Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9AHG3cr61ODMzXL1rlB_Ds32qBc.roa
File: 9AHG3cr61ODMzXL1rlB_Ds32qBc.roa (raw, json)
Hash identifier: fF3KZef87b84Yj7dtlTcqALAyLkWU2++dkCJpxv0yzA=
Subject key identifier: F4:01:C6:DD:CA:FA:D4:E0:CC:CD:72:F5:AE:50:7F:0E:CD:F6:A8:17
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CEF6F0988A119141C66CDAE1F92932D35
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9AHG3cr61ODMzXL1rlB_Ds32qBc.roa
Signing time: Tue 09 Jan 2024 18:14:40 +0000
ROA not before: Tue 09 Jan 2024 18:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:6f:09:88:a1:19:14:1c:66:cd:ae:1f:92:93:2d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 18:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f401c6ddcafad4e0cccd72f5ae507f0ecdf6a817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a3:58:d0:ca:da:77:93:00:a8:41:b4:38:39:
7b:50:52:26:51:58:69:03:96:73:3f:d1:76:4d:8a:
46:a6:df:43:db:98:0e:4e:85:58:ec:f8:aa:d1:99:
32:34:0e:5f:b3:f7:f2:b8:94:2c:48:55:06:01:31:
88:0d:b9:fc:23:b8:7d:ea:13:b8:25:a4:2e:c3:a8:
3e:61:94:d5:54:74:01:89:7e:40:40:63:df:d6:dd:
51:2e:1c:f5:db:ac:32:cc:01:d5:da:8e:18:72:56:
d9:34:de:26:a0:f3:bf:3f:9a:43:7f:59:69:ef:1a:
dc:ff:4c:b0:44:00:b4:6f:9e:19:bd:4e:76:16:dd:
77:be:a1:db:e9:36:15:61:38:94:de:e5:25:cd:99:
b1:cc:0d:be:07:c6:ba:b3:81:0c:54:5b:10:ac:4a:
bb:a8:24:bb:3e:1f:d8:0b:4d:77:68:38:f6:28:d5:
a3:02:7b:22:1f:00:55:19:c3:c9:d3:7d:d3:04:1c:
c7:a2:4c:10:7b:70:16:4c:59:a0:7f:93:e8:09:7e:
59:f6:57:89:bf:32:ce:8f:d3:65:08:5e:db:6f:89:
02:f9:8e:ee:85:73:e2:71:53:fc:40:cb:e3:0d:df:
5d:5b:da:55:25:7e:e9:f3:e1:d3:8a:8f:6b:a0:2c:
d3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:01:C6:DD:CA:FA:D4:E0:CC:CD:72:F5:AE:50:7F:0E:CD:F6:A8:17
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9AHG3cr61ODMzXL1rlB_Ds32qBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:dc:a1:87:5c:f4:a2:97:94:b2:03:3c:78:bb:61:6f:2c:70:
6a:4b:12:12:8e:a7:bb:4c:7a:1b:df:65:8e:46:12:db:b6:ab:
68:39:1d:0d:2f:e7:09:b8:c8:85:d0:d0:a9:97:2e:f8:a1:42:
a6:b4:7f:59:65:40:cf:14:be:2e:31:c8:86:0c:af:85:68:b3:
cb:2d:8e:60:ce:d1:e9:f1:f9:21:56:a0:fb:7c:e9:b8:ee:11:
4e:1a:4b:85:ae:1b:90:ee:e2:4a:50:29:e5:0d:a5:2a:e7:b2:
ff:57:9c:42:b9:d2:e9:8f:70:cb:1f:d9:21:2a:86:36:83:42:
9e:aa:61:7a:0f:26:4d:b4:4b:43:1d:e1:2e:db:e8:fa:a6:21:
f8:80:e5:17:b5:f7:05:8c:0c:e8:5c:01:5e:52:f3:03:c4:5f:
8e:07:d2:30:fc:35:81:8e:e9:78:29:10:2d:37:37:e0:58:4b:
b4:23:92:b6:f9:13:07:c8:4e:9b:0a:52:54:8c:cc:98:45:9e:
2c:02:29:23:d6:ee:3f:32:56:20:9d:92:54:bb:00:f0:e2:51:
0c:c1:3a:99:f4:9b:4e:b7:70:32:96:49:0c:04:75:58:a3:c1:
a6:5a:f3:79:a4:50:62:2a:3f:6d:7f:fb:23:5c:4d:83:94:f2:
8f:c6:d7:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzvbwmIoRkUHGbNrh+Sky01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MTgxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDAxYzZkZGNhZmFkNGUwY2NjZDcyZjVhZTUwN2YwZWNkZjZhODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKNY0Mrad5MAqEG0ODl7UFImUVhp
A5ZzP9F2TYpGpt9D25gOToVY7Piq0ZkyNA5fs/fyuJQsSFUGATGIDbn8I7h96hO4
JaQuw6g+YZTVVHQBiX5AQGPf1t1RLhz126wyzAHV2o4YclbZNN4moPO/P5pDf1lp
7xrc/0ywRAC0b54ZvU52Ft13vqHb6TYVYTiU3uUlzZmxzA2+B8a6s4EMVFsQrEq7
qCS7Ph/YC013aDj2KNWjAnsiHwBVGcPJ033TBBzHokwQe3AWTFmgf5PoCX5Z9leJ
vzLOj9NlCF7bb4kC+Y7uhXPicVP8QMvjDd9dW9pVJX7p8+HTio9roCzTOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPQBxt3K+tTgzM1y9a5Qfw7N9qgXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOUFIRzNjcjYxT0RNelhMMXJsQl9EczMycUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGrcoYdc9KKXlLIDPHi7
YW8scGpLEhKOp7tMehvfZY5GEtu2q2g5HQ0v5wm4yIXQ0KmXLvihQqa0f1llQM8U
vi4xyIYMr4Vos8stjmDO0enx+SFWoPt86bjuEU4aS4WuG5Du4kpQKeUNpSrnsv9X
nEK50umPcMsf2SEqhjaDQp6qYXoPJk20S0Md4S7b6PqmIfiA5Re19wWMDOhcAV5S
8wPEX44H0jD8NYGO6XgpEC03N+BYS7Qjkrb5EwfITpsKUlSMzJhFniwCKSPW7j8y
ViCdklS7APDiUQzBOpn0m063cDKWSQwEdVijwaZa83mkUGIqP21/+yNcTYOU8o/G
15M=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:10:50 2025 by rpki-client