Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Idekk4ACl7mBNnY8Iv0yd5I6Tos.roa
File: Idekk4ACl7mBNnY8Iv0yd5I6Tos.roa (raw, json)
Hash identifier: CwvjFbyZgu/MU9Ce0+njDUm6ge/KBK7hFJCZDbhUozg=
Subject key identifier: 21:D7:A4:93:80:02:97:B9:81:36:76:3C:22:FD:32:77:92:3A:4E:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DAFE030E96CA9D2803C2DE484C3A7251F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Idekk4ACl7mBNnY8Iv0yd5I6Tos.roa
Signing time: Fri 16 Feb 2024 03:05:21 +0000
ROA not before: Fri 16 Feb 2024 03:05:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:afdf:7cdd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:af:e0:30:e9:6c:a9:d2:80:3c:2d:e4:84:c3:a7:25:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 03:05:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21d7a493800297b98136763c22fd3277923a4e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:29:4e:67:dc:3c:e7:7f:dc:64:1c:d1:28:
65:b5:e2:97:d6:26:7a:a6:d0:41:7e:4b:d0:2d:b6:
15:b5:3a:91:b8:19:8f:97:8f:c2:74:23:57:73:30:
90:e6:51:da:a6:75:f4:9e:83:58:b5:67:e9:6c:eb:
94:30:5c:89:d8:2c:d0:ad:d9:1a:4a:a5:91:35:ed:
db:4b:9c:4e:9d:16:ae:3f:06:d1:b8:0b:6a:66:d6:
1b:94:cb:91:5f:4f:36:10:0e:c1:02:1e:46:4b:a7:
77:35:99:1f:79:71:33:5f:98:ff:c0:87:2c:42:d3:
b5:c6:36:83:df:e5:d7:a2:9d:25:73:0f:d4:20:ce:
9e:01:0b:e3:b0:02:76:3d:58:6f:0b:26:21:24:46:
5e:67:8b:7e:31:ef:26:ac:8f:99:8f:99:96:8b:7a:
05:8c:b0:83:c5:c6:60:d6:c3:01:ef:48:a1:35:96:
ae:d2:8a:b7:c8:fc:6a:5a:9e:da:ec:eb:16:bf:e7:
16:ad:4a:07:9b:22:2b:e0:72:07:e1:e8:b8:6f:6c:
40:0d:cd:11:58:3d:5d:91:7d:cf:ad:4e:11:f0:a6:
18:be:0b:15:a9:c5:46:1e:c4:29:9d:80:bb:2d:74:
91:e5:2d:2d:2e:8d:36:47:02:d4:c7:54:5d:2d:eb:
08:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D7:A4:93:80:02:97:B9:81:36:76:3C:22:FD:32:77:92:3A:4E:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Idekk4ACl7mBNnY8Iv0yd5I6Tos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:3d:53:8e:23:a3:6b:af:df:f7:e8:65:1e:df:e5:83:85:5d:
4b:20:b1:c2:3a:71:75:20:13:e7:bf:a7:4b:7f:5c:f2:a6:a0:
3a:4a:75:6f:46:54:15:d3:b2:5a:77:e7:3d:e8:e9:c5:b4:26:
34:30:af:c0:8f:6d:20:a6:98:fe:c8:c6:cf:79:26:d3:46:ab:
f8:91:40:9a:87:51:7f:0a:49:d4:44:00:62:d9:03:64:5b:ad:
b8:c0:c6:fc:67:9e:a9:e3:6b:60:5e:94:88:87:99:8c:cd:73:
b3:b2:92:a5:cf:bd:c9:3d:06:4c:3c:df:e7:3f:da:a9:ec:33:
26:91:89:8f:7e:e2:22:97:7b:96:0e:75:42:b3:ac:1f:2f:fc:
ea:35:b6:0c:d3:42:dc:b6:d8:45:c9:a7:bc:38:c0:3f:98:62:
08:b8:6e:91:c4:de:60:19:13:d3:d2:7d:23:40:39:9a:39:22:
00:6a:01:a5:6c:3e:32:7b:4a:01:40:3e:57:bd:9e:92:70:ce:
36:cf:47:56:d6:87:58:4c:d2:7c:74:9a:24:51:ff:9d:3e:f2:
d6:25:6a:55:85:22:4b:9e:78:91:3e:80:ab:40:8a:fd:ba:2f:
35:eb:e3:82:eb:7e:3a:39:5a:48:1d:81:10:a4:19:10:16:8e:
9c:fd:a0:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2v4DDpbKnSgDwt5ITDpyUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MDMwNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ3YTQ5MzgwMDI5N2I5ODEzNjc2M2MyMmZkMzI3NzkyM2E0ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaUpTmfcPOd/3GQc0ShlteKX1iZ6
ptBBfkvQLbYVtTqRuBmPl4/CdCNXczCQ5lHapnX0noNYtWfpbOuUMFyJ2CzQrdka
SqWRNe3bS5xOnRauPwbRuAtqZtYblMuRX082EA7BAh5GS6d3NZkfeXEzX5j/wIcs
QtO1xjaD3+XXop0lcw/UIM6eAQvjsAJ2PVhvCyYhJEZeZ4t+Me8mrI+Zj5mWi3oF
jLCDxcZg1sMB70ihNZau0oq3yPxqWp7a7OsWv+cWrUoHmyIr4HIH4ei4b2xADc0R
WD1dkX3PrU4R8KYYvgsVqcVGHsQpnYC7LXSR5S0tLo02RwLUx1RdLesI0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCHXpJOAApe5gTZ2PCL9MneSOk6LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSWRla2s0QUNsN21CTm5ZOEl2MHlkNUk2VG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADQ9U44jo2uv3/foZR7f
5YOFXUsgscI6cXUgE+e/p0t/XPKmoDpKdW9GVBXTslp35z3o6cW0JjQwr8CPbSCm
mP7Ixs95JtNGq/iRQJqHUX8KSdREAGLZA2RbrbjAxvxnnqnja2BelIiHmYzNc7Oy
kqXPvck9Bkw83+c/2qnsMyaRiY9+4iKXe5YOdUKzrB8v/Oo1tgzTQty22EXJp7w4
wD+YYgi4bpHE3mAZE9PSfSNAOZo5IgBqAaVsPjJ7SgFAPle9npJwzjbPR1bWh1hM
0nx0miRR/50+8tYlalWFIkueeJE+gKtAiv26LzXr44Lrfjo5WkgdgRCkGRAWjpz9
oOc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:55:11 2025 by rpki-client