Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/33qV7BohIzNEpvsQ5njoukpXfkw.roa
File: 33qV7BohIzNEpvsQ5njoukpXfkw.roa (raw, json)
Hash identifier: OlPi/6NBgsGL8MtGeYA3w3zLWQQQ24NtqJ8xWaLqros=
Subject key identifier: DF:7A:95:EC:1A:21:23:33:44:A6:FB:10:E6:78:E8:BA:4A:57:7E:4C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E03FCE183510BFAC72036351D63E456EF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/33qV7BohIzNEpvsQ5njoukpXfkw.roa
Signing time: Sun 03 Mar 2024 11:04:48 +0000
ROA not before: Sun 03 Mar 2024 11:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:3fc:3ac1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:03:fc:e1:83:51:0b:fa:c7:20:36:35:1d:63:e4:56:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 3 11:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df7a95ec1a21233344a6fb10e678e8ba4a577e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:42:86:2c:1a:a0:03:3c:58:12:4c:80:af:af:
39:2e:bf:89:4d:17:e7:08:ba:29:25:a3:13:16:b8:
87:f7:eb:9e:91:ac:3a:a6:89:2b:ef:09:b0:c9:ec:
53:52:3e:38:77:a2:88:01:34:99:e7:c1:55:df:cf:
20:84:10:8d:0e:c5:33:89:94:45:aa:85:bc:ac:0e:
d2:f5:8c:bd:67:e9:85:96:e9:b5:f7:af:d0:55:d7:
a7:6f:8f:09:3a:92:7c:b7:b7:07:9b:f5:25:af:92:
28:c3:4e:22:dd:59:1d:f8:be:11:ce:c4:1f:a1:35:
52:df:1c:79:35:4d:e2:3b:a4:ae:29:22:c7:a5:c7:
ce:96:54:da:d4:5f:3e:64:04:29:c8:ce:b4:60:86:
e0:c1:dc:51:d1:e7:32:3e:f2:77:02:48:77:20:1e:
23:d8:2a:6a:81:5a:ed:94:2b:35:ff:4b:4a:bd:82:
81:2c:ff:12:0c:30:2a:6a:2f:e7:16:8d:fb:6c:8b:
76:f1:0c:c8:fb:59:e6:f6:13:54:7d:4a:d2:ce:e0:
c4:cc:43:61:6e:e2:96:e9:5f:b9:fd:fd:ea:09:84:
7d:7f:4d:96:9c:2a:13:88:08:ac:02:93:70:52:25:
1a:cb:73:d8:20:50:f0:07:e5:1e:da:69:46:ea:02:
f3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7A:95:EC:1A:21:23:33:44:A6:FB:10:E6:78:E8:BA:4A:57:7E:4C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/33qV7BohIzNEpvsQ5njoukpXfkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:57:c4:5d:0d:62:7c:2a:db:90:59:cf:d0:30:be:a2:8d:7f:
96:22:6d:c1:51:8c:24:c8:f2:08:1d:87:2e:a3:83:64:95:5b:
c7:e9:2e:7f:fb:61:23:dd:d1:5a:30:f2:80:a0:55:d6:35:c1:
6a:4d:b6:db:4a:b9:be:a2:ef:ad:d2:52:36:3f:98:e1:19:31:
bf:31:92:cb:67:68:ad:bb:1b:34:ba:5d:e0:ae:41:e0:1f:82:
f9:2e:9d:01:ba:a0:3b:3b:a4:43:9d:0d:31:5a:55:0a:05:18:
cb:1b:f1:46:cb:81:4d:3c:c4:6a:c0:bb:c9:11:c6:72:7f:ff:
85:94:48:a7:ff:22:03:39:d9:13:e4:90:3b:66:f0:62:35:f8:
be:00:19:82:40:df:9e:5d:20:db:32:ef:c1:c5:48:29:41:a3:
c5:b6:cc:0f:0b:41:07:3d:df:c9:d3:e3:fb:ce:f7:18:a1:d6:
9b:bd:09:4f:66:d6:65:d9:0c:2c:de:10:4c:12:70:10:de:fe:
ff:a0:c8:76:c2:b5:b9:7c:0e:9a:dc:c8:4e:c9:ec:aa:72:79:
14:6f:59:75:aa:aa:83:de:55:77:1d:e5:30:41:98:d5:9b:3f:
18:41:6c:48:71:8f:78:5a:0f:75:42:de:09:d8:6c:6b:2c:1f:
30:f9:92:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4D/OGDUQv6xyA2NR1j5FbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAzMTEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdhOTVlYzFhMjEyMzMzNDRhNmZiMTBlNjc4ZThiYTRhNTc3ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0KGLBqgAzxYEkyAr685Lr+JTRfn
CLopJaMTFriH9+uekaw6pokr7wmwyexTUj44d6KIATSZ58FV388ghBCNDsUziZRF
qoW8rA7S9Yy9Z+mFlum196/QVdenb48JOpJ8t7cHm/Ulr5Iow04i3Vkd+L4RzsQf
oTVS3xx5NU3iO6SuKSLHpcfOllTa1F8+ZAQpyM60YIbgwdxR0ecyPvJ3Akh3IB4j
2CpqgVrtlCs1/0tKvYKBLP8SDDAqai/nFo37bIt28QzI+1nm9hNUfUrSzuDEzENh
buKW6V+5/f3qCYR9f02WnCoTiAisApNwUiUay3PYIFDwB+Ue2mlG6gLzWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN96lewaISMzRKb7EOZ46LpKV35MMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMzNxVjdCb2hJek5FcHZzUTVuam91a3BYZmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC9XxF0NYnwq25BZz9Aw
vqKNf5YibcFRjCTI8ggdhy6jg2SVW8fpLn/7YSPd0Vow8oCgVdY1wWpNtttKub6i
763SUjY/mOEZMb8xkstnaK27GzS6XeCuQeAfgvkunQG6oDs7pEOdDTFaVQoFGMsb
8UbLgU08xGrAu8kRxnJ//4WUSKf/IgM52RPkkDtm8GI1+L4AGYJA355dINsy78HF
SClBo8W2zA8LQQc938nT4/vO9xih1pu9CU9m1mXZDCzeEEwScBDe/v+gyHbCtbl8
DprcyE7J7KpyeRRvWXWqqoPeVXcd5TBBmNWbPxhBbEhxj3haD3VC3gnYbGssHzD5
kkU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:43 2025 by rpki-client