Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6cA8oJn2n4EEVMEnWawjmghkFtY.roa
File: 6cA8oJn2n4EEVMEnWawjmghkFtY.roa (raw, json)
Hash identifier: NhlUWvMZuLwvQEo40yeM/sR0zDttLlKpVpX6rMPQ39U=
Subject key identifier: E9:C0:3C:A0:99:F6:9F:81:04:54:C1:27:59:AC:23:9A:08:64:16:D6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6FBAED3BA5CAF0A9D13B058F2B324D81
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6cA8oJn2n4EEVMEnWawjmghkFtY.roa
Signing time: Sun 24 Mar 2024 09:11:45 +0000
ROA not before: Sun 24 Mar 2024 09:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6f:ba:ed:3b:a5:ca:f0:a9:d1:3b:05:8f:2b:32:4d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 09:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9c03ca099f69f810454c12759ac239a086416d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7d:e1:33:c7:87:50:33:85:e2:8d:4b:59:03:
56:b5:79:ec:f6:2b:34:9a:51:d1:6c:da:47:5c:f2:
d3:39:21:1c:3c:7c:40:3e:e0:43:a0:0f:89:94:d1:
74:e6:3c:82:5e:5d:77:ab:ca:b3:91:ae:a7:ff:c6:
e0:65:e8:1e:7b:60:75:6a:11:27:e7:43:12:23:22:
ec:a3:39:1b:31:0a:75:d1:84:06:86:63:f2:37:20:
22:70:1d:38:6e:0e:8f:08:84:af:78:4d:9d:67:5c:
b3:75:d1:0c:a8:b9:c8:e0:dc:85:63:fe:64:f0:22:
39:03:6d:cc:c5:e8:13:29:d3:bc:1d:9e:2a:2c:05:
bc:99:c1:17:6b:ed:e6:33:ff:6a:30:e7:60:30:d7:
9e:72:7f:57:04:2a:64:8d:4e:9b:b7:28:a5:2d:0e:
a8:8b:48:f4:77:ce:d0:ac:53:cd:cb:61:8c:f4:aa:
18:ce:97:c7:39:26:df:7f:4b:fc:a8:f3:e5:e3:46:
52:bc:2b:b4:ee:5c:61:6b:d4:a9:0e:ff:17:2c:48:
5e:31:53:d8:84:be:ac:f6:64:49:39:9c:f2:b0:db:
0a:47:b9:a3:01:57:2c:d3:51:93:af:8f:f9:7e:fa:
6d:b3:54:c2:1a:67:28:78:c4:4a:31:87:60:3b:fc:
64:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C0:3C:A0:99:F6:9F:81:04:54:C1:27:59:AC:23:9A:08:64:16:D6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6cA8oJn2n4EEVMEnWawjmghkFtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:61:52:a4:ce:2a:4d:53:cc:43:d8:ec:ec:c6:24:1c:d4:c1:
36:6c:1d:cd:88:4f:e4:36:38:c6:a3:41:eb:ad:85:54:ec:ab:
56:29:75:7f:07:d9:3c:07:a8:18:b6:0e:39:f0:41:b1:35:ff:
1e:4e:a5:36:b4:12:b2:0f:29:ea:ff:69:01:a9:7c:1e:82:3f:
30:c2:2b:e4:6f:90:bd:55:4d:fc:03:63:76:a9:16:2d:4d:c0:
69:8e:e9:f1:f6:63:2b:60:03:48:6a:9f:e6:b9:8d:11:92:42:
51:8a:75:90:8d:e6:ef:d3:b4:16:54:7d:e8:ea:ff:49:b9:2d:
f3:69:81:66:ef:e3:9b:72:2a:12:86:72:61:31:97:bb:4a:8f:
6b:53:56:d7:dd:60:08:9e:b5:3c:c8:21:05:4f:d0:7f:e0:06:
bc:a0:23:0a:8e:f3:44:3f:aa:52:d1:26:ab:8c:34:a2:54:d8:
6e:3a:a7:bb:8f:41:bc:b3:11:d2:92:f0:70:83:56:3c:f2:37:
2e:78:0c:ec:f5:db:39:ee:10:b4:b2:3c:de:c0:bb:fb:e7:eb:
bb:36:62:99:2e:1b:a6:19:3a:3b:5f:fa:6c:9f:77:85:d8:a1:
ee:ab:26:ef:1b:eb:c2:62:77:55:ce:80:13:3f:0d:74:6e:2f:
d2:a1:21:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5vuu07pcrwqdE7BY8rMk2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MDkxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWMwM2NhMDk5ZjY5ZjgxMDQ1NGMxMjc1OWFjMjM5YTA4NjQxNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo33hM8eHUDOF4o1LWQNWtXns9is0
mlHRbNpHXPLTOSEcPHxAPuBDoA+JlNF05jyCXl13q8qzka6n/8bgZegee2B1ahEn
50MSIyLsozkbMQp10YQGhmPyNyAicB04bg6PCISveE2dZ1yzddEMqLnI4NyFY/5k
8CI5A23MxegTKdO8HZ4qLAW8mcEXa+3mM/9qMOdgMNeecn9XBCpkjU6btyilLQ6o
i0j0d87QrFPNy2GM9KoYzpfHOSbff0v8qPPl40ZSvCu07lxha9SpDv8XLEheMVPY
hL6s9mRJOZzysNsKR7mjAVcs01GTr4/5fvpts1TCGmcoeMRKMYdgO/xkcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOnAPKCZ9p+BBFTBJ1msI5oIZBbWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNmNBOG9KbjJuNEVFVk1Fbldhd2ptZ2hrRnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJVhUqTOKk1TzEPY7OzG
JBzUwTZsHc2IT+Q2OMajQeuthVTsq1YpdX8H2TwHqBi2DjnwQbE1/x5OpTa0ErIP
Ker/aQGpfB6CPzDCK+RvkL1VTfwDY3apFi1NwGmO6fH2YytgA0hqn+a5jRGSQlGK
dZCN5u/TtBZUfejq/0m5LfNpgWbv45tyKhKGcmExl7tKj2tTVtfdYAietTzIIQVP
0H/gBrygIwqO80Q/qlLRJquMNKJU2G46p7uPQbyzEdKS8HCDVjzyNy54DOz12znu
ELSyPN7Au/vn67s2YpkuG6YZOjtf+myfd4XYoe6rJu8b68Jid1XOgBM/DXRuL9Kh
IQA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:50:13 2025 by rpki-client