Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/K-g_ewcUQFXbo3FI7IxhRFWj6ZY.roa
File: K-g_ewcUQFXbo3FI7IxhRFWj6ZY.roa (raw, json)
Hash identifier: kT1j7slbnv6wWuMJopa9ac85x1rtRx2NsjGfvnbhWdQ=
Subject key identifier: 2B:E8:3F:7B:07:14:40:55:DB:A3:71:48:EC:8C:61:44:55:A3:E9:96
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBEB0AA8D54199D7D3545391E329059BC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/K-g_ewcUQFXbo3FI7IxhRFWj6ZY.roa
Signing time: Sun 31 Dec 2023 07:04:58 +0000
ROA not before: Sun 31 Dec 2023 07:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:beb0:871/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:be:b0:aa:8d:54:19:9d:7d:35:45:39:1e:32:90:59:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 07:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2be83f7b07144055dba37148ec8c614455a3e996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:12:d9:11:b2:ba:11:4e:2d:e5:5e:ae:02:
1d:4e:7e:eb:6b:da:6c:f8:71:77:46:a5:a9:ae:30:
5d:cc:6a:0d:7c:6f:dc:4a:fb:66:35:f4:a9:b0:c4:
b8:5e:91:27:b3:bd:f7:58:0d:60:1b:8c:03:fa:4d:
f3:f8:13:f1:ae:fb:c0:40:74:4b:a6:a1:fa:b9:28:
f3:5f:5b:5e:1d:9b:8c:ef:6f:1e:5b:8f:a7:5b:d3:
58:94:91:08:0c:1d:28:b3:e4:f8:65:d6:f4:c6:cf:
cf:ae:3e:f0:3e:3e:d6:80:45:24:43:64:62:1d:6b:
10:1c:1f:3f:df:af:76:b3:b5:45:3a:6d:25:2e:62:
bd:01:ff:28:96:cc:14:5d:fd:b2:6a:e9:a3:79:5f:
e2:df:76:e4:36:67:9a:3d:ff:4e:5a:b2:4c:8b:cc:
9b:cb:d8:f8:2f:f9:f0:42:49:55:d0:e4:bf:fd:ec:
0f:c8:6a:64:85:03:3e:0b:49:c8:57:4d:8b:d9:56:
a3:c2:b4:95:13:c9:d6:cc:be:f9:8e:ee:20:44:3a:
02:7f:c4:f5:c7:fc:76:f0:48:72:a9:89:dc:0b:76:
2f:40:de:08:d9:3f:3b:7d:61:2c:a3:c0:77:cc:5f:
06:aa:d7:18:b0:ff:5c:03:68:8d:8f:62:f0:60:eb:
1e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E8:3F:7B:07:14:40:55:DB:A3:71:48:EC:8C:61:44:55:A3:E9:96
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/K-g_ewcUQFXbo3FI7IxhRFWj6ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:fb:bf:25:b8:dc:f8:30:07:64:d7:ed:01:a3:d3:c4:d7:a0:
be:ce:d3:af:80:26:e8:42:05:97:d9:df:96:7f:d7:14:c4:df:
1f:17:2e:01:6b:5d:3f:94:dd:4c:73:7d:e6:da:5c:cd:c5:eb:
79:10:33:db:0f:a9:f3:90:96:eb:fe:ce:52:59:f3:c6:99:d7:
b5:ed:62:c7:1d:00:0a:6a:40:e9:ef:cb:eb:ef:e1:e9:3f:f9:
24:7a:90:21:e2:10:90:39:32:13:23:df:62:db:43:c8:37:99:
22:9f:f3:a0:a4:a3:0a:15:27:37:50:26:27:4e:dc:92:be:cd:
4e:b5:dd:2d:e5:ef:b9:73:31:33:0f:09:2d:5c:d4:27:87:47:
f5:14:97:d4:0a:b3:cf:15:70:78:5e:8f:b4:8d:de:43:56:80:
ac:3b:b1:04:9a:88:a4:19:8f:a2:a9:de:1a:b3:3c:44:b3:61:
ae:85:92:62:c1:77:f7:63:58:cc:9d:7d:2e:12:18:94:0b:0c:
f1:57:e9:97:42:61:d4:0a:ea:69:04:f6:d4:e0:be:0e:43:54:
e1:58:31:52:aa:42:af:76:16:44:4d:d7:52:96:bf:7b:a4:35:
66:bb:d3:7b:aa:b5:e1:74:a9:18:e7:6d:59:78:07:5c:a8:92:
89:a5:f8:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy+sKqNVBmdfTVFOR4ykFm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMDcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmU4M2Y3YjA3MTQ0MDU1ZGJhMzcxNDhlYzhjNjE0NDU1YTNlOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aES2RGyuhFOLeVergIdTn7ra9ps
+HF3RqWprjBdzGoNfG/cSvtmNfSpsMS4XpEns733WA1gG4wD+k3z+BPxrvvAQHRL
pqH6uSjzX1teHZuM728eW4+nW9NYlJEIDB0os+T4Zdb0xs/Prj7wPj7WgEUkQ2Ri
HWsQHB8/3692s7VFOm0lLmK9Af8olswUXf2yaumjeV/i33bkNmeaPf9OWrJMi8yb
y9j4L/nwQklV0OS//ewPyGpkhQM+C0nIV02L2VajwrSVE8nWzL75ju4gRDoCf8T1
x/x28EhyqYncC3YvQN4I2T87fWEso8B3zF8GqtcYsP9cA2iNj2LwYOseKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCvoP3sHFEBV26NxSOyMYURVo+mWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSy1nX2V3Y1VRRlhibzNGSTdJeGhSRldqNlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD/7vyW43PgwB2TX7QGj
08TXoL7O06+AJuhCBZfZ35Z/1xTE3x8XLgFrXT+U3UxzfebaXM3F63kQM9sPqfOQ
luv+zlJZ88aZ17XtYscdAApqQOnvy+vv4ek/+SR6kCHiEJA5MhMj32LbQ8g3mSKf
86CkowoVJzdQJidO3JK+zU613S3l77lzMTMPCS1c1CeHR/UUl9QKs88VcHhej7SN
3kNWgKw7sQSaiKQZj6Kp3hqzPESzYa6FkmLBd/djWMydfS4SGJQLDPFX6ZdCYdQK
6mkE9tTgvg5DVOFYMVKqQq92FkRN11KWv3ukNWa703uqteF0qRjnbVl4B1yokoml
+DM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:29:21 2025 by rpki-client