Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SDbF-wHi15AaNaUZfQ-XKiBxmJw.roa
File: SDbF-wHi15AaNaUZfQ-XKiBxmJw.roa (raw, json)
Hash identifier: fimOhbegczcdOnHVviJN8IoMs4wxldRKL9A83A648i0=
Subject key identifier: 48:36:C5:FB:01:E2:D7:90:1A:35:A5:19:7D:0F:97:2A:20:71:98:9C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC904EE8875B91B38BB2323530B0822D1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SDbF-wHi15AaNaUZfQ-XKiBxmJw.roa
Signing time: Wed 21 Feb 2024 00:16:00 +0000
ROA not before: Wed 21 Feb 2024 00:16:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c9:04:ee:88:75:b9:1b:38:bb:23:23:53:0b:08:22:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 00:16:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4836c5fb01e2d7901a35a5197d0f972a2071989c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a9:27:9b:66:0d:9d:30:78:fd:d4:28:6d:c2:
78:99:a9:89:d4:bd:e3:c2:c2:4d:70:60:49:47:dd:
33:97:3b:29:53:92:2d:2b:2b:0c:21:b1:aa:5f:cc:
e5:9d:10:a8:99:e8:23:23:0b:06:64:27:ba:61:d7:
0a:b4:fe:9d:44:f3:41:78:26:04:c6:0e:3d:ca:66:
8c:11:1b:58:06:62:e5:23:6c:0a:0e:17:08:9d:0a:
1b:11:64:38:a6:9e:3e:8b:48:37:b3:b5:f5:ad:35:
03:e7:34:1b:e8:b2:7d:b1:32:b1:74:3d:ff:d9:34:
0a:31:17:d8:ec:16:e5:94:4a:20:4d:ad:fc:ab:03:
79:47:42:6d:a3:c1:c2:33:8d:18:22:52:82:d6:51:
0d:02:a1:ac:94:d7:10:f5:6f:f7:94:f5:58:e6:57:
ee:47:e3:1f:b9:72:be:a0:14:aa:28:65:87:14:dc:
c5:55:71:e8:88:ac:b5:d5:49:5a:f1:bb:eb:56:94:
67:83:ba:f3:27:7d:65:66:ad:07:f5:0c:49:d0:8e:
e8:c4:9b:ee:2a:f7:9d:95:f5:6e:fb:6c:2c:ab:35:
02:c1:a9:04:a1:61:bc:c3:65:c5:58:9c:bd:fd:70:
84:e7:ae:ce:ff:d1:9b:6c:b2:03:52:e4:dc:c7:35:
d9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:36:C5:FB:01:E2:D7:90:1A:35:A5:19:7D:0F:97:2A:20:71:98:9C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SDbF-wHi15AaNaUZfQ-XKiBxmJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:0c:e2:a1:29:51:e8:bc:c2:1a:52:fe:ea:3c:0a:cc:35:57:
1c:14:53:78:41:c7:2c:f0:b1:ff:b7:15:6d:87:9b:42:e7:c4:
f7:7d:04:3b:b6:a7:53:e3:3d:0b:e5:13:0d:47:a6:5c:79:2d:
a5:44:50:6c:f6:7b:11:5f:ac:9c:59:fb:96:b5:a1:5a:1a:6a:
b4:85:95:e6:e4:1b:f0:5c:e2:bf:a5:df:0f:8b:73:58:65:5a:
7c:3f:e9:81:5a:ac:66:08:16:7f:57:75:00:fc:39:e1:20:34:
2e:a5:c5:10:04:55:1b:45:d9:cc:38:de:20:c1:c9:27:b3:23:
cb:ce:93:ae:6f:37:1d:f3:34:fc:3a:2d:19:43:b6:c2:cf:8d:
a1:ca:1b:1d:c5:05:49:ee:b2:49:6a:d2:88:a0:8e:1e:d1:28:
61:3a:4d:c6:00:70:8d:11:56:52:a0:7f:8f:69:c2:f7:e1:ed:
ce:ff:c5:55:24:61:83:da:93:53:8c:a2:e5:b8:2b:a6:73:27:
8c:5f:27:7d:d5:9b:40:d9:75:c1:15:5a:48:2c:d6:b5:52:32:
04:fa:7f:75:2a:ca:2d:30:26:4b:ab:29:64:6f:66:10:50:f5:
da:36:8c:da:57:26:81:93:62:95:67:f5:97:41:be:12:c1:9d:
a2:66:1f:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3JBO6IdbkbOLsjI1MLCCLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMDAxNjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODM2YzVmYjAxZTJkNzkwMWEzNWE1MTk3ZDBmOTcyYTIwNzE5ODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaknm2YNnTB4/dQobcJ4mamJ1L3j
wsJNcGBJR90zlzspU5ItKysMIbGqX8zlnRComegjIwsGZCe6YdcKtP6dRPNBeCYE
xg49ymaMERtYBmLlI2wKDhcInQobEWQ4pp4+i0g3s7X1rTUD5zQb6LJ9sTKxdD3/
2TQKMRfY7BbllEogTa38qwN5R0Jto8HCM40YIlKC1lENAqGslNcQ9W/3lPVY5lfu
R+MfuXK+oBSqKGWHFNzFVXHoiKy11Ula8bvrVpRng7rzJ31lZq0H9QxJ0I7oxJvu
KvedlfVu+2wsqzUCwakEoWG8w2XFWJy9/XCE567O/9GbbLIDUuTcxzXZ1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEg2xfsB4teQGjWlGX0PlyogcZicMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvU0RiRi13SGkxNUFhTmFVWmZRLVhLaUJ4bUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABEM4qEpUei8whpS/uo8
Csw1VxwUU3hBxyzwsf+3FW2Hm0LnxPd9BDu2p1PjPQvlEw1Hplx5LaVEUGz2exFf
rJxZ+5a1oVoaarSFlebkG/Bc4r+l3w+Lc1hlWnw/6YFarGYIFn9XdQD8OeEgNC6l
xRAEVRtF2cw43iDBySezI8vOk65vNx3zNPw6LRlDtsLPjaHKGx3FBUnusklq0oig
jh7RKGE6TcYAcI0RVlKgf49pwvfh7c7/xVUkYYPak1OMouW4K6ZzJ4xfJ33Vm0DZ
dcEVWkgs1rVSMgT6f3Uqyi0wJkurKWRvZhBQ9do2jNpXJoGTYpVn9ZdBvhLBnaJm
H/U=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:13:16 2025 by rpki-client