Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FgDZ0r8nw7xtw1HXTieKVfvtoyM.roa
File: FgDZ0r8nw7xtw1HXTieKVfvtoyM.roa (raw, json)
Hash identifier: ntoW0xj8vfdRB7WKZDkBot1ssyDFKsjzLz0DZ1b+GP4=
Subject key identifier: 16:00:D9:D2:BF:27:C3:BC:6D:C3:51:D7:4E:27:8A:55:FB:ED:A3:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBAA36081C73795ED593A0AF5E4414A0F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FgDZ0r8nw7xtw1HXTieKVfvtoyM.roa
Signing time: Sat 30 Dec 2023 12:11:58 +0000
ROA not before: Sat 30 Dec 2023 12:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:a3:60:81:c7:37:95:ed:59:3a:0a:f5:e4:41:4a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 12:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1600d9d2bf27c3bc6dc351d74e278a55fbeda323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:67:14:ee:3f:24:b3:57:95:eb:61:cc:bb:f0:
b3:f6:94:ee:0d:0b:e6:ff:5b:af:9a:fd:ab:c4:7f:
9f:4c:dd:ca:a7:9a:95:1f:a7:d2:49:7a:4d:82:81:
fc:be:42:52:c4:b1:0a:2c:af:3f:87:7e:08:3e:8b:
a4:69:1f:76:80:dc:00:8a:81:b5:9c:15:49:13:8a:
25:8d:d4:47:54:0d:be:11:8b:9a:e0:04:ff:07:b2:
1d:85:9c:de:b0:dc:98:5e:bb:6b:30:ff:e6:75:17:
6f:5b:a7:6d:ec:2e:24:2a:28:f2:fd:41:60:8c:96:
cd:fe:d3:3c:8e:7a:55:e9:a2:c7:da:86:30:55:fb:
c5:61:86:ea:b4:80:04:8d:44:05:39:c4:a4:18:08:
9d:7d:5b:2f:60:fa:50:77:d8:62:ee:ee:99:ee:b6:
09:c7:15:62:f8:68:97:b9:c2:fb:4a:a3:95:6e:d6:
9b:ae:3a:2f:22:00:5c:2b:de:4f:4f:f7:a2:8e:f8:
8e:66:15:bb:4d:5c:28:9f:32:0b:5b:65:3b:83:9b:
7b:4e:75:5a:90:73:5c:84:24:50:1a:2b:00:3a:6f:
d7:19:ed:80:c8:0d:ad:c4:a5:03:57:7c:25:c0:29:
35:f7:3b:18:89:c7:d5:c1:e1:52:c2:3a:a9:77:1e:
d7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:00:D9:D2:BF:27:C3:BC:6D:C3:51:D7:4E:27:8A:55:FB:ED:A3:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FgDZ0r8nw7xtw1HXTieKVfvtoyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:2a:67:df:02:d7:72:c6:66:c2:6d:d6:7b:5b:5c:46:0e:60:
1b:bc:23:67:86:0c:df:8c:d3:5f:c5:c4:88:ea:35:37:c7:75:
93:40:e5:94:66:b5:2b:81:72:aa:20:4b:16:d3:ac:11:84:57:
0b:fd:03:b5:42:a7:d0:c4:46:d7:42:a2:45:1a:f2:7c:0b:a3:
48:64:53:43:85:05:88:e1:24:a9:1f:6e:e1:88:b1:87:6d:74:
fd:42:ea:5e:d5:d4:35:2b:83:25:4a:ca:ea:73:5f:eb:b3:ca:
1a:db:a3:c8:e5:1e:ae:02:46:32:f1:92:d3:90:7e:8c:15:29:
fd:0a:87:a6:d2:10:5d:c7:3c:ba:42:c9:f3:8e:88:92:82:ac:
8d:51:04:a4:a8:68:9a:66:d6:25:99:23:68:d6:4f:c5:b6:7a:
95:ed:59:b7:94:c0:81:02:b8:6e:08:ab:de:53:b9:c3:67:9a:
94:59:d0:7f:0a:02:83:a9:a2:6c:e0:81:10:e8:58:c3:48:5f:
0f:77:ea:31:a5:f7:b0:17:5d:b3:91:e9:21:74:fe:45:97:9c:
07:8b:89:d8:8a:1e:6d:ae:9f:3d:fb:53:7a:66:32:cc:69:8b:
ac:d7:2c:a1:55:f6:6a:2d:b5:c5:89:f3:94:24:72:3e:1f:3a:
c5:ce:9b:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy6o2CBxzeV7Vk6CvXkQUoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMTIxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjAwZDlkMmJmMjdjM2JjNmRjMzUxZDc0ZTI3OGE1NWZiZWRhMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimcU7j8ks1eV62HMu/Cz9pTuDQvm
/1uvmv2rxH+fTN3Kp5qVH6fSSXpNgoH8vkJSxLEKLK8/h34IPoukaR92gNwAioG1
nBVJE4oljdRHVA2+EYua4AT/B7IdhZzesNyYXrtrMP/mdRdvW6dt7C4kKijy/UFg
jJbN/tM8jnpV6aLH2oYwVfvFYYbqtIAEjUQFOcSkGAidfVsvYPpQd9hi7u6Z7rYJ
xxVi+GiXucL7SqOVbtabrjovIgBcK95PT/eijviOZhW7TVwonzILW2U7g5t7TnVa
kHNchCRQGisAOm/XGe2AyA2txKUDV3wlwCk19zsYicfVweFSwjqpdx7XEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBYA2dK/J8O8bcNR104nilX77aMjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRmdEWjByOG53N3h0dzFIWFRpZUtWZnZ0b3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADQqZ98C13LGZsJt1ntb
XEYOYBu8I2eGDN+M01/FxIjqNTfHdZNA5ZRmtSuBcqogSxbTrBGEVwv9A7VCp9DE
RtdCokUa8nwLo0hkU0OFBYjhJKkfbuGIsYdtdP1C6l7V1DUrgyVKyupzX+uzyhrb
o8jlHq4CRjLxktOQfowVKf0Kh6bSEF3HPLpCyfOOiJKCrI1RBKSoaJpm1iWZI2jW
T8W2epXtWbeUwIECuG4Iq95TucNnmpRZ0H8KAoOpomzggRDoWMNIXw936jGl97AX
XbOR6SF0/kWXnAeLidiKHm2unz37U3pmMsxpi6zXLKFV9mottcWJ85Qkcj4fOsXO
m34=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:49:52 2025 by rpki-client