Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O0CDIco-qiNGf2pQYDXVcACt1qU.roa
File: O0CDIco-qiNGf2pQYDXVcACt1qU.roa (raw, json)
Hash identifier: cK0Kl0Z522Hr9UwWrA71zqCynhNob7hr9ZQCo3s6LPk=
Subject key identifier: 3B:40:83:21:CA:3E:AA:23:46:7F:6A:50:60:35:D5:70:00:AD:D6:A5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2BB88D39BF49EA44BE4BB656A455E959
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O0CDIco-qiNGf2pQYDXVcACt1qU.roa
Signing time: Sun 21 Jan 2024 11:12:11 +0000
ROA not before: Sun 21 Jan 2024 11:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2b:b8:8d:39:bf:49:ea:44:be:4b:b6:56:a4:55:e9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 11:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b408321ca3eaa23467f6a506035d57000add6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:30:6e:ab:81:a0:9b:74:e4:d2:b6:09:5d:e8:
27:5f:24:03:11:e2:80:89:d9:c2:fc:97:2f:cd:db:
1b:0e:7a:ec:d8:14:2c:58:06:57:4e:04:bd:83:f5:
18:cd:b8:59:32:fb:7e:e8:b4:04:0c:cc:02:20:0b:
d0:35:de:77:66:23:b4:18:54:5e:64:7b:93:aa:34:
7e:91:b2:e4:65:6c:cd:64:a0:d9:57:c4:97:81:97:
00:e4:dc:56:a3:53:f5:8e:92:40:91:7c:1c:20:2a:
b2:89:1e:9d:08:9b:36:31:fb:f8:1a:98:cf:3d:0a:
98:e0:f5:37:8e:6a:64:ff:6c:9c:a4:4b:a7:ac:3b:
d9:f7:e8:69:c1:71:c3:a0:94:c7:cc:b0:7c:c6:92:
2b:cc:5d:0c:68:e8:a1:80:d7:02:dd:ba:1e:73:8d:
c7:21:ef:ac:b4:d2:47:8a:cc:ae:22:e8:07:13:eb:
8a:3c:fb:0a:19:75:f0:f3:df:ca:62:11:15:c2:7c:
82:0b:bd:61:b0:b3:7c:17:29:d4:c8:4a:f0:80:05:
60:63:80:e0:db:10:f2:82:fe:2b:84:9c:bc:da:4a:
d1:2f:de:5a:39:87:15:ac:a7:3e:f1:3c:c2:bd:89:
62:6a:41:65:e5:53:3b:0b:e6:c9:f2:ca:8d:b5:d5:
d5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:40:83:21:CA:3E:AA:23:46:7F:6A:50:60:35:D5:70:00:AD:D6:A5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O0CDIco-qiNGf2pQYDXVcACt1qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:ec:10:3b:fc:bf:f5:bc:d8:c4:ee:a7:3d:26:bc:86:87:60:
ee:b3:c0:7f:10:b6:51:53:bf:44:64:21:e6:a4:23:24:1e:25:
13:02:56:43:16:10:c9:d9:84:59:95:94:ce:c9:4e:9c:f5:47:
c7:5f:97:27:01:b6:cf:e0:b5:e1:d1:7f:9c:84:e4:73:da:64:
eb:fb:ac:3b:fe:21:30:44:bc:f4:83:0c:58:5e:ee:8d:b8:b9:
3b:6c:6f:cb:2d:ab:1f:e4:10:e2:1b:86:c3:54:62:b8:c0:fb:
a3:ac:5e:8d:9d:ec:af:4c:6f:b4:8c:a5:12:db:de:09:00:9b:
94:6d:af:e7:be:6b:e4:a1:81:90:3b:af:07:ea:95:95:ce:ec:
37:7f:ea:fe:9b:2b:45:a3:17:e6:4e:e9:d8:2c:4f:5c:68:e8:
1b:ae:f8:5a:d5:90:40:83:77:54:47:94:41:e8:e6:64:8f:23:
fe:e4:6c:d7:a0:ee:c1:30:54:9b:68:80:8e:ec:b6:08:16:8b:
02:e7:f1:8d:3b:b8:d0:49:11:18:7a:eb:aa:d2:ad:db:4a:f1:
5c:46:8b:1b:6c:8c:44:5d:6f:78:73:72:df:9d:22:4c:20:91:
cb:13:de:5e:36:c9:0f:4e:e3:ff:cb:b9:a0:14:95:a8:a3:6f:
84:0a:5b:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0ruI05v0nqRL5LtlakVelZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMTExMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQwODMyMWNhM2VhYTIzNDY3ZjZhNTA2MDM1ZDU3MDAwYWRkNmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDBuq4Ggm3Tk0rYJXegnXyQDEeKA
idnC/JcvzdsbDnrs2BQsWAZXTgS9g/UYzbhZMvt+6LQEDMwCIAvQNd53ZiO0GFRe
ZHuTqjR+kbLkZWzNZKDZV8SXgZcA5NxWo1P1jpJAkXwcICqyiR6dCJs2Mfv4GpjP
PQqY4PU3jmpk/2ycpEunrDvZ9+hpwXHDoJTHzLB8xpIrzF0MaOihgNcC3boec43H
Ie+stNJHisyuIugHE+uKPPsKGXXw89/KYhEVwnyCC71hsLN8FynUyErwgAVgY4Dg
2xDygv4rhJy82krRL95aOYcVrKc+8TzCvYliakFl5VM7C+bJ8sqNtdXVPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDtAgyHKPqojRn9qUGA11XAArdalMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTzBDREljby1xaU5HZjJwUVlEWFZjQUN0MXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACDsEDv8v/W82MTupz0m
vIaHYO6zwH8QtlFTv0RkIeakIyQeJRMCVkMWEMnZhFmVlM7JTpz1R8dflycBts/g
teHRf5yE5HPaZOv7rDv+ITBEvPSDDFhe7o24uTtsb8stqx/kEOIbhsNUYrjA+6Os
Xo2d7K9Mb7SMpRLb3gkAm5Rtr+e+a+ShgZA7rwfqlZXO7Dd/6v6bK0WjF+ZO6dgs
T1xo6Buu+FrVkECDd1RHlEHo5mSPI/7kbNeg7sEwVJtogI7stggWiwLn8Y07uNBJ
ERh666rSrdtK8VxGixtsjERdb3hzct+dIkwgkcsT3l42yQ9O4//LuaAUlaijb4QK
W6E=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:57:43 2025 by rpki-client