Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LUd5dX8cm-ATRiztsMOqMnuFj2U.roa
File: LUd5dX8cm-ATRiztsMOqMnuFj2U.roa (raw, json)
Hash identifier: OwvQKef7DL9FDLH+m6AScNM8j+w8k7M6VtJiNc1hRfc=
Subject key identifier: 2D:47:79:75:7F:1C:9B:E0:13:46:2C:ED:B0:C3:AA:32:7B:85:8F:65
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB9905BE53BBD8A4719FAE9B4C04B5138
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LUd5dX8cm-ATRiztsMOqMnuFj2U.roa
Signing time: Sun 18 Feb 2024 00:14:21 +0000
ROA not before: Sun 18 Feb 2024 00:14:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b9:90:5b:e5:3b:bd:8a:47:19:fa:e9:b4:c0:4b:51:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 18 00:14:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d4779757f1c9be013462cedb0c3aa327b858f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1e:a7:6a:2b:de:b7:4d:a0:89:09:f4:46:03:
73:e1:30:fa:26:02:b8:7b:c1:ac:09:29:14:48:32:
5f:f2:0d:e1:d0:30:a6:1c:eb:4b:4a:7b:4f:13:93:
79:ef:86:f6:9f:ca:0a:f7:5b:b0:58:67:dc:1a:a2:
c5:8b:6e:95:d8:0b:60:7c:47:58:61:bc:31:cb:eb:
bf:c0:0e:d7:51:51:21:d1:6b:39:ed:43:37:9b:de:
e5:70:e0:74:8d:cd:cb:bd:18:0b:c8:15:66:f8:ff:
27:2b:4d:db:0d:56:a1:b3:45:01:34:a5:25:59:3e:
22:f0:47:67:a0:7a:31:47:55:06:78:75:d3:7a:df:
76:f8:fe:f3:5b:66:a9:ca:e0:21:78:3a:e6:b9:a4:
96:c7:c6:1d:a0:b9:2b:4f:0e:29:0a:a5:7a:cc:bc:
78:ed:84:95:bc:c5:5c:2c:85:17:9c:92:25:ad:d5:
2a:1f:29:7f:b1:a3:db:47:bd:d7:1a:07:6e:20:19:
fd:4e:0b:3c:ea:b9:7e:58:2f:88:31:08:54:4a:49:
0e:e7:0f:85:90:9d:42:7b:e3:f5:1d:d9:d3:a9:a6:
97:63:50:05:c0:17:21:b6:11:c9:73:d8:f2:bf:31:
40:1e:0c:5c:fd:e5:47:e5:8a:31:6b:7c:37:8e:34:
c0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:47:79:75:7F:1C:9B:E0:13:46:2C:ED:B0:C3:AA:32:7B:85:8F:65
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LUd5dX8cm-ATRiztsMOqMnuFj2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:21:6c:6c:b3:4a:e0:54:5d:b0:58:ae:fe:51:8b:30:f5:4f:
24:c6:da:39:9f:1c:87:dd:40:ac:fd:61:75:86:ae:cc:c7:28:
d4:4e:c3:c1:45:8b:77:a6:95:e1:45:ec:64:20:45:5a:3d:7e:
ef:e4:55:cb:60:ee:72:ff:75:1b:90:7f:de:33:e1:dc:a8:30:
21:c7:34:03:cd:b7:29:14:c4:ae:2a:27:d1:e5:62:1e:88:34:
5a:b8:f3:af:08:c5:7b:e5:b1:b9:e6:e9:14:9a:d8:73:6b:f6:
e9:fd:38:46:e0:e8:e2:9c:03:65:c2:52:5e:70:eb:d9:82:2e:
51:88:0a:ec:49:63:51:13:cc:a0:5e:f1:33:ed:19:b5:3a:21:
8f:7f:ab:6e:01:2e:40:41:b2:00:c2:83:bc:56:21:6c:c8:ef:
6b:5e:bb:7e:86:1a:3c:29:2c:19:69:ac:38:3a:f8:de:4f:3c:
81:2d:c7:06:37:e5:42:9a:03:9a:27:9d:98:ba:9d:a6:f4:33:
c0:3c:27:45:60:de:a8:ef:70:e7:ec:4f:29:24:3a:33:60:eb:
12:f3:3c:bd:2a:b6:c4:89:de:e4:0f:5f:32:07:b2:d2:29:64:
b2:58:44:25:94:e0:b1:00:ca:47:52:b0:3b:49:d5:6d:65:8e:
c6:2f:8b:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY25kFvlO72KRxn66bTAS1E4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE4MDAxNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDQ3Nzk3NTdmMWM5YmUwMTM0NjJjZWRiMGMzYWEzMjdiODU4ZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnx6naivet02giQn0RgNz4TD6JgK4
e8GsCSkUSDJf8g3h0DCmHOtLSntPE5N574b2n8oK91uwWGfcGqLFi26V2AtgfEdY
Ybwxy+u/wA7XUVEh0Ws57UM3m97lcOB0jc3LvRgLyBVm+P8nK03bDVahs0UBNKUl
WT4i8EdnoHoxR1UGeHXTet92+P7zW2apyuAheDrmuaSWx8YdoLkrTw4pCqV6zLx4
7YSVvMVcLIUXnJIlrdUqHyl/saPbR73XGgduIBn9Tgs86rl+WC+IMQhUSkkO5w+F
kJ1Ce+P1HdnTqaaXY1AFwBchthHJc9jyvzFAHgxc/eVH5Yoxa3w3jjTASwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC1HeXV/HJvgE0Ys7bDDqjJ7hY9lMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTFVkNWRYOGNtLUFUUml6dHNNT3FNbnVGajJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE0hbGyzSuBUXbBYrv5R
izD1TyTG2jmfHIfdQKz9YXWGrszHKNROw8FFi3emleFF7GQgRVo9fu/kVctg7nL/
dRuQf94z4dyoMCHHNAPNtykUxK4qJ9HlYh6INFq4868IxXvlsbnm6RSa2HNr9un9
OEbg6OKcA2XCUl5w69mCLlGICuxJY1ETzKBe8TPtGbU6IY9/q24BLkBBsgDCg7xW
IWzI72teu36GGjwpLBlprDg6+N5PPIEtxwY35UKaA5onnZi6nab0M8A8J0Vg3qjv
cOfsTykkOjNg6xLzPL0qtsSJ3uQPXzIHstIpZLJYRCWU4LEAykdSsDtJ1W1ljsYv
i8A=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:59:01 2025 by rpki-client