Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8gD5k1_Q8rF3b5w7-0mSOI9DKRA.roa
File: 8gD5k1_Q8rF3b5w7-0mSOI9DKRA.roa (raw, json)
Hash identifier: pm2N4APv4z0eNMq69++nTeWNBMiquI0uLtQ1j1bINK4=
Subject key identifier: F2:00:F9:93:5F:D0:F2:B1:77:6F:9C:3B:FB:49:92:38:8F:43:29:10
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE7A9E8C869EB0C0B550A51B40F76912C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8gD5k1_Q8rF3b5w7-0mSOI9DKRA.roa
Signing time: Mon 26 Feb 2024 23:04:48 +0000
ROA not before: Mon 26 Feb 2024 23:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e7a9:91c9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e7:a9:e8:c8:69:eb:0c:0b:55:0a:51:b4:0f:76:91:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 26 23:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f200f9935fd0f2b1776f9c3bfb4992388f432910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7d:8f:87:f7:ea:ae:43:ad:c0:e1:58:69:77:
77:22:19:25:a8:d9:b8:57:93:2a:5a:95:c5:74:f6:
05:4a:c2:5b:e8:36:33:b8:15:c4:80:8c:fe:3e:eb:
3b:f9:6e:40:43:63:2c:5e:c9:f6:11:0f:26:be:43:
96:2a:e8:73:c1:c0:00:fa:48:2e:38:41:c9:d8:a8:
d1:fc:fc:40:9b:e7:45:7a:6b:8c:ac:74:9a:e6:33:
39:5d:1c:82:96:16:97:96:84:fe:15:f3:c6:66:df:
4e:dd:9e:49:c6:24:79:22:c2:18:bc:da:7e:cc:a4:
35:74:12:24:f3:bd:a8:b6:cf:2a:c7:c0:af:3c:fa:
1d:a9:36:2b:fc:48:5d:5b:70:4a:11:ee:e8:bb:d2:
aa:92:c2:34:52:d1:2a:39:6b:56:3a:8f:26:af:8d:
57:81:cb:e1:da:b4:7c:ec:f3:17:1e:87:30:a8:6f:
83:b3:26:37:fa:ea:e6:a8:a6:a0:49:5a:ad:61:7d:
e4:37:70:fe:09:06:53:fa:3f:5e:bf:8d:cc:a7:8c:
04:a6:fd:c4:08:4e:89:3d:bc:6b:d4:ad:a3:9b:53:
28:39:c8:3d:77:fd:77:d6:fe:8a:b9:b1:24:99:86:
51:b9:dc:c2:4d:3b:74:22:2b:c6:4a:12:86:a3:26:
59:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:00:F9:93:5F:D0:F2:B1:77:6F:9C:3B:FB:49:92:38:8F:43:29:10
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8gD5k1_Q8rF3b5w7-0mSOI9DKRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:da:76:c2:87:94:84:1d:6c:73:32:fe:f5:fd:43:7c:2f:42:
d6:56:2f:d2:85:68:06:96:c2:c3:05:2a:7a:2f:e3:d4:64:b1:
0d:43:a4:a4:9e:55:51:ca:ea:1c:12:45:38:5c:af:69:4a:1e:
2b:a6:0b:d3:03:96:a8:60:de:05:23:22:a1:fa:ea:5f:e2:b3:
ed:39:6d:8e:93:cd:ef:ac:71:ce:47:c8:fd:ad:b9:7d:35:f8:
b1:80:74:29:a4:f4:d9:3d:04:45:3c:d2:14:52:3c:a9:bf:86:
36:cd:53:a6:7f:56:32:27:7e:43:ea:aa:ca:2c:1f:de:1f:91:
aa:7d:13:b4:07:cf:42:8c:4b:08:64:15:a6:1f:5f:4d:a9:be:
35:d0:58:52:b4:a9:48:02:a1:61:8b:06:f3:28:d8:5c:97:da:
6a:ce:38:7b:63:e3:e0:a4:1c:26:bb:50:b9:4e:5b:3d:3c:aa:
b1:8c:1d:d8:51:6b:c3:a3:5b:d0:d7:69:4d:ff:48:84:24:85:
c6:9a:a5:39:7f:f3:7d:b2:7f:39:f3:ff:1e:f7:47:0f:f1:e7:
d1:13:ab:2b:63:da:ce:09:c4:27:e1:0d:f9:42:f9:11:6c:98:
09:78:76:c8:2f:c9:fd:1c:bf:83:26:9f:6a:a4:0e:a5:0e:c4:
5d:ad:d4:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3nqejIaesMC1UKUbQPdpEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI2MjMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAwZjk5MzVmZDBmMmIxNzc2ZjljM2JmYjQ5OTIzODhmNDMyOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn2Ph/fqrkOtwOFYaXd3IhklqNm4
V5MqWpXFdPYFSsJb6DYzuBXEgIz+Pus7+W5AQ2MsXsn2EQ8mvkOWKuhzwcAA+kgu
OEHJ2KjR/PxAm+dFemuMrHSa5jM5XRyClhaXloT+FfPGZt9O3Z5JxiR5IsIYvNp+
zKQ1dBIk872ots8qx8CvPPodqTYr/EhdW3BKEe7ou9KqksI0UtEqOWtWOo8mr41X
gcvh2rR87PMXHocwqG+DsyY3+urmqKagSVqtYX3kN3D+CQZT+j9ev43Mp4wEpv3E
CE6JPbxr1K2jm1MoOcg9d/131v6KubEkmYZRudzCTTt0IivGShKGoyZZbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPIA+ZNf0PKxd2+cO/tJkjiPQykQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOGdENWsxX1E4ckYzYjV3Ny0wbVNPSTlES1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADTadsKHlIQdbHMy/vX9
Q3wvQtZWL9KFaAaWwsMFKnov49RksQ1DpKSeVVHK6hwSRThcr2lKHiumC9MDlqhg
3gUjIqH66l/is+05bY6Tze+scc5HyP2tuX01+LGAdCmk9Nk9BEU80hRSPKm/hjbN
U6Z/VjInfkPqqsosH94fkap9E7QHz0KMSwhkFaYfX02pvjXQWFK0qUgCoWGLBvMo
2FyX2mrOOHtj4+CkHCa7ULlOWz08qrGMHdhRa8OjW9DXaU3/SIQkhcaapTl/832y
fznz/x73Rw/x59ETqytj2s4JxCfhDflC+RFsmAl4dsgvyf0cv4Mmn2qkDqUOxF2t
1AI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:57:08 2025 by rpki-client