Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2ogh7qai0WQZqaE_FUFsZ45DREY.roa
File: 2ogh7qai0WQZqaE_FUFsZ45DREY.roa (raw, json)
Hash identifier: Il/x+6oOgEw0QJ7HGCBO9Tak962bx70ikVYimIDDfjE=
Subject key identifier: DA:88:21:EE:A6:A2:D1:64:19:A9:A1:3F:15:41:6C:67:8E:43:44:46
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8B37F03562282BCA4049494D03B1F7B3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2ogh7qai0WQZqaE_FUFsZ45DREY.roa
Signing time: Fri 09 Feb 2024 00:15:15 +0000
ROA not before: Fri 09 Feb 2024 00:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8b:37:f0:35:62:28:2b:ca:40:49:49:4d:03:b1:f7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 9 00:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da8821eea6a2d16419a9a13f15416c678e434446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d3:99:95:c0:ab:d7:c5:76:92:71:45:56:c1:
a9:b5:46:97:4e:b7:29:86:f4:8a:9b:0e:bb:ec:7e:
10:e1:72:ec:53:78:1c:cb:44:bc:b3:ff:49:b3:fe:
fa:2f:00:0d:55:a5:a3:c5:ce:75:b6:33:f4:e5:a8:
a4:72:dd:48:41:e4:a9:36:5c:ea:ee:09:06:29:8c:
a9:d8:78:2b:af:c9:a0:86:7c:41:0b:7a:a5:78:3c:
23:41:df:7f:ab:64:5f:29:75:66:f8:e7:c3:3f:64:
21:1c:c3:79:ca:1a:d9:78:3d:94:3c:70:c3:93:3c:
2d:bf:4b:e6:f4:c6:b6:b9:20:cf:ae:49:86:62:fc:
3f:b9:c0:38:97:eb:c5:ed:10:cc:ba:db:5c:c1:86:
59:c5:5e:64:9d:d3:bc:6e:15:d3:90:77:36:62:1e:
e7:47:cd:cb:e3:be:40:c2:ed:ea:44:ef:60:91:d7:
0d:84:93:40:e3:0c:cc:f7:7f:59:3c:f8:27:c0:13:
7b:89:d9:12:16:8f:89:99:64:95:e4:0d:48:d3:4c:
1b:be:bf:af:c7:3a:12:df:30:b3:d6:46:0b:bd:f4:
d9:7c:2a:be:42:7c:75:6c:1d:fe:60:17:11:50:6e:
ea:a6:2a:af:62:9d:ad:2a:39:1a:ae:02:28:14:ce:
f5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:88:21:EE:A6:A2:D1:64:19:A9:A1:3F:15:41:6C:67:8E:43:44:46
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2ogh7qai0WQZqaE_FUFsZ45DREY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:e1:25:57:2c:95:5a:ab:1a:46:6d:c0:88:66:d0:86:0a:e9:
34:5c:77:d4:15:dc:0e:95:31:f0:62:45:38:74:58:cb:40:99:
bf:a3:1d:f9:0f:87:5e:e9:ee:55:39:65:fb:8b:3e:34:a6:09:
b7:65:c7:f5:3d:9f:9a:5c:04:4f:0c:aa:05:4c:23:51:2d:54:
9b:ad:98:44:ec:8c:df:c1:07:c3:63:09:16:f9:44:32:3f:38:
81:4f:2e:b0:fe:f0:11:07:51:a6:05:ae:9a:47:ec:56:f6:b0:
12:58:44:22:26:1b:b1:d8:de:01:b9:8e:22:1f:e3:68:69:ba:
2e:14:b8:d8:4d:5d:5e:3b:90:35:ca:23:a6:b0:ec:b7:b3:a9:
72:95:c4:cb:d9:7d:3f:55:63:27:34:4f:d1:64:21:9a:91:16:
b9:17:91:bc:58:84:7a:fb:98:7f:f6:40:43:cf:3f:d7:4e:0f:
ef:2a:79:a3:f2:5c:f1:72:3e:df:44:b5:cc:77:b0:53:b5:10:
16:3c:ee:00:79:bd:46:5a:2a:37:f8:de:e8:c0:98:a0:2b:64:
13:7f:e2:25:a5:49:85:df:d3:27:3d:54:ba:3a:12:7d:fa:0c:
89:c0:17:ba:1d:13:8b:e7:f6:f0:be:4d:2e:b4:05:cc:d5:d6:
37:dc:b9:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2LN/A1YigrykBJSU0DsfezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA5MDAxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg4MjFlZWE2YTJkMTY0MTlhOWExM2YxNTQxNmM2NzhlNDM0NDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9OZlcCr18V2knFFVsGptUaXTrcp
hvSKmw677H4Q4XLsU3gcy0S8s/9Js/76LwANVaWjxc51tjP05aikct1IQeSpNlzq
7gkGKYyp2Hgrr8mghnxBC3qleDwjQd9/q2RfKXVm+OfDP2QhHMN5yhrZeD2UPHDD
kzwtv0vm9Ma2uSDPrkmGYvw/ucA4l+vF7RDMuttcwYZZxV5kndO8bhXTkHc2Yh7n
R83L475Awu3qRO9gkdcNhJNA4wzM939ZPPgnwBN7idkSFo+JmWSV5A1I00wbvr+v
xzoS3zCz1kYLvfTZfCq+Qnx1bB3+YBcRUG7qpiqvYp2tKjkargIoFM71FQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNqIIe6motFkGamhPxVBbGeOQ0RGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMm9naDdxYWkwV1FacWFFX0ZVRnNaNDVEUkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC7hJVcslVqrGkZtwIhm
0IYK6TRcd9QV3A6VMfBiRTh0WMtAmb+jHfkPh17p7lU5ZfuLPjSmCbdlx/U9n5pc
BE8MqgVMI1EtVJutmETsjN/BB8NjCRb5RDI/OIFPLrD+8BEHUaYFrppH7Fb2sBJY
RCImG7HY3gG5jiIf42hpui4UuNhNXV47kDXKI6aw7LezqXKVxMvZfT9VYyc0T9Fk
IZqRFrkXkbxYhHr7mH/2QEPPP9dOD+8qeaPyXPFyPt9Etcx3sFO1EBY87gB5vUZa
Kjf43ujAmKArZBN/4iWlSYXf0yc9VLo6En36DInAF7odE4vn9vC+TS60BczV1jfc
uVk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:24:09 2025 by rpki-client