Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/42hIiKK39R4F80_4bqjFmbul0Jc.roa
File: 42hIiKK39R4F80_4bqjFmbul0Jc.roa (raw, json)
Hash identifier: DWOHOD/qiGheyIMkOCsBOYW0Ln0U6rGiPy0Kb3PXVg0=
Subject key identifier: E3:68:48:88:A2:B7:F5:1E:05:F3:4F:F8:6E:A8:C5:99:BB:A5:D0:97
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0B1A0FD2F51CC722A6A471CA488A8EEE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/42hIiKK39R4F80_4bqjFmbul0Jc.roa
Signing time: Mon 04 Mar 2024 20:14:01 +0000
ROA not before: Mon 04 Mar 2024 20:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0b:1a:0f:d2:f5:1c:c7:22:a6:a4:71:ca:48:8a:8e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 20:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3684888a2b7f51e05f34ff86ea8c599bba5d097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2c:a7:d1:33:a5:2c:da:99:7d:89:62:15:e3:
c5:08:38:57:dd:3d:1e:ae:14:3e:33:b7:fd:b4:a9:
a1:e8:9b:64:c5:58:58:8e:e7:a1:d5:cc:40:ec:46:
38:8e:ab:c3:c4:5f:e2:88:4c:cc:14:de:3e:b0:3a:
c3:0a:c4:7a:db:15:33:7f:9b:9f:b6:33:63:c0:c5:
f9:f9:0e:98:40:59:20:ce:8c:2b:07:fb:72:ee:12:
c2:74:d2:d1:5f:68:24:5d:4f:22:72:43:57:27:9e:
71:21:51:90:20:91:a0:92:75:e3:87:a8:df:6f:0b:
f2:08:e4:05:9c:f9:8b:ab:ee:93:b4:13:c0:f3:8d:
e5:01:49:8a:29:f6:b9:b8:21:55:cf:8e:15:09:3d:
3b:02:e8:6c:ec:1b:32:c8:0e:0b:14:ef:a5:d1:65:
9a:d8:e8:c1:c8:49:66:99:37:d0:fd:54:76:e9:7a:
d7:51:ea:80:f1:3e:2f:9e:61:d1:60:ac:53:7e:b2:
72:e7:f3:4e:7f:7d:3b:f7:60:c6:f7:65:af:aa:cf:
77:12:c5:2d:40:ea:e8:da:84:aa:89:43:6f:11:30:
ef:a9:38:a4:9b:5d:9a:2f:7f:50:73:15:0f:fd:6b:
f0:4f:d1:6b:3d:fa:da:8f:fe:de:3a:d7:67:9a:13:
15:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:68:48:88:A2:B7:F5:1E:05:F3:4F:F8:6E:A8:C5:99:BB:A5:D0:97
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/42hIiKK39R4F80_4bqjFmbul0Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:57:62:c1:14:33:c4:dc:53:a5:a8:99:f0:3b:eb:73:ed:ba:
d7:7a:5f:63:cb:c6:b0:8e:9b:da:11:77:68:f1:28:23:6c:a1:
a0:e8:9e:f9:9d:ea:3c:c2:4c:43:07:b7:ee:1c:7f:77:b5:2e:
aa:c7:58:b3:4e:96:47:a9:35:f7:d4:85:50:77:63:72:c2:da:
73:dc:27:56:b3:cb:cf:e4:9b:10:3f:7e:4d:2f:4e:e3:b0:74:
4e:89:0a:67:d3:3a:e7:10:76:41:c6:b3:26:5b:db:95:9e:20:
e4:64:5c:ed:68:14:b9:fd:fd:6e:a5:7b:08:6f:0e:77:8a:01:
a7:92:51:ab:1b:9f:4e:93:e2:70:14:22:07:0f:de:4f:9c:98:
cc:6d:83:06:bf:1c:33:e0:1e:09:af:55:45:ff:31:76:32:99:
64:10:65:78:6b:a7:1b:59:71:b4:3f:2d:25:26:02:27:2e:0c:
fa:d0:0d:13:3b:7c:d6:ed:37:ae:a9:25:5b:6e:e1:1a:87:e0:
20:9c:af:e5:d6:ca:a6:1a:0a:b6:9c:94:69:aa:62:96:af:c2:
09:24:b2:6e:20:62:03:03:7e:e4:8e:df:f5:33:bd:14:d8:29:
0d:fa:ec:72:09:b9:c3:1e:86:ad:5b:3d:61:03:37:3e:48:89:
01:f9:b2:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4LGg/S9RzHIqakccpIio7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MjAxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY4NDg4OGEyYjdmNTFlMDVmMzRmZjg2ZWE4YzU5OWJiYTVkMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSyn0TOlLNqZfYliFePFCDhX3T0e
rhQ+M7f9tKmh6JtkxVhYjueh1cxA7EY4jqvDxF/iiEzMFN4+sDrDCsR62xUzf5uf
tjNjwMX5+Q6YQFkgzowrB/ty7hLCdNLRX2gkXU8ickNXJ55xIVGQIJGgknXjh6jf
bwvyCOQFnPmLq+6TtBPA843lAUmKKfa5uCFVz44VCT07Auhs7BsyyA4LFO+l0WWa
2OjByElmmTfQ/VR26XrXUeqA8T4vnmHRYKxTfrJy5/NOf30792DG92Wvqs93EsUt
QOro2oSqiUNvETDvqTikm12aL39QcxUP/WvwT9FrPfraj/7eOtdnmhMV+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFONoSIiit/UeBfNP+G6oxZm7pdCXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNDJoSWlLSzM5UjRGODBfNGJxakZtYnVsMEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACFXYsEUM8TcU6WomfA7
63Ptutd6X2PLxrCOm9oRd2jxKCNsoaDonvmd6jzCTEMHt+4cf3e1LqrHWLNOlkep
NffUhVB3Y3LC2nPcJ1azy8/kmxA/fk0vTuOwdE6JCmfTOucQdkHGsyZb25WeIORk
XO1oFLn9/W6lewhvDneKAaeSUasbn06T4nAUIgcP3k+cmMxtgwa/HDPgHgmvVUX/
MXYymWQQZXhrpxtZcbQ/LSUmAicuDPrQDRM7fNbtN66pJVtu4RqH4CCcr+XWyqYa
CraclGmqYpavwgkksm4gYgMDfuSO3/UzvRTYKQ367HIJucMehq1bPWEDNz5IiQH5
svg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:18:45 2025 by rpki-client