Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4fYH0NlcEo6zJnD-wK1p3Dtg9oY.roa
File: 4fYH0NlcEo6zJnD-wK1p3Dtg9oY.roa (raw, json)
Hash identifier: PlFBJ81yTs3sha2STlkD0I0/mLg44wRJphyYKQZWpxU=
Subject key identifier: E1:F6:07:D0:D9:5C:12:8E:B3:26:70:FE:C0:AD:69:DC:3B:60:F6:86
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFB716125465A3BF687772EE2D88F03D9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4fYH0NlcEo6zJnD-wK1p3Dtg9oY.roa
Signing time: Fri 12 Jan 2024 02:12:40 +0000
ROA not before: Fri 12 Jan 2024 02:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fb:71:61:25:46:5a:3b:f6:87:77:2e:e2:d8:8f:03:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 02:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1f607d0d95c128eb32670fec0ad69dc3b60f686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:54:f9:73:fd:f1:53:47:d9:1c:f1:01:cf:0b:
d0:1a:36:fe:b5:96:53:cc:8d:59:5d:d9:88:4d:a6:
20:e0:e0:5b:3b:7f:15:42:dc:fd:1b:dd:fe:31:31:
28:a2:af:06:4c:5e:e2:8d:39:d9:42:0d:09:82:bb:
6b:22:7c:bf:82:50:1b:dd:9d:b5:36:14:c6:66:9d:
ab:77:89:68:1e:19:b2:26:51:85:6a:b3:bf:d4:a4:
01:7f:35:be:38:43:0a:28:8d:64:77:81:ab:e1:08:
81:af:cf:d8:c1:1f:18:90:f9:d5:b1:0a:6e:a7:6a:
f2:46:98:b0:4f:a5:cb:41:d5:24:05:7d:92:e9:94:
65:dc:38:18:ea:bb:37:e7:09:f2:e7:1e:4a:51:35:
cf:2a:6e:a9:b5:b9:b1:d6:cb:07:c2:4b:f8:68:a1:
d6:12:82:02:6d:77:32:3c:1a:86:66:0e:2c:ee:9a:
f9:59:66:84:99:aa:4b:a9:c3:b2:4e:07:f5:97:7d:
9b:52:69:25:ab:22:28:e0:1f:f8:63:be:f5:b7:03:
bd:f9:b7:e0:e6:23:1e:27:ee:b4:56:11:4e:c7:4f:
96:3f:8f:ca:66:a2:51:0e:3a:9f:a8:d1:da:47:f1:
c0:e9:f1:b1:ff:aa:6a:1c:78:75:d8:cb:1f:60:bb:
9a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F6:07:D0:D9:5C:12:8E:B3:26:70:FE:C0:AD:69:DC:3B:60:F6:86
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4fYH0NlcEo6zJnD-wK1p3Dtg9oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:98:54:8d:0c:c3:c3:fc:96:64:2e:fb:76:76:a7:a1:ea:2a:
fa:53:83:09:64:ad:ee:db:69:71:bf:a7:77:fd:bf:98:d9:d9:
a8:52:4e:52:4b:2d:5d:0a:8a:7b:2c:f5:c8:6f:54:90:a4:f0:
50:b9:44:e8:ea:31:43:c6:c0:0f:32:85:ab:27:dd:70:50:2c:
84:97:02:50:dd:ac:c5:c7:57:f9:28:28:93:f8:91:ae:0f:cd:
fc:8b:e0:b6:12:ea:59:32:f3:3d:6f:93:b6:9e:b7:da:d0:3e:
14:63:c6:d5:2c:af:dc:72:a1:49:d5:c0:e9:08:9e:66:7c:14:
91:38:29:f6:fe:0a:0e:24:7a:b8:84:9e:db:18:2a:57:da:0a:
92:7e:89:17:1f:83:35:5c:6a:8c:ba:e0:46:59:a6:25:9d:91:
d2:e3:4c:ed:58:55:dc:e5:6c:73:36:8d:1d:ec:91:26:31:1f:
35:9e:56:cb:2d:54:02:0e:5c:a5:42:b8:66:e6:63:b5:de:3f:
4f:7d:b5:5a:a0:ba:f7:13:2c:d4:dc:d1:60:67:89:3e:56:ed:
67:69:e3:e9:2b:1e:47:f6:16:4b:15:a2:80:1f:f6:cb:34:ce:
3c:3c:e4:ed:a5:a7:7b:d8:3d:cc:2d:87:12:ca:a2:91:6e:c2:
0c:b6:ea:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz7cWElRlo79od3LuLYjwPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMDIxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY2MDdkMGQ5NWMxMjhlYjMyNjcwZmVjMGFkNjlkYzNiNjBmNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFT5c/3xU0fZHPEBzwvQGjb+tZZT
zI1ZXdmITaYg4OBbO38VQtz9G93+MTEooq8GTF7ijTnZQg0JgrtrIny/glAb3Z21
NhTGZp2rd4loHhmyJlGFarO/1KQBfzW+OEMKKI1kd4Gr4QiBr8/YwR8YkPnVsQpu
p2ryRpiwT6XLQdUkBX2S6ZRl3DgY6rs35wny5x5KUTXPKm6ptbmx1ssHwkv4aKHW
EoICbXcyPBqGZg4s7pr5WWaEmapLqcOyTgf1l32bUmklqyIo4B/4Y771twO9+bfg
5iMeJ+60VhFOx0+WP4/KZqJRDjqfqNHaR/HA6fGx/6pqHHh12MsfYLuaGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOH2B9DZXBKOsyZw/sCtadw7YPaGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNGZZSDBObGNFbzZ6Sm5ELXdLMXAzRHRnOW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHWYVI0Mw8P8lmQu+3Z2
p6HqKvpTgwlkre7baXG/p3f9v5jZ2ahSTlJLLV0Kinss9chvVJCk8FC5ROjqMUPG
wA8yhasn3XBQLISXAlDdrMXHV/koKJP4ka4PzfyL4LYS6lky8z1vk7aet9rQPhRj
xtUsr9xyoUnVwOkInmZ8FJE4Kfb+Cg4keriEntsYKlfaCpJ+iRcfgzVcaoy64EZZ
piWdkdLjTO1YVdzlbHM2jR3skSYxHzWeVsstVAIOXKVCuGbmY7XeP099tVqguvcT
LNTc0WBniT5W7Wdp4+krHkf2FksVooAf9ss0zjw85O2lp3vYPcwthxLKopFuwgy2
6rQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:22:05 2025 by rpki-client