Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O17j-oNIQtlcq6soUmymYyno2Gc.roa
File: O17j-oNIQtlcq6soUmymYyno2Gc.roa (raw, json)
Hash identifier: DUqfTL+88EdTle20wUi9Odvb6NR4vxW9aKjzHaGgsjI=
Subject key identifier: 3B:5E:E3:FA:83:48:42:D9:5C:AB:AB:28:52:6C:A6:63:29:E8:D8:67
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBA9D4A5D8E56437C930754A6F3B269D4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O17j-oNIQtlcq6soUmymYyno2Gc.roa
Signing time: Sun 07 Apr 2024 22:10:54 +0000
ROA not before: Sun 07 Apr 2024 22:10:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ba:9d:4a:5d:8e:56:43:7c:93:07:54:a6:f3:b2:69:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 22:10:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b5ee3fa834842d95cabab28526ca66329e8d867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:46:28:b2:fd:ae:ea:45:3c:10:88:6b:1f:83:
be:ff:6e:f6:9e:44:bf:65:0f:7e:1d:d5:d8:85:89:
e7:65:93:af:8e:6f:b8:4d:0d:b6:68:87:6c:2f:12:
8c:22:e6:b1:f4:84:56:e9:fd:81:d8:f4:9a:10:41:
99:8e:9b:30:83:94:00:45:67:9f:c9:a1:e9:a2:46:
be:18:8b:6d:29:a6:72:87:3f:01:9f:7c:8a:90:a0:
4e:ca:1f:e2:42:51:53:c4:1c:eb:6a:cf:d8:b3:3e:
93:f3:7e:9d:b2:fb:c8:68:5b:57:0f:c2:5a:84:18:
68:61:7d:3a:87:d5:2e:53:95:77:b6:ec:3f:fb:89:
4d:70:b2:4c:97:a2:8c:69:d7:61:bc:04:d9:60:62:
5e:f4:32:15:cd:a5:35:e0:dd:06:be:93:dc:51:2d:
24:ce:79:55:27:e3:e0:d6:95:11:77:57:9b:39:7c:
69:a1:e1:cf:5f:72:19:85:24:5b:91:fb:d8:ff:c0:
2c:c5:20:28:67:b3:2e:18:98:ee:b8:9e:eb:25:a6:
e1:ca:4c:ef:3e:7d:f6:07:78:a5:7b:61:66:f2:0c:
d8:bd:0a:d3:bd:c9:2f:77:e3:0b:d1:ab:2a:7c:d0:
05:67:e7:4d:16:bb:54:85:7a:86:40:65:00:5c:71:
f4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:5E:E3:FA:83:48:42:D9:5C:AB:AB:28:52:6C:A6:63:29:E8:D8:67
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O17j-oNIQtlcq6soUmymYyno2Gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:64:c6:40:29:4e:2a:f3:06:18:b0:b1:e4:d0:3f:e7:fc:a2:
06:72:68:f2:ec:2a:93:29:16:d6:a2:c2:c5:12:56:3f:69:43:
23:b6:d2:4f:86:10:fe:56:0a:f9:15:65:91:0f:f0:85:f6:45:
05:aa:df:c5:8b:4e:2c:14:02:9a:14:2b:37:7d:38:94:e7:69:
84:9b:8b:f5:ec:66:6d:3b:25:a0:5a:31:c3:da:eb:07:2b:4b:
86:e9:aa:98:8b:73:6d:53:14:bf:c5:2c:c1:ce:58:7f:58:04:
c8:7f:22:b4:5c:82:d2:cc:f9:21:b8:54:8b:ae:7c:dc:f0:ba:
0e:b0:12:03:39:cb:fa:6a:b0:88:eb:fa:a2:8d:1f:f8:b5:ce:
17:bd:78:9e:e5:51:2b:f1:37:45:6c:ae:e2:4e:a3:ec:a7:cd:
58:d4:92:ca:21:a4:71:a8:ce:22:5b:f8:03:0f:33:9a:41:53:
99:30:68:eb:27:f3:02:b4:d6:99:a2:14:69:04:9f:1c:77:d4:
80:0e:e2:a7:e2:e2:bb:87:e3:bd:3e:c1:bc:5d:56:ce:65:92:
6c:a6:42:cc:23:4d:9e:69:d4:57:ac:6e:0b:32:cd:1d:1d:e1:
b0:c5:85:2c:c0:9b:b5:a8:41:51:9c:61:78:46:85:49:0f:db:
9b:1d:0a:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY66nUpdjlZDfJMHVKbzsmnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MjIxMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjVlZTNmYTgzNDg0MmQ5NWNhYmFiMjg1MjZjYTY2MzI5ZThkODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykYosv2u6kU8EIhrH4O+/272nkS/
ZQ9+HdXYhYnnZZOvjm+4TQ22aIdsLxKMIuax9IRW6f2B2PSaEEGZjpswg5QARWef
yaHpoka+GIttKaZyhz8Bn3yKkKBOyh/iQlFTxBzras/Ysz6T836dsvvIaFtXD8Ja
hBhoYX06h9UuU5V3tuw/+4lNcLJMl6KMaddhvATZYGJe9DIVzaU14N0GvpPcUS0k
znlVJ+Pg1pURd1ebOXxpoeHPX3IZhSRbkfvY/8AsxSAoZ7MuGJjuuJ7rJabhykzv
Pn32B3ile2Fm8gzYvQrTvckvd+ML0asqfNAFZ+dNFrtUhXqGQGUAXHH0ewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDte4/qDSELZXKurKFJspmMp6NhnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTzE3ai1vTklRdGxjcTZzb1VteW1ZeW5vMkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAARkxkApTirzBhiwseTQ
P+f8ogZyaPLsKpMpFtaiwsUSVj9pQyO20k+GEP5WCvkVZZEP8IX2RQWq38WLTiwU
ApoUKzd9OJTnaYSbi/XsZm07JaBaMcPa6wcrS4bpqpiLc21TFL/FLMHOWH9YBMh/
IrRcgtLM+SG4VIuufNzwug6wEgM5y/pqsIjr+qKNH/i1zhe9eJ7lUSvxN0VsruJO
o+ynzVjUksohpHGoziJb+AMPM5pBU5kwaOsn8wK01pmiFGkEnxx31IAO4qfi4ruH
470+wbxdVs5lkmymQswjTZ5p1FesbgsyzR0d4bDFhSzAm7WoQVGcYXhGhUkP25sd
Chk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:29:08 2025 by rpki-client