Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-p-Db7tX6p2gukGClA1xjulK878.roa
File: 1-p-Db7tX6p2gukGClA1xjulK878.roa (raw, json)
Hash identifier: veDSqNX8GJDxF/yU/B4j92VGFnuoFMwBf+C0SIu+9m4=
Subject key identifier: FA:9F:83:6F:BB:57:EA:9D:A0:BA:41:82:94:0D:71:8E:E9:4A:F3:BF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDB74C67288CFD349E64484EEE4E9514B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-p-Db7tX6p2gukGClA1xjulK878.roa
Signing time: Sun 14 Apr 2024 07:14:07 +0000
ROA not before: Sun 14 Apr 2024 07:14:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:74:c6:72:88:cf:d3:49:e6:44:84:ee:e4:e9:51:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 14 07:14:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa9f836fbb57ea9da0ba4182940d718ee94af3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:76:03:4d:9b:fc:8f:c1:01:ba:5c:c8:2b:7f:
e0:de:ac:d6:60:f5:df:2d:cc:28:0f:a6:67:97:4c:
37:45:14:c4:72:95:f4:04:72:ce:a9:2b:e8:52:12:
a0:42:e1:47:6b:fa:bc:95:a1:17:ca:1f:e3:66:5b:
ff:f8:5b:1f:02:b8:7a:70:85:cc:4a:cb:2a:fa:0a:
8f:00:c7:39:7b:57:be:75:98:5b:4e:2e:fb:12:cd:
cc:d6:d3:3b:9c:57:00:67:78:e2:c2:18:74:9f:ed:
31:da:7e:23:6c:aa:29:1b:8a:7d:6e:fc:90:e2:a7:
cf:3e:89:1d:c4:87:2a:9d:cf:44:d5:77:26:31:63:
dd:0e:ba:02:37:d5:30:8d:ab:44:d5:d3:a8:c3:c2:
9d:3d:99:f4:60:81:40:05:3f:83:86:79:a7:e5:4b:
c3:f8:be:c6:ee:bb:ba:b2:2e:a5:68:c8:46:34:3e:
c3:e7:df:39:06:f3:2b:bb:1d:40:e1:7d:42:a6:f3:
1c:7f:7b:4c:80:e0:7e:da:1f:63:19:11:4b:2a:79:
1a:92:e6:64:a6:4c:78:ad:78:77:c1:0a:f0:12:73:
58:90:bf:cf:be:da:c5:e0:a5:2b:04:c6:de:78:72:
4e:55:47:67:78:33:00:f4:bd:08:54:71:53:cd:5a:
e7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9F:83:6F:BB:57:EA:9D:A0:BA:41:82:94:0D:71:8E:E9:4A:F3:BF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-p-Db7tX6p2gukGClA1xjulK878.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:06:75:72:e5:75:e8:ba:7d:87:9c:1d:ab:5b:0b:86:f7:0b:
04:f8:dc:a0:47:49:6f:cb:8e:8e:c6:d9:38:12:ed:e7:b8:59:
7f:bc:6d:de:28:09:c7:b1:32:9d:1f:49:72:2e:6f:75:56:84:
d9:67:80:ee:7e:30:5a:17:70:69:88:f5:1c:dd:03:16:7b:19:
0e:40:25:00:27:17:ea:0b:c5:6d:22:6b:77:6f:90:4a:ad:5a:
ce:02:82:7b:8f:36:8e:53:9e:53:f0:3e:d4:b2:66:44:b0:b8:
85:14:e8:6b:36:3a:80:35:18:8c:74:7d:0d:37:c1:71:ac:0e:
f5:40:f3:a8:49:f3:9a:0e:c6:26:c5:1a:9a:f2:d8:7c:0c:fe:
68:99:31:b4:e6:dc:4d:16:23:23:e4:23:2e:03:96:dc:2c:4c:
7b:67:ed:9e:ea:a3:4a:4c:b7:5d:0e:28:e4:ad:d7:9c:99:e7:
36:9c:47:da:27:85:02:e9:27:d6:1b:16:09:ba:1f:06:4e:28:
30:0f:52:19:29:d6:95:2a:e1:6b:8a:96:29:46:6f:fe:af:b8:
fc:2d:b8:ba:13:11:83:c8:01:87:b4:9e:72:26:bd:57:92:cc:
11:32:58:38:61:59:a1:0b:0c:67:4f:96:ea:d7:23:33:3a:1f:
8a:f6:e4:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7bdMZyiM/TSeZEhO7k6VFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE0MDcxNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTlmODM2ZmJiNTdlYTlkYTBiYTQxODI5NDBkNzE4ZWU5NGFmM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHYDTZv8j8EBulzIK3/g3qzWYPXf
LcwoD6Znl0w3RRTEcpX0BHLOqSvoUhKgQuFHa/q8laEXyh/jZlv/+FsfArh6cIXM
Sssq+gqPAMc5e1e+dZhbTi77Es3M1tM7nFcAZ3jiwhh0n+0x2n4jbKopG4p9bvyQ
4qfPPokdxIcqnc9E1XcmMWPdDroCN9UwjatE1dOow8KdPZn0YIFABT+Dhnmn5UvD
+L7G7ru6si6laMhGND7D5985BvMrux1A4X1CpvMcf3tMgOB+2h9jGRFLKnkakuZk
pkx4rXh3wQrwEnNYkL/PvtrF4KUrBMbeeHJOVUdneDMA9L0IVHFTzVrn1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPqfg2+7V+qdoLpBgpQNcY7pSvO/MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1wLURiN3RYNnAyZ3VrR0NsQTF4anVsSzg3OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQBgBnVy5XXoun2HnB2r
WwuG9wsE+NygR0lvy46Oxtk4Eu3nuFl/vG3eKAnHsTKdH0lyLm91VoTZZ4DufjBa
F3BpiPUc3QMWexkOQCUAJxfqC8VtImt3b5BKrVrOAoJ7jzaOU55T8D7UsmZEsLiF
FOhrNjqANRiMdH0NN8FxrA71QPOoSfOaDsYmxRqa8th8DP5omTG05txNFiMj5CMu
A5bcLEx7Z+2e6qNKTLddDijkrdecmec2nEfaJ4UC6SfWGxYJuh8GTigwD1IZKdaV
KuFripYpRm/+r7j8Lbi6ExGDyAGHtJ5yJr1XkswRMlg4YVmhCwxnT5bq1yMzOh+K
9uQz
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:08:15 2025 by rpki-client