:11:62:fd:38:5b:95:
c2:6e:62:af:3b:30:2b:bb:37:cc:25:d2:29:2e:5e:
1c:83:18:e0:7b:0e:02:66:ee:18:70:4d:fd:f6:6e:
e8:65:5f:38:51:59:a3:87:eb:1a:45:8a:ad:4d:76:
dc:9f:ee:c8:88:fa:51:70:6d:19:08:40:6f:c2:0b:
b6:85:30:2d:60:df:d7:8b:4e:b8:f5:1e:2b:d9:0b:
66:b5:4b:ef:b7:1f:af:b6:0a:5e:b2:27:c5:e5:38:
2b:56:c7:b4:51:eb:27:bd:a2:ea:2e:9e:39:d1:9f:
80:27:91:b4:02:19:cf:78:b7:a7:94:f1:88:41:57:
ab:66:8e:41:00:84:a1:96:c9:f9:38:cf:6b:de:ba:
70:81:a4:61:4f:1f:7a:df:df:b3:f1:1d:91:2c:76:
fb:9c:e0:95:85:92:15:19:01:53:6a:b5:20:bb:a0:
cc:57:9d:d3:09:02:a7:34:98:82:86:96:b8:05:c4:
f8:bd:d1:d1:10:25:95:0a:4b:a1:2c:ec:10:72:30:
51:1c:e9:b7:02:ab:6f:55:9f:74:48:12:c8:62:63:
0a:79:0b:eb:37:b3:58:7f:1a:79:cf:49:dd:89:70:
b0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B9:74:CD:41:13:69:07:5D:F3:5E:B5:A7:73:95:D1:97:83:A2:DA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0bl0zUETaQdd8161p3OV0ZeDoto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:a4:6c:f8:93:a9:1f:68:8f:80:12:d7:ae:ab:29:43:3f:c0:
53:53:fb:5d:ba:f7:7a:4b:dd:c8:55:41:9d:a8:9d:cc:00:a9:
e0:14:79:1f:7c:47:0f:1d:22:b0:f5:23:31:de:0a:5f:c1:77:
91:a8:8d:97:96:c2:9f:a6:a4:d2:00:9c:d7:df:00:c7:d3:88:
b7:ad:c3:9e:e5:cc:82:5d:f9:de:4d:4b:ed:dd:90:cf:fb:4a:
fd:00:aa:8b:55:9b:aa:12:ce:2f:bd:5d:4e:8f:61:d0:cf:53:
95:a7:d3:e4:a3:7b:a6:54:7c:40:e2:0f:5b:24:67:0a:b8:cd:
33:25:20:a8:c2:7a:ea:71:f9:15:d5:4c:4b:f3:f3:8d:a8:32:
df:d4:cb:99:a5:6d:0c:bb:4a:c5:18:6e:90:e3:f7:d3:92:78:
3b:59:8c:bc:9b:40:4b:b2:72:9b:81:97:34:33:14:f7:24:43:
cc:09:45:1e:ad:92:45:04:06:67:3f:9f:de:93:a5:c0:4f:6c:
e7:92:ea:51:f0:8e:a3:46:20:61:aa:f2:ed:ee:ba:56:7d:43:
14:3a:7d:4f:8d:69:5e:b4:47:6b:f0:02:50:b4:39:67:71:ba:
4c:72:8b:9b:8a:ef:94:44:a9:03:5c:87:32:28:d9:a9:c0:c5:
8d:e6:b8:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1L4WbqWQ72G6R9vdmHwreDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI3MTcwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI5NzRjZDQxMTM2OTA3NWRmMzVlYjVhNzczOTVkMTk3ODNhMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMtE98hyrlvvMe+w+DuYSBfdOdQh
ceoRYv04W5XCbmKvOzAruzfMJdIpLl4cgxjgew4CZu4YcE399m7oZV84UVmjh+sa
RYqtTXbcn+7IiPpRcG0ZCEBvwgu2hTAtYN/Xi0649R4r2QtmtUvvtx+vtgpesifF
5TgrVse0UesnvaLqLp450Z+AJ5G0AhnPeLenlPGIQVerZo5BAIShlsn5OM9r3rpw
gaRhTx9639+z8R2RLHb7nOCVhZIVGQFTarUgu6DMV53TCQKnNJiChpa4BcT4vdHR
ECWVCkuhLOwQcjBRHOm3AqtvVZ90SBLIYmMKeQvrN7NYfxp5z0ndiXCwkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNG5dM1BE2kHXfNetadzldGXg6LaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMGJsMHpVRVRhUWRkODE2MXAzT1YwWmVEb3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHWkbPiTqR9oj4AS166r
KUM/wFNT+12693pL3chVQZ2oncwAqeAUeR98Rw8dIrD1IzHeCl/Bd5GojZeWwp+m
pNIAnNffAMfTiLetw57lzIJd+d5NS+3dkM/7Sv0AqotVm6oSzi+9XU6PYdDPU5Wn
0+Sje6ZUfEDiD1skZwq4zTMlIKjCeupx+RXVTEvz842oMt/Uy5mlbQy7SsUYbpDj
99OSeDtZjLybQEuycpuBlzQzFPckQ8wJRR6tkkUEBmc/n96TpcBPbOeS6lHwjqNG
IGGq8u3uulZ9QxQ6fU+NaV60R2vwAlC0OWdxukxyi5uK75REqQNchzIo2anAxY3m
uKE=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:18:06 2025 by rpki-client