Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ce7buqe0Zfk9T9lLMpjmUvQ_wqo.roa
File: Ce7buqe0Zfk9T9lLMpjmUvQ_wqo.roa (raw, json)
Hash identifier: pu6WE+Es9Bw8KK8O0ttfULrmbCCvjk/LEBZq025eJcQ=
Subject key identifier: 09:EE:DB:BA:A7:B4:65:F9:3D:4F:D9:4B:32:98:E6:52:F4:3F:C2:AA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D3072E13D0DF84E4895C231D22C994CDC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ce7buqe0Zfk9T9lLMpjmUvQ_wqo.roa
Signing time: Mon 22 Jan 2024 09:14:11 +0000
ROA not before: Mon 22 Jan 2024 09:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:72:e1:3d:0d:f8:4e:48:95:c2:31:d2:2c:99:4c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 22 09:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09eedbbaa7b465f93d4fd94b3298e652f43fc2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fc:0c:26:0e:b5:da:04:df:db:97:6b:ae:73:
57:fe:e1:81:8a:6b:40:93:63:db:86:39:4c:ac:e1:
c4:af:62:44:83:24:f4:96:ff:91:0a:fe:f4:0b:28:
03:0e:84:68:cd:68:28:e7:13:44:15:1b:97:f5:7f:
75:1c:24:24:d5:f1:95:56:ed:bd:af:6e:e1:5c:29:
27:33:17:90:93:4b:53:a5:1d:e7:77:99:5f:ab:9c:
bd:69:50:fe:8f:d3:12:41:7f:e6:52:5b:66:d2:58:
3b:cc:ae:c5:71:54:8c:0d:f6:7a:21:9f:d8:40:71:
ea:70:a4:8c:ac:59:e3:b6:52:7c:ef:26:dc:a8:b3:
b6:58:aa:64:20:5b:55:f1:1f:e2:cc:2e:e8:c0:27:
00:f6:f4:a1:38:b3:79:67:da:bc:34:f1:88:d5:59:
f2:13:c8:6d:99:8f:00:33:59:f7:1f:9c:ed:84:cd:
3d:47:4a:64:72:ee:3e:e7:95:c5:81:6e:0f:da:41:
f8:b2:06:02:12:d7:96:38:d2:7d:3b:62:fb:d8:2a:
72:aa:d0:6d:4a:bf:48:2d:2d:8c:ce:b0:86:b7:89:
c6:58:be:c7:a5:20:f0:45:e8:87:ec:e3:da:e5:3b:
44:d6:e6:ea:e0:c5:17:fc:65:ff:ce:3b:e7:b7:9a:
fb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EE:DB:BA:A7:B4:65:F9:3D:4F:D9:4B:32:98:E6:52:F4:3F:C2:AA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ce7buqe0Zfk9T9lLMpjmUvQ_wqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:ab:3e:3b:81:80:36:3e:eb:c4:3f:bd:8d:53:66:51:67:d8:
ee:be:40:33:69:a7:13:0d:5e:f3:e0:dc:32:cc:62:aa:e7:23:
6b:6c:2f:64:8e:aa:1d:bc:37:0a:39:ae:88:da:d2:f7:73:e3:
00:18:54:37:ba:2d:17:eb:d9:46:18:6f:e7:8e:9a:fe:14:f0:
db:dc:87:60:53:1f:09:2e:4c:07:8c:b5:c0:3e:58:65:f3:9f:
6d:9e:31:b7:6f:b9:37:6e:f8:68:4b:1c:c4:95:80:e8:5a:1f:
2a:56:df:ce:16:f3:6f:ac:a0:fc:16:6e:9a:ce:b0:95:a8:33:
7b:45:c1:ac:06:db:c1:6e:67:ac:1c:52:a0:98:81:7f:09:99:
08:be:c5:02:aa:a7:94:58:e5:df:53:78:54:95:c1:67:0c:03:
12:b4:bd:21:c5:f0:db:2d:f5:d1:66:65:28:6a:8f:0a:bf:c4:
4b:2d:dc:71:1d:68:15:89:13:ab:db:a6:28:02:27:42:be:19:
6f:b2:fd:d8:9c:20:87:ef:88:75:02:6c:14:24:bd:eb:c7:56:
08:5f:63:6b:28:ea:e7:53:cc:d3:ae:0e:c7:c5:e6:8b:f6:c2:
ee:56:f0:73:83:39:23:b4:5d:f1:83:2c:c7:f3:93:a4:bd:02:
8a:d5:38:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0wcuE9DfhOSJXCMdIsmUzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIyMDkxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVlZGJiYWE3YjQ2NWY5M2Q0ZmQ5NGIzMjk4ZTY1MmY0M2ZjMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPwMJg612gTf25drrnNX/uGBimtA
k2PbhjlMrOHEr2JEgyT0lv+RCv70CygDDoRozWgo5xNEFRuX9X91HCQk1fGVVu29
r27hXCknMxeQk0tTpR3nd5lfq5y9aVD+j9MSQX/mUltm0lg7zK7FcVSMDfZ6IZ/Y
QHHqcKSMrFnjtlJ87ybcqLO2WKpkIFtV8R/izC7owCcA9vShOLN5Z9q8NPGI1Vny
E8htmY8AM1n3H5zthM09R0pkcu4+55XFgW4P2kH4sgYCEteWONJ9O2L72CpyqtBt
Sr9ILS2MzrCGt4nGWL7HpSDwReiH7OPa5TtE1ubq4MUX/GX/zjvnt5r7dwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAnu27qntGX5PU/ZSzKY5lL0P8KqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ2U3YnVxZTBaZms5VDlsTE1wam1VdlFfd3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACerPjuBgDY+68Q/vY1T
ZlFn2O6+QDNppxMNXvPg3DLMYqrnI2tsL2SOqh28Nwo5roja0vdz4wAYVDe6LRfr
2UYYb+eOmv4U8Nvch2BTHwkuTAeMtcA+WGXzn22eMbdvuTdu+GhLHMSVgOhaHypW
384W82+soPwWbprOsJWoM3tFwawG28FuZ6wcUqCYgX8JmQi+xQKqp5RY5d9TeFSV
wWcMAxK0vSHF8Nst9dFmZShqjwq/xEst3HEdaBWJE6vbpigCJ0K+GW+y/dicIIfv
iHUCbBQkvevHVghfY2so6udTzNOuDsfF5ov2wu5W8HODOSO0XfGDLMfzk6S9AorV
OF4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:59:23 2025 by rpki-client