Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4otXgDyDnyC4Eqx2qvHIgoR08l8.roa
File: 4otXgDyDnyC4Eqx2qvHIgoR08l8.roa (raw, json)
Hash identifier: LleG0yeylQqyCb10bJL6mcOtpobzguW7zclcCt4WjXg=
Subject key identifier: E2:8B:57:80:3C:83:9F:20:B8:12:AC:76:AA:F1:C8:82:84:74:F2:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF5DB53DC1F076FCB6046CE45FFBA0E98
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4otXgDyDnyC4Eqx2qvHIgoR08l8.roa
Signing time: Thu 11 Jan 2024 00:10:40 +0000
ROA not before: Thu 11 Jan 2024 00:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:db:53:dc:1f:07:6f:cb:60:46:ce:45:ff:ba:0e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 00:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e28b57803c839f20b812ac76aaf1c8828474f25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:56:a9:5e:f3:b5:5c:4e:75:88:42:6f:14:0c:
5f:d3:1a:08:46:ff:1e:3d:eb:2f:81:00:65:28:99:
e2:0f:df:a0:0c:9f:c0:b9:09:f2:41:ea:ab:83:4d:
c7:7d:92:51:75:1e:d6:85:91:54:c4:0c:cb:6c:f7:
db:4d:c0:be:e4:87:41:f1:53:99:fd:54:52:bb:6d:
8c:65:50:ec:68:78:28:ed:93:5f:ad:c7:77:19:53:
74:78:f4:16:ad:ed:77:11:03:f6:f3:1b:18:52:d9:
22:9f:1e:69:74:3f:50:b3:4e:74:33:68:2c:46:dd:
89:99:8f:0b:47:63:14:2d:c7:5b:f0:5f:8f:bd:43:
f2:bb:c6:0a:26:24:f0:50:cb:af:a8:01:aa:bc:a5:
4d:98:54:d0:e2:04:4e:45:18:67:6b:77:bd:da:9c:
8a:a3:b8:66:b1:3b:3b:28:0c:3a:47:57:23:54:5b:
9c:c1:3d:87:db:a5:5d:05:43:15:f7:89:e7:e8:4a:
0c:9b:46:96:e1:0e:21:66:08:21:b3:56:66:0c:11:
e9:2f:81:1b:55:23:24:f4:40:c6:47:3a:2b:3b:af:
d6:f5:55:b1:e5:8b:42:1c:cf:ae:ea:97:fb:17:62:
be:e8:44:f7:5b:d0:b9:a9:38:f7:42:ff:78:9c:83:
32:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8B:57:80:3C:83:9F:20:B8:12:AC:76:AA:F1:C8:82:84:74:F2:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4otXgDyDnyC4Eqx2qvHIgoR08l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:11:6c:9b:57:61:82:96:1a:85:d9:8d:a1:fb:a0:75:22:b5:
39:ea:6e:19:ed:0f:8f:a1:c9:a7:72:74:16:10:1a:66:38:ff:
24:b9:07:8f:69:f0:50:98:1f:b9:6d:e9:53:a8:ea:54:14:ea:
0c:c5:90:c1:ec:04:52:e8:a9:90:b1:77:2b:e8:2b:df:f7:61:
72:5c:97:59:02:53:55:4c:e6:42:16:0d:4c:30:b6:31:b2:07:
88:fa:b5:c6:3f:f3:09:2b:ea:c0:b5:fb:69:11:ea:67:cf:88:
7c:b6:6a:19:77:c0:d9:17:05:72:9d:01:ca:7c:6c:ff:eb:17:
93:ab:2d:b3:09:0c:df:3e:b1:4b:70:71:d6:50:53:36:4b:32:
0b:e5:54:01:a3:4b:fa:fe:cd:81:b6:18:d9:ed:6d:40:f7:11:
27:c5:65:af:08:3e:22:7a:e6:a8:d3:e8:5c:90:ee:37:37:d8:
cb:37:cf:b6:00:21:ce:97:8b:9e:02:7e:9b:ed:44:3e:57:33:
b7:ca:3c:83:2d:28:b9:57:33:43:3e:76:42:ac:40:44:23:1c:
b7:1e:6d:70:8a:d0:71:4a:52:d3:37:d3:4b:4d:07:1d:9f:56:
65:eb:e6:9f:25:eb:da:89:a3:16:6e:db:73:6d:2a:36:cf:e2:
78:f8:6e:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz121PcHwdvy2BGzkX/ug6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDAxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjhiNTc4MDNjODM5ZjIwYjgxMmFjNzZhYWYxYzg4Mjg0NzRmMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFapXvO1XE51iEJvFAxf0xoIRv8e
PesvgQBlKJniD9+gDJ/AuQnyQeqrg03HfZJRdR7WhZFUxAzLbPfbTcC+5IdB8VOZ
/VRSu22MZVDsaHgo7ZNfrcd3GVN0ePQWre13EQP28xsYUtkinx5pdD9Qs050M2gs
Rt2JmY8LR2MULcdb8F+PvUPyu8YKJiTwUMuvqAGqvKVNmFTQ4gRORRhna3e92pyK
o7hmsTs7KAw6R1cjVFucwT2H26VdBUMV94nn6EoMm0aW4Q4hZgghs1ZmDBHpL4Eb
VSMk9EDGRzorO6/W9VWx5YtCHM+u6pf7F2K+6ET3W9C5qTj3Qv94nIMy8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOKLV4A8g58guBKsdqrxyIKEdPJfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNG90WGdEeURueUM0RXF4MnF2SElnb1IwOGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFIRbJtXYYKWGoXZjaH7
oHUitTnqbhntD4+hyadydBYQGmY4/yS5B49p8FCYH7lt6VOo6lQU6gzFkMHsBFLo
qZCxdyvoK9/3YXJcl1kCU1VM5kIWDUwwtjGyB4j6tcY/8wkr6sC1+2kR6mfPiHy2
ahl3wNkXBXKdAcp8bP/rF5OrLbMJDN8+sUtwcdZQUzZLMgvlVAGjS/r+zYG2GNnt
bUD3ESfFZa8IPiJ65qjT6FyQ7jc32Ms3z7YAIc6Xi54CfpvtRD5XM7fKPIMtKLlX
M0M+dkKsQEQjHLcebXCK0HFKUtM300tNBx2fVmXr5p8l69qJoxZu23NtKjbP4nj4
bm0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:20:58 2025 by rpki-client