Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/A9bdCWnhHnBPGpdZd9fo0TtJhK8.roa
File: A9bdCWnhHnBPGpdZd9fo0TtJhK8.roa (raw, json)
Hash identifier: tknbudYjwalxq4fU7asw9Er6KKh3XTcxDewlW430QV8=
Subject key identifier: 03:D6:DD:09:69:E1:1E:70:4F:1A:97:59:77:D7:E8:D1:3B:49:84:AF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDFFCFD78C38FC6334FDAFCADDDEA0081
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/A9bdCWnhHnBPGpdZd9fo0TtJhK8.roa
Signing time: Sat 06 Jan 2024 18:15:48 +0000
ROA not before: Sat 06 Jan 2024 18:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:df:fc:fd:78:c3:8f:c6:33:4f:da:fc:ad:dd:ea:00:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 6 18:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03d6dd0969e11e704f1a975977d7e8d13b4984af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:15:85:48:85:e4:1c:25:40:b3:f2:9e:c6:32:
cc:13:b7:2d:57:d2:bc:7f:87:f3:ad:95:ec:1c:21:
92:90:73:a6:47:2c:fa:90:be:8b:1e:21:00:be:e9:
0c:11:ef:a6:52:9b:b9:53:3c:7c:8d:f3:10:55:eb:
56:df:38:9e:49:94:be:14:57:d8:3f:53:1e:8d:b5:
ee:6c:7e:35:2f:f7:9a:1e:d4:0b:1f:ff:97:e2:1e:
bd:37:f6:a6:7c:d3:eb:64:09:74:82:8e:03:b1:62:
09:23:42:67:c0:de:e6:bc:19:a6:b5:72:ff:ec:53:
0c:b8:7a:5b:a0:fa:a0:f4:a3:57:d6:d7:28:f3:d8:
f1:6a:3f:e7:ef:2a:c3:78:6c:c5:51:0a:9c:c9:6d:
d9:68:64:ec:a7:76:24:e9:64:20:da:65:28:5d:36:
c4:b8:27:37:b2:49:dc:fe:03:8b:a5:77:6f:17:22:
23:58:fa:e2:f2:38:16:d9:ab:7b:e2:85:30:37:58:
75:21:4c:4b:8d:49:bb:a2:01:3c:f6:5d:8b:d0:61:
8f:56:a9:a0:d0:b5:dd:05:b5:0b:1f:17:13:0b:2c:
92:e4:39:32:98:ff:a0:b4:61:36:75:32:b2:ef:8a:
ed:32:79:8d:0d:11:ba:f5:d6:ff:e0:d9:c6:e8:b4:
ae:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D6:DD:09:69:E1:1E:70:4F:1A:97:59:77:D7:E8:D1:3B:49:84:AF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/A9bdCWnhHnBPGpdZd9fo0TtJhK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:a4:51:d3:9c:dc:89:f1:65:5b:fa:1a:02:91:23:64:18:13:
d2:4f:52:ed:04:33:84:38:d9:22:54:93:ff:f1:98:c4:09:76:
ba:25:49:2b:43:e8:ef:70:89:8e:fb:5e:38:2b:cd:20:c9:97:
d3:b6:aa:6c:79:73:59:a7:e7:2f:6a:f9:9c:ad:43:19:fd:0a:
e5:11:a8:cf:01:7d:99:b5:b8:64:15:61:2c:39:fa:a0:42:77:
63:63:5b:c7:79:fa:a6:fa:ca:29:df:94:13:19:0a:f6:cd:2b:
7b:6c:06:69:4b:c1:ba:f1:41:44:f8:2a:29:3d:e4:22:21:c7:
d9:ab:2b:a3:a0:8c:45:97:2c:38:0a:b6:86:90:42:87:d3:38:
a7:2a:26:11:f1:0b:95:a5:27:03:a2:8e:c2:0e:56:68:9e:69:
eb:64:15:37:c6:e1:02:89:b7:05:1c:8c:94:2e:31:a6:73:fc:
28:c3:6d:d5:93:7d:e5:7b:8f:e1:61:31:c1:6b:69:cb:0d:3b:
01:7f:f9:34:d7:3c:05:9f:b2:12:71:94:fd:b9:aa:06:c5:4c:
e3:63:b6:7b:c9:bd:3d:b3:f8:2a:5f:76:d5:eb:d7:70:be:47:
98:64:27:39:ab:d4:70:5e:f6:fc:7e:97:87:4b:66:5d:d5:cb:
87:00:be:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzf/P14w4/GM0/a/K3d6gCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA2MTgxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q2ZGQwOTY5ZTExZTcwNGYxYTk3NTk3N2Q3ZThkMTNiNDk4NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhWFSIXkHCVAs/KexjLME7ctV9K8
f4fzrZXsHCGSkHOmRyz6kL6LHiEAvukMEe+mUpu5Uzx8jfMQVetW3zieSZS+FFfY
P1MejbXubH41L/eaHtQLH/+X4h69N/amfNPrZAl0go4DsWIJI0JnwN7mvBmmtXL/
7FMMuHpboPqg9KNX1tco89jxaj/n7yrDeGzFUQqcyW3ZaGTsp3Yk6WQg2mUoXTbE
uCc3sknc/gOLpXdvFyIjWPri8jgW2at74oUwN1h1IUxLjUm7ogE89l2L0GGPVqmg
0LXdBbULHxcTCyyS5DkymP+gtGE2dTKy74rtMnmNDRG69db/4NnG6LSuRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAPW3Qlp4R5wTxqXWXfX6NE7SYSvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQTliZENXbmhIbkJQR3BkWmQ5Zm8wVHRKaEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB6kUdOc3InxZVv6GgKR
I2QYE9JPUu0EM4Q42SJUk//xmMQJdrolSStD6O9wiY77XjgrzSDJl9O2qmx5c1mn
5y9q+ZytQxn9CuURqM8BfZm1uGQVYSw5+qBCd2NjW8d5+qb6yinflBMZCvbNK3ts
BmlLwbrxQUT4Kik95CIhx9mrK6OgjEWXLDgKtoaQQofTOKcqJhHxC5WlJwOijsIO
VmieaetkFTfG4QKJtwUcjJQuMaZz/CjDbdWTfeV7j+FhMcFracsNOwF/+TTXPAWf
shJxlP25qgbFTONjtnvJvT2z+CpfdtXr13C+R5hkJzmr1HBe9vx+l4dLZl3Vy4cA
vnI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:05:15 2025 by rpki-client