Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/47MyvwdiqZYxxPTC0bYhKR083W0.roa
File: 47MyvwdiqZYxxPTC0bYhKR083W0.roa (raw, json)
Hash identifier: YzDAf3iSEKMgUfQrl0S166BIMvjrPkdkpcseuyWNB34=
Subject key identifier: E3:B3:32:BF:07:62:A9:96:31:C4:F4:C2:D1:B6:21:29:1D:3C:DD:6D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB13541C404F1430D6BB87E30F6F6F433
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/47MyvwdiqZYxxPTC0bYhKR083W0.roa
Signing time: Fri 16 Feb 2024 09:17:53 +0000
ROA not before: Fri 16 Feb 2024 09:17:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:35:41:c4:04:f1:43:0d:6b:b8:7e:30:f6:f6:f4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 09:17:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3b332bf0762a99631c4f4c2d1b621291d3cdd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a8:22:06:32:6f:e7:b4:ad:b4:62:99:a4:06:
33:96:be:ac:12:85:8e:59:39:54:cb:23:b0:14:aa:
ee:8f:20:1a:6e:67:76:d2:4b:aa:50:3c:49:ae:65:
89:a5:37:4d:4b:51:19:60:ce:85:22:42:a2:3b:ab:
c7:c5:63:f8:97:f7:fc:88:a8:d9:b2:a1:6c:22:75:
94:13:c3:17:b0:bc:cf:df:56:6e:15:cf:58:b8:35:
85:ec:0c:56:80:93:2d:83:08:f6:f0:7e:79:16:de:
16:0f:85:40:a6:b6:99:5b:da:6f:43:d7:37:51:85:
51:cb:54:4c:5c:3c:f0:eb:29:be:b6:d7:9d:07:40:
35:59:f6:da:86:9b:f0:de:dd:e0:a0:d5:cb:a3:e9:
28:5b:03:be:2c:22:5d:2a:87:e8:3d:e6:4a:aa:a7:
d7:c3:b0:3f:0e:1d:71:52:1f:7c:1e:b1:1b:b0:71:
c7:2f:77:7b:1a:10:2f:ab:58:2d:c3:d0:ac:f4:ec:
0c:4d:62:c0:43:13:d5:7e:25:6a:01:a3:fd:0b:5d:
fa:0d:34:7d:d3:43:fa:fc:77:8f:ba:a2:b7:63:b4:
1f:f6:d1:a4:7c:52:55:9a:10:c7:f6:d3:95:95:f7:
63:36:0b:12:16:fc:8a:ce:7f:5d:b7:11:92:f0:f1:
e9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B3:32:BF:07:62:A9:96:31:C4:F4:C2:D1:B6:21:29:1D:3C:DD:6D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/47MyvwdiqZYxxPTC0bYhKR083W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:c3:a3:98:bb:30:8a:e8:cd:ab:97:af:93:3a:ba:b1:23:aa:
48:dc:dc:a3:65:42:e7:68:da:35:79:58:fc:52:1f:e7:1c:df:
d3:ab:5b:39:e5:17:b7:75:e2:02:2a:43:5d:e4:31:5e:46:c2:
c3:14:13:88:34:35:37:11:2a:b3:82:03:54:03:4f:ab:e0:29:
57:13:54:52:0b:a7:a7:22:44:28:2d:4f:25:2d:4a:8d:5a:5c:
b4:36:02:3d:7b:fc:ae:b7:e8:98:fc:61:b1:25:8f:af:6a:0d:
22:0b:8c:c5:87:d6:00:8c:80:e7:54:bb:98:08:bd:5c:5d:ae:
d0:eb:e3:74:af:6e:6b:60:36:fa:21:b8:31:0b:56:79:d0:6d:
62:f0:99:52:b5:b5:46:82:6c:f5:d9:19:d6:77:cf:07:8c:d3:
71:38:fa:1f:80:ca:ca:aa:64:76:e0:2b:83:dd:9c:2d:b7:de:
c5:6e:98:76:30:15:9c:6a:5e:63:d0:cf:6a:8b:8d:54:0c:bc:
5b:93:63:c4:df:da:90:b5:49:70:89:bc:68:24:5e:7e:63:e0:
bf:f0:1c:64:02:76:9e:3a:d2:3f:8e:2b:ae:c5:01:c7:e3:cf:
75:6d:4a:6f:53:27:af:b6:57:77:d6:ba:08:4f:8a:82:e6:ef:
48:68:02:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2xNUHEBPFDDWu4fjD29vQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MDkxNzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2IzMzJiZjA3NjJhOTk2MzFjNGY0YzJkMWI2MjEyOTFkM2NkZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0agiBjJv57SttGKZpAYzlr6sEoWO
WTlUyyOwFKrujyAabmd20kuqUDxJrmWJpTdNS1EZYM6FIkKiO6vHxWP4l/f8iKjZ
sqFsInWUE8MXsLzP31ZuFc9YuDWF7AxWgJMtgwj28H55Ft4WD4VApraZW9pvQ9c3
UYVRy1RMXDzw6ym+ttedB0A1Wfbahpvw3t3goNXLo+koWwO+LCJdKofoPeZKqqfX
w7A/Dh1xUh98HrEbsHHHL3d7GhAvq1gtw9Cs9OwMTWLAQxPVfiVqAaP9C136DTR9
00P6/HePuqK3Y7Qf9tGkfFJVmhDH9tOVlfdjNgsSFvyKzn9dtxGS8PHpbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOOzMr8HYqmWMcT0wtG2ISkdPN1tMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNDdNeXZ3ZGlxWll4eFBUQzBiWWhLUjA4M1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADTDo5i7MIrozauXr5M6
urEjqkjc3KNlQudo2jV5WPxSH+cc39OrWznlF7d14gIqQ13kMV5GwsMUE4g0NTcR
KrOCA1QDT6vgKVcTVFILp6ciRCgtTyUtSo1aXLQ2Aj17/K636Jj8YbElj69qDSIL
jMWH1gCMgOdUu5gIvVxdrtDr43SvbmtgNvohuDELVnnQbWLwmVK1tUaCbPXZGdZ3
zweM03E4+h+AysqqZHbgK4PdnC233sVumHYwFZxqXmPQz2qLjVQMvFuTY8Tf2pC1
SXCJvGgkXn5j4L/wHGQCdp460j+OK67FAcfjz3VtSm9TJ6+2V3fWughPioLm70ho
AsU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:22:06 2025 by rpki-client