Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6oEoBLgRuhmkv70kB5k1InXm_jw.roa
File: 6oEoBLgRuhmkv70kB5k1InXm_jw.roa (raw, json)
Hash identifier: 88fnkS4/Voe410dR4mwU29Bus+xk5FI8HgMaR1eDQLQ=
Subject key identifier: EA:81:28:04:B8:11:BA:19:A4:BF:BD:24:07:99:35:22:75:E6:FE:3C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF011161C9FB8174B27794809F6DEEA89
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6oEoBLgRuhmkv70kB5k1InXm_jw.roa
Signing time: Tue 09 Jan 2024 21:11:40 +0000
ROA not before: Tue 09 Jan 2024 21:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f0:11:16:1c:9f:b8:17:4b:27:79:48:09:f6:de:ea:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 21:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea812804b811ba19a4bfbd240799352275e6fe3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:42:f3:97:96:cc:94:fc:31:2a:ba:22:01:54:
a7:64:0f:78:b2:02:4d:8a:cd:8c:0e:d0:10:7e:05:
40:f8:35:da:28:80:d5:e7:3a:f1:f5:a7:b2:21:3e:
60:95:c0:4b:0a:b1:e8:de:7c:db:8f:04:b4:54:fa:
ca:6c:09:c2:1f:a0:be:f4:46:ac:b8:c1:e4:75:8e:
23:64:a5:97:eb:7e:95:81:dc:6b:8c:62:94:c4:a5:
21:c3:d7:24:ed:9f:79:66:65:77:be:70:17:50:49:
49:52:8a:10:50:e4:97:c5:47:af:97:38:72:7c:c2:
95:84:8e:82:cb:6e:46:1c:b3:be:66:b3:18:78:39:
fd:65:51:ac:03:f3:70:e6:5d:1b:27:3e:0f:5c:70:
b3:2b:a6:cd:d1:54:42:e2:0d:c2:ba:bd:7a:e5:52:
25:55:61:93:2c:09:39:d1:01:ba:1a:0d:fe:b8:82:
2f:e6:c1:30:92:da:87:89:f0:68:e2:d0:5a:e4:4a:
51:1f:db:33:03:ca:25:5f:5b:3c:6c:70:90:50:07:
94:6c:ab:4b:07:8a:3c:c6:d5:9f:86:81:d0:7b:4a:
9b:a4:74:41:30:50:14:39:af:3d:df:14:e4:eb:1e:
ef:23:75:29:34:64:90:c6:28:b9:fd:d3:56:a3:14:
e6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:81:28:04:B8:11:BA:19:A4:BF:BD:24:07:99:35:22:75:E6:FE:3C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6oEoBLgRuhmkv70kB5k1InXm_jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:51:29:fd:5d:d3:ec:79:d1:2c:f3:ad:7c:de:b7:1c:c6:28:
e1:f2:2d:37:36:43:ab:1d:98:c5:25:8d:52:c8:e1:b7:96:a9:
ac:ed:a5:8f:ec:96:cb:3a:8f:48:a6:1e:f8:ab:ec:03:df:e4:
9a:b1:de:fb:9b:18:86:6a:a0:7a:b4:73:a2:6a:82:80:60:be:
30:af:89:ef:cc:16:fd:f7:f4:c9:a2:e8:73:cb:97:ec:60:d6:
39:9a:4f:1d:fc:9b:cb:53:68:27:32:1f:18:c1:77:73:29:8a:
f8:42:fa:dc:bc:2c:01:2e:d3:39:c6:3d:16:64:bf:ab:ce:0f:
f7:93:e6:99:e8:d6:21:f8:ae:ad:f5:f3:27:1f:a3:a4:9f:4c:
cf:d4:c2:03:ec:58:92:3f:ee:73:79:14:4b:20:a3:28:1d:65:
c9:9d:d3:24:55:b3:94:1d:06:eb:53:3c:63:ef:58:98:31:07:
71:51:7d:85:ee:d7:bf:d6:99:92:ea:fb:e1:08:34:c9:3f:c6:
86:aa:87:9f:cd:78:cd:de:04:8d:79:38:1e:50:74:2d:e4:d2:
fb:ed:e3:80:50:0e:97:d0:ce:b3:6e:8c:d8:d1:d3:7b:19:6f:
51:b3:87:ed:98:8e:b6:0c:3c:4b:9b:bf:7a:b5:20:f7:2e:5e:
be:65:a6:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzwERYcn7gXSyd5SAn23uqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MjExMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTgxMjgwNGI4MTFiYTE5YTRiZmJkMjQwNzk5MzUyMjc1ZTZmZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30Lzl5bMlPwxKroiAVSnZA94sgJN
is2MDtAQfgVA+DXaKIDV5zrx9aeyIT5glcBLCrHo3nzbjwS0VPrKbAnCH6C+9Eas
uMHkdY4jZKWX636VgdxrjGKUxKUhw9ck7Z95ZmV3vnAXUElJUooQUOSXxUevlzhy
fMKVhI6Cy25GHLO+ZrMYeDn9ZVGsA/Nw5l0bJz4PXHCzK6bN0VRC4g3Cur165VIl
VWGTLAk50QG6Gg3+uIIv5sEwktqHifBo4tBa5EpRH9szA8olX1s8bHCQUAeUbKtL
B4o8xtWfhoHQe0qbpHRBMFAUOa893xTk6x7vI3UpNGSQxii5/dNWoxTmWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOqBKAS4EboZpL+9JAeZNSJ15v48MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNm9Fb0JMZ1J1aG1rdjcwa0I1azFJblhtX2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZRKf1d0+x50SzzrXze
txzGKOHyLTc2Q6sdmMUljVLI4beWqaztpY/slss6j0imHvir7APf5Jqx3vubGIZq
oHq0c6JqgoBgvjCvie/MFv339Mmi6HPLl+xg1jmaTx38m8tTaCcyHxjBd3MpivhC
+ty8LAEu0znGPRZkv6vOD/eT5pno1iH4rq318ycfo6SfTM/UwgPsWJI/7nN5FEsg
oygdZcmd0yRVs5QdButTPGPvWJgxB3FRfYXu17/WmZLq++EINMk/xoaqh5/NeM3e
BI15OB5QdC3k0vvt44BQDpfQzrNujNjR03sZb1Gzh+2YjrYMPEubv3q1IPcuXr5l
po8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:31:48 2025 by rpki-client