Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DsX7ob3HJ4dYBPxeaL0VbDebyko.roa
File: DsX7ob3HJ4dYBPxeaL0VbDebyko.roa (raw, json)
Hash identifier: hOBzBWq2lFN2pEW3YRYLrMIcsMY3mkNtwu6PmDNqQ+U=
Subject key identifier: 0E:C5:FB:A1:BD:C7:27:87:58:04:FC:5E:68:BD:15:6C:37:9B:CA:4A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CED10F5F3DEEFCB9EDC04E7DFD71224BD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DsX7ob3HJ4dYBPxeaL0VbDebyko.roa
Signing time: Tue 09 Jan 2024 07:12:40 +0000
ROA not before: Tue 09 Jan 2024 07:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:10:f5:f3:de:ef:cb:9e:dc:04:e7:df:d7:12:24:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 07:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ec5fba1bdc727875804fc5e68bd156c379bca4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:53:d3:79:97:96:19:d2:95:82:1c:29:9f:49:
69:4f:f6:e8:b9:4b:23:05:d6:ca:f2:50:b8:0a:03:
c9:1d:be:1f:8c:a2:e0:26:e6:01:28:a1:67:cf:55:
2f:40:a1:2a:0c:4f:9f:22:da:f9:2b:3c:76:0d:a3:
82:15:12:29:2d:f8:fb:5c:83:fd:f2:f0:eb:77:66:
96:97:81:35:21:5e:2f:bd:c4:c2:76:ea:7c:58:93:
ba:dd:da:82:3f:9c:45:0b:a2:07:76:b7:15:8f:84:
11:8b:73:75:c4:44:88:12:3a:a1:c9:43:d4:5d:85:
0d:6b:28:b0:e2:ed:0a:4a:74:ef:1d:92:23:43:31:
f5:ed:44:c4:10:b2:bd:b4:7e:a8:7e:70:bd:35:bf:
09:43:e0:44:0d:10:0b:7b:1d:28:4c:68:10:bd:2e:
03:32:2a:8b:31:89:74:31:47:14:ab:ab:9f:1d:04:
8a:29:d9:5c:2d:2a:04:0e:47:44:6f:c6:c1:18:37:
d2:06:39:f8:19:cd:b2:65:8a:cf:3c:fb:1d:da:04:
dd:47:38:d0:f8:f6:e8:45:fb:0c:5e:40:25:29:09:
d6:1c:10:9d:b6:af:2b:86:7c:50:9a:3e:25:d2:2e:
2e:b3:c9:f7:ec:a6:55:cc:01:7b:a0:30:1d:26:20:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C5:FB:A1:BD:C7:27:87:58:04:FC:5E:68:BD:15:6C:37:9B:CA:4A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DsX7ob3HJ4dYBPxeaL0VbDebyko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:ba:93:87:d7:31:83:dc:8a:8b:4d:83:f9:dd:29:24:e5:b6:
bc:28:34:3b:2d:ec:33:7e:56:b7:4b:b5:93:4a:cf:20:33:f0:
48:20:89:39:45:46:51:c2:cc:ac:9a:6d:aa:f4:78:5f:ef:35:
9a:cd:cc:0d:39:36:c7:2c:c5:91:d0:4b:38:53:fe:53:62:1d:
bf:ca:79:f3:e4:ab:b2:20:ee:45:c5:6e:7f:ef:65:31:48:4b:
51:eb:db:5f:27:1b:9e:99:e0:74:1e:fd:55:e9:46:5c:3a:b3:
b4:00:f3:e1:6c:87:87:81:0c:62:ce:a9:36:a9:3b:b5:79:af:
74:db:0a:c8:fa:f4:43:20:4b:35:a2:ef:fc:22:c8:e1:5b:a4:
54:e4:92:ff:dd:95:7b:0f:2e:d0:44:41:af:ba:f6:e3:a1:b8:
4c:26:bb:28:85:a6:43:bf:8a:d0:2d:97:75:29:95:38:31:6d:
95:ed:f4:65:b0:76:d1:7b:b9:54:01:e3:22:73:0d:59:9d:36:
2c:0c:3c:48:06:52:38:0a:4f:2d:ec:b7:7b:4c:2b:06:5e:13:
c7:54:33:3d:79:88:a8:4b:c1:31:3c:4d:9c:97:06:1c:27:cc:
9c:6a:5f:fa:7c:f2:ec:cb:75:a4:c4:84:a5:b0:3e:5c:dc:65:
9f:a3:84:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYztEPXz3u/LntwE59/XEiS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MDcxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWM1ZmJhMWJkYzcyNzg3NTgwNGZjNWU2OGJkMTU2YzM3OWJjYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFPTeZeWGdKVghwpn0lpT/bouUsj
BdbK8lC4CgPJHb4fjKLgJuYBKKFnz1UvQKEqDE+fItr5Kzx2DaOCFRIpLfj7XIP9
8vDrd2aWl4E1IV4vvcTCdup8WJO63dqCP5xFC6IHdrcVj4QRi3N1xESIEjqhyUPU
XYUNayiw4u0KSnTvHZIjQzH17UTEELK9tH6ofnC9Nb8JQ+BEDRALex0oTGgQvS4D
MiqLMYl0MUcUq6ufHQSKKdlcLSoEDkdEb8bBGDfSBjn4Gc2yZYrPPPsd2gTdRzjQ
+PboRfsMXkAlKQnWHBCdtq8rhnxQmj4l0i4us8n37KZVzAF7oDAdJiBlEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA7F+6G9xyeHWAT8Xmi9FWw3m8pKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRHNYN29iM0hKNGRZQlB4ZWFMMFZiRGVieWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHK6k4fXMYPciotNg/nd
KSTltrwoNDst7DN+VrdLtZNKzyAz8EggiTlFRlHCzKyabar0eF/vNZrNzA05Nscs
xZHQSzhT/lNiHb/KefPkq7Ig7kXFbn/vZTFIS1Hr218nG56Z4HQe/VXpRlw6s7QA
8+Fsh4eBDGLOqTapO7V5r3TbCsj69EMgSzWi7/wiyOFbpFTkkv/dlXsPLtBEQa+6
9uOhuEwmuyiFpkO/itAtl3UplTgxbZXt9GWwdtF7uVQB4yJzDVmdNiwMPEgGUjgK
Ty3st3tMKwZeE8dUMz15iKhLwTE8TZyXBhwnzJxqX/p88uzLdaTEhKWwPlzcZZ+j
hL8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:52:01 2025 by rpki-client