Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0xa0aiPpLCAR0IfLN9R6YKj3PPY.roa
File: 0xa0aiPpLCAR0IfLN9R6YKj3PPY.roa (raw, json)
Hash identifier: wPesKnAStUp7IrxVqxi+WYLPvOiOdo6je/Sd9o0dPps=
Subject key identifier: D3:16:B4:6A:23:E9:2C:20:11:D0:87:CB:37:D4:7A:60:A8:F7:3C:F6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C920EE29CDAF4A4EA6FE4C4BB3188148A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0xa0aiPpLCAR0IfLN9R6YKj3PPY.roa
Signing time: Fri 22 Dec 2023 15:04:58 +0000
ROA not before: Fri 22 Dec 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:920e:2c9f/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:92:0e:e2:9c:da:f4:a4:ea:6f:e4:c4:bb:31:88:14:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d316b46a23e92c2011d087cb37d47a60a8f73cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e4:6a:7c:73:48:43:23:f4:f5:ec:67:3c:b0:
1c:d9:d1:3c:78:24:e0:5e:3d:27:32:12:0b:ee:5d:
12:9e:68:73:bc:59:42:1f:e4:d5:77:05:ea:78:9b:
49:0d:8f:93:6a:a9:27:4e:5b:f4:4d:91:52:90:30:
75:04:e7:a9:3f:22:83:31:04:3c:10:5b:a7:e8:21:
7b:57:19:81:a0:91:d1:7a:a1:4f:a8:d6:0c:fc:41:
c1:c0:e0:84:d2:a1:85:36:53:c6:91:a4:71:a3:d8:
ac:d0:c5:73:46:ee:7d:c0:4d:4d:9f:78:b1:bb:a9:
4e:f3:35:c1:bf:9e:0b:56:cd:76:f8:d9:41:1e:c0:
ca:b1:48:cc:f9:8a:33:1d:0f:70:b1:39:5b:51:16:
29:6b:e4:1d:1f:66:6c:49:5b:ff:12:d2:1d:eb:c8:
36:0a:fd:4c:4c:36:7b:0c:14:da:bf:6e:c2:05:77:
69:20:2e:95:d7:1e:04:93:18:f1:6d:2f:d0:cd:72:
16:11:85:f5:c9:99:84:3e:fc:97:8c:c3:c8:1f:b5:
74:a3:5a:e7:06:de:01:3d:5d:51:1d:b1:8c:2e:4d:
47:a9:a5:99:58:1e:9b:dd:5e:c3:7f:8b:e1:94:3c:
e1:cd:ca:4d:16:cb:c6:28:3a:f8:15:e3:51:29:df:
3f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:16:B4:6A:23:E9:2C:20:11:D0:87:CB:37:D4:7A:60:A8:F7:3C:F6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0xa0aiPpLCAR0IfLN9R6YKj3PPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:eb:ee:42:0d:d1:da:06:f6:66:e8:af:71:9f:7e:17:49:b8:
ba:2f:a1:f4:4b:bb:ec:82:03:12:a0:98:df:72:15:41:b4:38:
f2:f5:f8:6e:5c:a1:04:b6:43:a9:49:cf:fd:45:0c:33:59:23:
50:c8:d3:2a:74:71:4c:93:51:97:e5:4f:67:ca:6a:d3:0f:92:
b2:a0:55:25:97:bc:ee:5c:b1:37:75:2a:08:e0:54:36:73:5c:
10:70:63:94:79:78:ec:d6:cf:88:10:53:10:44:aa:02:68:92:
04:fa:59:51:44:92:b1:5a:b0:c5:0a:09:d0:d4:d6:b1:da:7f:
f0:dc:67:d6:d0:55:e2:4e:d5:b0:f2:6a:3d:a8:7f:ce:5f:a2:
b1:28:b2:8c:bb:c8:ed:f4:65:07:74:df:74:40:a1:3d:87:46:
ca:18:4d:74:e6:1a:68:4a:c6:89:1d:e5:35:34:29:2d:1d:a8:
ab:7c:30:42:69:b4:89:55:7d:d1:31:4f:92:db:e1:3f:db:f7:
90:0c:1d:ee:33:95:03:38:17:30:a1:fd:8b:72:13:88:db:8b:
78:e4:c4:7a:38:9c:fd:c9:12:22:ce:ed:48:00:6a:e5:6d:05:
18:27:bd:1d:9f:75:4d:69:06:fa:8b:ff:8b:f8:01:2e:cd:22:
97:13:a5:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYySDuKc2vSk6m/kxLsxiBSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzE2YjQ2YTIzZTkyYzIwMTFkMDg3Y2IzN2Q0N2E2MGE4ZjczY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquRqfHNIQyP09exnPLAc2dE8eCTg
Xj0nMhIL7l0SnmhzvFlCH+TVdwXqeJtJDY+TaqknTlv0TZFSkDB1BOepPyKDMQQ8
EFun6CF7VxmBoJHReqFPqNYM/EHBwOCE0qGFNlPGkaRxo9is0MVzRu59wE1Nn3ix
u6lO8zXBv54LVs12+NlBHsDKsUjM+YozHQ9wsTlbURYpa+QdH2ZsSVv/EtId68g2
Cv1MTDZ7DBTav27CBXdpIC6V1x4EkxjxbS/QzXIWEYX1yZmEPvyXjMPIH7V0o1rn
Bt4BPV1RHbGMLk1HqaWZWB6b3V7Df4vhlDzhzcpNFsvGKDr4FeNRKd8/1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMWtGoj6SwgEdCHyzfUemCo9zz2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMHhhMGFpUHBMQ0FSMElmTE45UjZZS2ozUFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFjr7kIN0doG9mbor3Gf
fhdJuLovofRLu+yCAxKgmN9yFUG0OPL1+G5coQS2Q6lJz/1FDDNZI1DI0yp0cUyT
UZflT2fKatMPkrKgVSWXvO5csTd1KgjgVDZzXBBwY5R5eOzWz4gQUxBEqgJokgT6
WVFEkrFasMUKCdDU1rHaf/DcZ9bQVeJO1bDyaj2of85forEosoy7yO30ZQd033RA
oT2HRsoYTXTmGmhKxokd5TU0KS0dqKt8MEJptIlVfdExT5Lb4T/b95AMHe4zlQM4
FzCh/YtyE4jbi3jkxHo4nP3JEiLO7UgAauVtBRgnvR2fdU1pBvqL/4v4AS7NIpcT
pTw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:59:55 2025 by rpki-client