Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/C7w_quf2JW7dM1jsRyCZyMpJUOQ.roa
File: C7w_quf2JW7dM1jsRyCZyMpJUOQ.roa (raw, json)
Hash identifier: xphxk5h75Jd+fWOoaKSecpj8TAcf7Qu17YlEJInT6+s=
Subject key identifier: 0B:BC:3F:AA:E7:F6:25:6E:DD:33:58:EC:47:20:99:C8:CA:49:50:E4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9D06CF7FF3F9D2C9395CEDA1E216E956
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/C7w_quf2JW7dM1jsRyCZyMpJUOQ.roa
Signing time: Sun 24 Dec 2023 18:11:58 +0000
ROA not before: Sun 24 Dec 2023 18:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9d:06:cf:7f:f3:f9:d2:c9:39:5c:ed:a1:e2:16:e9:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 18:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bbc3faae7f6256edd3358ec472099c8ca4950e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f9:fb:44:2a:5d:69:72:b0:ac:7a:18:84:01:
14:93:32:d8:8a:66:9f:1a:d0:99:d7:b8:df:56:83:
af:59:66:87:7e:07:fa:df:9e:d8:c2:e5:cb:68:80:
49:4c:51:09:9f:a5:0c:43:bb:30:f4:a1:6f:d5:45:
f4:70:c0:d6:35:8a:f8:f7:f5:c6:ff:7e:06:4c:09:
12:78:70:98:ba:dd:2e:26:3f:65:1c:9c:1f:bd:c2:
5d:f0:8d:a8:60:15:d0:3f:04:1c:e1:19:16:b1:74:
c0:fb:f6:23:87:36:f9:46:10:4c:33:cb:01:e5:eb:
81:16:9c:8d:fb:3b:23:ae:2e:ad:9b:c9:ac:52:28:
99:84:87:5a:c3:61:08:a9:39:32:14:0a:22:36:c2:
2e:be:b2:2b:ec:fe:7d:88:61:20:e9:c2:86:1f:f4:
2d:18:ea:90:0e:13:14:31:79:1b:b4:0f:e1:f4:8d:
85:b4:06:62:61:01:bd:98:42:ed:b4:07:12:18:1e:
d3:9a:a9:60:cf:2e:d1:5a:bc:08:63:ca:4f:f6:aa:
bc:93:e0:90:bb:fb:40:bc:ac:f6:73:2e:8f:d1:b2:
af:3c:b1:3b:16:44:58:b0:2d:69:81:84:8e:89:e5:
d4:cd:ee:12:d2:c9:1a:13:69:52:8a:d5:fb:4b:ec:
33:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BC:3F:AA:E7:F6:25:6E:DD:33:58:EC:47:20:99:C8:CA:49:50:E4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/C7w_quf2JW7dM1jsRyCZyMpJUOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:3b:e3:73:98:19:47:c6:72:91:95:8b:97:2f:98:de:8c:44:
4c:0d:d5:ef:71:ac:33:7a:21:f2:e5:f0:f4:dd:a6:fd:d1:c1:
fc:ee:6a:2e:bc:02:80:0e:37:e0:e0:49:b8:5b:ec:af:26:1d:
ae:22:52:83:9b:55:65:30:16:ff:59:04:38:fb:f3:ec:86:4d:
83:55:e3:4b:6e:09:9c:45:57:62:62:a7:07:52:ad:52:13:35:
66:31:6f:d0:4b:72:6e:ec:a9:48:3a:13:d2:b6:e7:c3:39:d1:
e5:93:5f:4f:db:e6:95:df:89:0b:d2:8b:91:66:fe:1a:cf:2c:
16:81:ad:e6:03:bf:cf:8c:07:3c:7b:c6:bf:4b:a7:b4:83:c2:
9a:91:ab:46:58:b1:8f:3a:f5:80:a4:ce:ff:c9:31:fc:92:58:
4a:18:68:84:0d:98:c3:b3:bc:35:d6:89:54:72:d1:84:3d:67:
66:e7:48:42:4d:93:86:5b:49:0f:73:2b:ce:3d:84:d2:87:c4:
c7:a7:b6:87:69:a7:a3:53:37:90:09:b1:da:0c:2b:0e:01:9f:
02:a9:e9:45:c9:28:83:32:3c:99:c2:17:74:bd:5b:e3:59:49:
e6:7f:70:d7:e3:5d:b1:cf:59:71:e1:88:21:4a:1d:4a:64:3a:
c6:38:c8:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYydBs9/8/nSyTlc7aHiFulWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTgxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJjM2ZhYWU3ZjYyNTZlZGQzMzU4ZWM0NzIwOTljOGNhNDk1MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvn7RCpdaXKwrHoYhAEUkzLYimaf
GtCZ17jfVoOvWWaHfgf6357YwuXLaIBJTFEJn6UMQ7sw9KFv1UX0cMDWNYr49/XG
/34GTAkSeHCYut0uJj9lHJwfvcJd8I2oYBXQPwQc4RkWsXTA+/Yjhzb5RhBMM8sB
5euBFpyN+zsjri6tm8msUiiZhIdaw2EIqTkyFAoiNsIuvrIr7P59iGEg6cKGH/Qt
GOqQDhMUMXkbtA/h9I2FtAZiYQG9mELttAcSGB7Tmqlgzy7RWrwIY8pP9qq8k+CQ
u/tAvKz2cy6P0bKvPLE7FkRYsC1pgYSOieXUze4S0skaE2lSitX7S+wz2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAu8P6rn9iVu3TNY7EcgmcjKSVDkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQzd3X3F1ZjJKVzdkTTFqc1J5Q1p5TXBKVU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADw743OYGUfGcpGVi5cv
mN6MREwN1e9xrDN6IfLl8PTdpv3Rwfzuai68AoAON+DgSbhb7K8mHa4iUoObVWUw
Fv9ZBDj78+yGTYNV40tuCZxFV2JipwdSrVITNWYxb9BLcm7sqUg6E9K258M50eWT
X0/b5pXfiQvSi5Fm/hrPLBaBreYDv8+MBzx7xr9Lp7SDwpqRq0ZYsY869YCkzv/J
MfySWEoYaIQNmMOzvDXWiVRy0YQ9Z2bnSEJNk4ZbSQ9zK849hNKHxMentodpp6NT
N5AJsdoMKw4BnwKp6UXJKIMyPJnCF3S9W+NZSeZ/cNfjXbHPWXHhiCFKHUpkOsY4
yOA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:58:27 2025 by rpki-client