Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CdVfdA5xcRPo8MmcuMFRkTR8Be8.roa
File: CdVfdA5xcRPo8MmcuMFRkTR8Be8.roa (raw, json)
Hash identifier: Vl4Ngvda8Tnx5BB0jI+I7wUeCeDNs0vYrqjmtQC/N1g=
Subject key identifier: 09:D5:5F:74:0E:71:71:13:E8:F0:C9:9C:B8:C1:51:91:34:7C:05:EF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD01B216A56ACFE8673D28A723DD9CC9B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CdVfdA5xcRPo8MmcuMFRkTR8Be8.roa
Signing time: Wed 03 Jan 2024 16:14:48 +0000
ROA not before: Wed 03 Jan 2024 16:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:1b:21:6a:56:ac:fe:86:73:d2:8a:72:3d:d9:cc:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 16:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09d55f740e717113e8f0c99cb8c15191347c05ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:6c:3f:d1:86:8a:32:d1:e2:84:a7:da:ea:4c:
81:d7:0f:38:26:31:20:e6:35:93:13:26:37:aa:31:
5e:f3:bb:3f:41:94:8c:73:2b:7c:18:2e:1f:07:be:
5a:a2:cc:59:68:1a:86:0f:0e:cb:90:93:eb:4a:5a:
b4:7a:82:15:91:ac:d5:23:aa:29:99:35:80:a6:49:
d6:d3:e5:8e:3f:d6:3e:3f:5b:4f:3c:ba:f4:24:d3:
e6:67:40:b1:ec:e6:c8:b9:a5:50:a8:04:6b:6e:15:
88:6f:74:e4:ff:75:1e:64:f1:1c:88:05:f7:45:99:
75:42:6a:83:59:84:c4:a9:fe:d2:f0:61:03:d6:68:
91:d6:8c:b5:1e:7a:d4:be:00:18:be:b9:53:99:37:
e8:f7:ac:3f:27:bb:74:11:58:15:80:13:46:fa:62:
60:cd:a3:63:58:7c:22:cf:4b:42:89:ec:a2:e2:f6:
f0:91:6a:05:1b:56:6b:45:d3:44:59:d6:09:e3:85:
b8:1f:df:6e:af:e4:58:45:50:19:49:8a:68:55:ec:
dc:1c:6d:18:69:39:9a:a9:bf:01:7b:52:92:ac:78:
d5:46:af:ca:ba:0c:aa:53:50:32:b4:f1:9a:73:37:
41:2b:c0:af:c7:cb:06:76:5d:a7:37:0a:6a:5e:75:
94:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D5:5F:74:0E:71:71:13:E8:F0:C9:9C:B8:C1:51:91:34:7C:05:EF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CdVfdA5xcRPo8MmcuMFRkTR8Be8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:9e:99:80:d5:8b:0f:a3:e2:6b:21:9b:8b:24:4c:1f:24:e1:
3b:e5:c4:99:3c:27:46:f3:48:ca:98:fb:51:48:63:7f:ba:64:
d8:12:04:78:a6:ed:bc:aa:76:a5:5a:1e:04:6c:a7:3b:e8:a0:
fc:e1:7e:68:32:a8:14:7f:c1:7c:7c:02:c2:d5:21:37:9f:ec:
3d:fa:6e:5a:24:c8:de:b0:cf:41:36:c1:92:3c:4f:ad:65:d5:
83:a2:b6:4c:29:b6:59:c5:ba:20:a0:47:2b:43:bb:46:51:22:
26:3d:61:4e:67:df:ce:c2:8e:7e:23:0a:c0:10:c9:42:3d:a6:
f6:03:73:64:34:88:e4:23:52:ac:8d:2b:f2:1f:2c:f3:59:5e:
fd:b3:c9:e8:aa:30:cc:d2:f8:b0:dc:e3:01:3e:5b:8f:5f:c1:
75:8f:68:38:8f:6e:e5:8d:9e:fb:c7:ea:f3:f1:dd:76:f0:4f:
76:40:92:a7:31:5f:b4:14:5c:4d:26:15:e5:95:be:be:19:d4:
e4:85:10:55:0d:38:66:01:3f:3c:c6:86:f2:49:e1:ae:21:de:
c8:4a:e8:96:9b:1e:f7:2a:a9:01:42:dd:ab:2d:df:c1:dc:1e:
ae:6f:9c:a2:c9:f6:ea:15:e5:c1:65:33:f8:b8:f3:6f:ba:34:
43:7a:c5:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzQGyFqVqz+hnPSinI92cybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMTYxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ1NWY3NDBlNzE3MTEzZThmMGM5OWNiOGMxNTE5MTM0N2MwNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62w/0YaKMtHihKfa6kyB1w84JjEg
5jWTEyY3qjFe87s/QZSMcyt8GC4fB75aosxZaBqGDw7LkJPrSlq0eoIVkazVI6op
mTWApknW0+WOP9Y+P1tPPLr0JNPmZ0Cx7ObIuaVQqARrbhWIb3Tk/3UeZPEciAX3
RZl1QmqDWYTEqf7S8GED1miR1oy1HnrUvgAYvrlTmTfo96w/J7t0EVgVgBNG+mJg
zaNjWHwiz0tCieyi4vbwkWoFG1ZrRdNEWdYJ44W4H99ur+RYRVAZSYpoVezcHG0Y
aTmaqb8Be1KSrHjVRq/KugyqU1AytPGaczdBK8Cvx8sGdl2nNwpqXnWUiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAnVX3QOcXET6PDJnLjBUZE0fAXvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ2RWZmRBNXhjUlBvOE1tY3VNRlJrVFI4QmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFCemYDViw+j4mshm4sk
TB8k4TvlxJk8J0bzSMqY+1FIY3+6ZNgSBHim7byqdqVaHgRspzvooPzhfmgyqBR/
wXx8AsLVITef7D36blokyN6wz0E2wZI8T61l1YOitkwptlnFuiCgRytDu0ZRIiY9
YU5n387Cjn4jCsAQyUI9pvYDc2Q0iOQjUqyNK/IfLPNZXv2zyeiqMMzS+LDc4wE+
W49fwXWPaDiPbuWNnvvH6vPx3XbwT3ZAkqcxX7QUXE0mFeWVvr4Z1OSFEFUNOGYB
PzzGhvJJ4a4h3shK6JabHvcqqQFC3ast38HcHq5vnKLJ9uoV5cFlM/i482+6NEN6
xU0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:43 2025 by rpki-client