Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/89iNP08W4gseWo7odldrL9lEggo.roa
File: 89iNP08W4gseWo7odldrL9lEggo.roa (raw, json)
Hash identifier: h+LVuY6PDtOUay3tU/Me3PWOgfMuKY+IThy+cWBt2vA=
Subject key identifier: F3:D8:8D:3F:4F:16:E2:0B:1E:5A:8E:E8:76:57:6B:2F:D9:44:82:0A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D709B8330E6039BE91890D3668D15FEDC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/89iNP08W4gseWo7odldrL9lEggo.roa
Signing time: Sat 03 Feb 2024 20:14:16 +0000
ROA not before: Sat 03 Feb 2024 20:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:70:9b:83:30:e6:03:9b:e9:18:90:d3:66:8d:15:fe:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 3 20:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3d88d3f4f16e20b1e5a8ee876576b2fd944820a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:24:a0:a5:9c:f9:e0:f0:e2:e7:c7:58:60:96:
e4:35:b1:ed:af:81:bd:d9:e4:49:32:71:9f:41:fe:
66:ec:46:90:50:0e:75:e6:8b:1b:0a:71:dd:73:02:
6b:11:db:57:cf:34:04:ab:53:0b:bc:13:02:ab:90:
ac:dc:55:7b:f5:61:54:a8:a4:95:6f:c1:0b:a6:f4:
c9:09:ee:3c:7e:f1:1a:dc:51:d1:8f:c5:47:9b:99:
d0:66:49:95:b1:4e:cb:4a:3e:7f:eb:a2:22:fd:5b:
fa:10:6e:03:90:74:86:b2:f7:b7:a8:73:0f:6a:46:
91:98:df:e5:1b:7d:11:32:8a:72:14:88:8f:39:6b:
52:3a:98:f4:f5:5e:b1:08:16:53:63:77:fb:5a:10:
21:a4:22:f5:04:05:d4:9d:a1:de:8a:6a:81:56:11:
05:3a:c2:a6:82:55:d0:bb:ab:84:08:46:f7:89:f3:
c5:f0:0e:69:67:aa:07:2f:4a:27:d7:f7:d6:23:b6:
e4:18:d4:66:1c:cb:02:6b:01:12:15:a8:10:99:bd:
2e:91:64:0d:8c:40:66:b9:11:66:73:13:83:5c:6c:
51:dc:8f:7e:d8:ac:a9:f2:3e:4e:6b:1b:06:e8:65:
43:95:42:0c:db:0f:26:63:08:32:23:d3:ed:be:d0:
85:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D8:8D:3F:4F:16:E2:0B:1E:5A:8E:E8:76:57:6B:2F:D9:44:82:0A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/89iNP08W4gseWo7odldrL9lEggo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:5d:16:d8:25:d2:e1:0b:0d:db:67:0f:75:59:0c:c4:06:19:
47:25:c0:f8:e7:26:23:0f:6b:71:50:74:4c:af:81:87:ef:64:
db:e8:b1:6a:26:50:80:58:f6:3a:53:a6:1d:95:f0:c6:b7:eb:
76:67:e5:2f:85:b8:9c:25:ff:95:e4:ee:4c:eb:53:42:ab:f6:
5c:7f:78:e4:0e:e0:bd:99:39:70:fb:a0:5e:97:a4:27:9e:d6:
fd:03:13:0c:25:d6:3e:25:a1:24:1b:b5:ab:6a:4e:a2:fa:69:
91:c3:2d:87:c5:81:93:e0:60:a4:9a:a9:9d:5d:20:0d:5e:c7:
f2:5a:d8:3e:13:af:53:fd:22:6e:cc:df:76:db:50:4f:a3:58:
85:93:26:5d:d7:94:c2:3e:c7:e6:4f:e9:df:4e:3b:2a:97:b2:
f7:e7:aa:1b:24:9b:50:2f:2f:d4:db:49:2f:9e:c5:67:ff:ee:
b1:21:21:28:92:e4:c2:9b:19:90:ea:ae:65:26:1a:58:cf:ea:
de:f8:a3:20:20:73:25:52:7d:a3:d8:96:09:41:e8:30:49:58:
5d:60:77:4e:4c:a8:b7:b3:3f:af:38:72:d2:cd:60:14:9e:c8:
b4:82:64:9c:5f:e3:01:5b:c7:f1:dc:ce:a0:f8:ac:62:67:e0:
c9:83:28:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1wm4Mw5gOb6RiQ02aNFf7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAzMjAxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Q4OGQzZjRmMTZlMjBiMWU1YThlZTg3NjU3NmIyZmQ5NDQ4MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCSgpZz54PDi58dYYJbkNbHtr4G9
2eRJMnGfQf5m7EaQUA515osbCnHdcwJrEdtXzzQEq1MLvBMCq5Cs3FV79WFUqKSV
b8ELpvTJCe48fvEa3FHRj8VHm5nQZkmVsU7LSj5/66Ii/Vv6EG4DkHSGsve3qHMP
akaRmN/lG30RMopyFIiPOWtSOpj09V6xCBZTY3f7WhAhpCL1BAXUnaHeimqBVhEF
OsKmglXQu6uECEb3ifPF8A5pZ6oHL0on1/fWI7bkGNRmHMsCawESFagQmb0ukWQN
jEBmuRFmcxODXGxR3I9+2Kyp8j5OaxsG6GVDlUIM2w8mYwgyI9PtvtCFtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPPYjT9PFuILHlqO6HZXay/ZRIIKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvODlpTlAwOFc0Z3NlV283b2RsZHJMOWxFZ2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADNdFtgl0uELDdtnD3VZ
DMQGGUclwPjnJiMPa3FQdEyvgYfvZNvosWomUIBY9jpTph2V8Ma363Zn5S+FuJwl
/5Xk7kzrU0Kr9lx/eOQO4L2ZOXD7oF6XpCee1v0DEwwl1j4loSQbtatqTqL6aZHD
LYfFgZPgYKSaqZ1dIA1ex/Ja2D4Tr1P9Im7M33bbUE+jWIWTJl3XlMI+x+ZP6d9O
OyqXsvfnqhskm1AvL9TbSS+exWf/7rEhISiS5MKbGZDqrmUmGljP6t74oyAgcyVS
faPYlglB6DBJWF1gd05MqLezP684ctLNYBSeyLSCZJxf4wFbx/HczqD4rGJn4MmD
KOQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:30:00 2025 by rpki-client