Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/81N6yG_lKZZVggfnh3jHGq_w4Yk.roa
File: 81N6yG_lKZZVggfnh3jHGq_w4Yk.roa (raw, json)
Hash identifier: SQ7WYec41vFTBFpna1QiPgcov3eSvxf/fC44M2lrdGE=
Subject key identifier: F3:53:7A:C8:6F:E5:29:96:55:82:07:E7:87:78:C7:1A:AF:F0:E1:89
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFE05793B6F3D3998F5D3FCA9674EB1B0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/81N6yG_lKZZVggfnh3jHGq_w4Yk.roa
Signing time: Fri 12 Jan 2024 14:13:40 +0000
ROA not before: Fri 12 Jan 2024 14:13:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:05:79:3b:6f:3d:39:98:f5:d3:fc:a9:67:4e:b1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 14:13:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3537ac86fe52996558207e78778c71aaff0e189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:18:9a:94:04:cb:fe:99:8e:42:d3:89:aa:61:
d4:49:6e:c3:00:c1:dd:36:ae:fb:7b:e4:11:c3:a0:
e0:13:e0:c8:43:2e:86:ed:b0:b3:46:8f:c1:ec:d4:
64:c4:d3:8f:e4:90:67:64:85:02:70:83:77:30:33:
89:49:81:d4:32:50:b4:31:8e:f2:6e:6a:fb:7d:77:
43:b8:55:04:bc:1f:81:d2:4f:58:78:af:f9:e5:04:
29:2c:ef:d2:02:12:57:8c:32:68:e4:7e:c6:63:7a:
fa:65:aa:4a:d8:68:42:ba:e4:5c:6b:d0:26:8d:1b:
f5:d9:d7:e7:37:05:d4:e0:77:54:b3:14:e1:99:64:
fa:9c:3e:de:34:4d:f2:0c:5e:bb:95:5e:a2:6a:75:
18:df:40:cb:c4:b3:2e:99:69:8f:e1:bb:12:13:f8:
22:9b:66:63:45:2a:92:43:41:eb:38:54:4b:f2:8b:
e5:40:92:87:e1:37:13:4a:2b:05:32:f7:58:e0:ad:
0e:36:4a:95:f3:aa:39:aa:9d:6b:38:1b:d0:e1:18:
b5:3d:1e:ed:14:10:17:ac:0d:e0:7c:7e:86:c7:99:
c4:c2:22:e3:fd:1c:63:e3:d3:a1:f1:04:b1:e6:fb:
8e:e0:25:3c:7c:de:55:26:6d:33:22:37:41:8a:66:
e1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:53:7A:C8:6F:E5:29:96:55:82:07:E7:87:78:C7:1A:AF:F0:E1:89
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/81N6yG_lKZZVggfnh3jHGq_w4Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:a7:68:a6:5d:0d:4d:e2:65:e8:85:53:31:42:2b:48:a3:d1:
e3:fe:48:a2:ad:66:59:53:5d:81:42:9a:ee:c1:dc:d5:61:ad:
c8:29:08:97:8a:da:e1:3a:48:6b:11:fb:91:5f:a2:04:6f:e9:
e5:ef:4a:cd:bf:f7:b0:a4:36:a6:e3:df:e6:9f:bb:c8:7e:cb:
79:b3:d9:2c:57:91:0d:b8:19:3e:fc:84:7d:50:2e:9d:60:e7:
2a:bc:ec:9f:df:6a:67:ba:90:f2:cf:ba:01:3a:44:ea:60:73:
9b:96:02:67:23:11:b0:b9:64:d9:e5:ac:91:1f:c0:66:7c:a7:
97:54:ee:96:25:3c:ba:9b:d9:2c:07:14:e1:26:b7:d4:03:42:
04:f4:e3:9e:6b:c1:00:7c:e3:18:7d:38:b6:88:6f:d2:2d:81:
5d:07:49:d4:85:a9:54:53:fa:42:a3:0f:4b:49:55:b2:2a:5b:
87:e5:19:68:14:66:c9:4e:4d:de:3e:50:c0:a6:ee:18:2c:47:
35:ec:d0:a7:66:0f:23:c5:b3:6e:aa:20:13:9b:55:d1:55:1b:
51:f9:05:0f:3e:a2:ee:a6:10:33:2f:df:d1:86:d1:6f:c5:53:
ff:22:8f:4d:41:2e:0e:aa:ec:70:4e:d6:98:a3:05:a6:4d:cc:
14:b4:92:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz+BXk7bz05mPXT/KlnTrGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMTQxMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzUzN2FjODZmZTUyOTk2NTU4MjA3ZTc4Nzc4YzcxYWFmZjBlMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RialATL/pmOQtOJqmHUSW7DAMHd
Nq77e+QRw6DgE+DIQy6G7bCzRo/B7NRkxNOP5JBnZIUCcIN3MDOJSYHUMlC0MY7y
bmr7fXdDuFUEvB+B0k9YeK/55QQpLO/SAhJXjDJo5H7GY3r6ZapK2GhCuuRca9Am
jRv12dfnNwXU4HdUsxThmWT6nD7eNE3yDF67lV6ianUY30DLxLMumWmP4bsSE/gi
m2ZjRSqSQ0HrOFRL8ovlQJKH4TcTSisFMvdY4K0ONkqV86o5qp1rOBvQ4Ri1PR7t
FBAXrA3gfH6Gx5nEwiLj/Rxj49Oh8QSx5vuO4CU8fN5VJm0zIjdBimbhRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPNTeshv5SmWVYIH54d4xxqv8OGJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvODFONnlHX2xLWlpWZ2dmbmgzakhHcV93NFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGunaKZdDU3iZeiFUzFC
K0ij0eP+SKKtZllTXYFCmu7B3NVhrcgpCJeK2uE6SGsR+5FfogRv6eXvSs2/97Ck
Nqbj3+afu8h+y3mz2SxXkQ24GT78hH1QLp1g5yq87J/fame6kPLPugE6ROpgc5uW
AmcjEbC5ZNnlrJEfwGZ8p5dU7pYlPLqb2SwHFOEmt9QDQgT0455rwQB84xh9OLaI
b9ItgV0HSdSFqVRT+kKjD0tJVbIqW4flGWgUZslOTd4+UMCm7hgsRzXs0KdmDyPF
s26qIBObVdFVG1H5BQ8+ou6mEDMv39GG0W/FU/8ij01BLg6q7HBO1pijBaZNzBS0
kpg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:32:08 2025 by rpki-client