Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TAbc9ZiyQO7KhQUOnwBiBlQNZT4.roa
File: TAbc9ZiyQO7KhQUOnwBiBlQNZT4.roa (raw, json)
Hash identifier: //Iq/pECDLOuQKbyDPyEf/s+gc68kPwilvC7KuHTdQI=
Subject key identifier: 4C:06:DC:F5:98:B2:40:EE:CA:85:05:0E:9F:00:62:06:54:0D:65:3E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DCB6006861E8737614A0EED7FA5E7FC4C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TAbc9ZiyQO7KhQUOnwBiBlQNZT4.roa
Signing time: Wed 21 Feb 2024 11:14:44 +0000
ROA not before: Wed 21 Feb 2024 11:14:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:60:06:86:1e:87:37:61:4a:0e:ed:7f:a5:e7:fc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 11:14:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c06dcf598b240eeca85050e9f006206540d653e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:14:f2:dc:68:aa:33:36:50:e0:60:36:a3:69:
6a:bd:6c:b3:5a:f8:5d:30:c0:bd:80:a7:97:87:95:
0e:13:4e:df:42:bc:d4:f1:2c:a0:d6:38:2f:9a:df:
e6:f5:e1:b9:47:5d:ac:3c:87:3f:7f:79:9f:1d:2d:
2d:d1:ec:f7:48:c6:09:76:16:a6:82:ae:9f:8b:0e:
81:c9:7f:69:25:9a:fb:43:07:30:19:05:86:9b:1c:
ae:bb:d7:27:6c:d6:25:11:5d:69:82:63:a9:65:b4:
2c:9f:23:3f:32:cf:d2:9f:05:64:37:84:b8:81:3e:
23:fe:81:39:f2:23:3b:58:a7:b0:80:6f:6a:f0:24:
13:cd:5b:15:9f:0e:94:52:65:be:99:d2:73:a2:68:
b6:ff:83:6d:5e:87:47:d8:d2:ca:04:ee:a3:22:09:
f3:c0:ab:ac:ff:7d:20:dc:40:0f:3b:14:55:0f:6f:
27:b4:9c:b1:64:de:ef:ae:fb:3b:e9:03:2a:75:40:
67:b7:e1:67:65:a5:11:ca:80:2f:0e:dd:0a:d6:22:
d3:ae:60:0d:c0:cc:e4:31:5c:76:87:a4:98:bc:69:
e1:4c:f2:68:cc:02:df:d2:9a:6e:2b:f8:17:d3:b5:
87:4a:d0:1f:fe:c4:fc:39:c6:e0:c4:3a:dd:44:51:
de:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:06:DC:F5:98:B2:40:EE:CA:85:05:0E:9F:00:62:06:54:0D:65:3E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TAbc9ZiyQO7KhQUOnwBiBlQNZT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:3c:7b:a6:35:04:4e:d4:88:c8:b6:b9:0f:ed:c4:a5:47:ac:
2e:9a:64:4f:85:d8:8a:de:c2:0a:92:0c:d4:0a:c5:bb:e5:f9:
35:d1:28:cc:2b:05:5a:04:26:55:02:73:28:69:4c:6d:29:f6:
57:c6:42:f1:ef:ec:46:75:de:c5:70:f3:70:71:6f:9b:92:52:
8f:48:2b:1c:1f:f4:a7:4c:2b:b2:7f:a4:15:d2:0f:2e:c3:8a:
9d:cf:68:73:4d:e9:64:b8:b2:a4:19:d1:75:4e:fc:e5:3f:91:
98:50:17:25:50:77:ff:a9:8c:c9:ff:7e:09:b2:6d:c2:ab:29:
6b:a3:4c:b9:b1:56:a1:c7:b1:33:75:98:14:64:6d:77:a1:ef:
87:26:41:f7:2f:a0:a7:49:e2:94:61:c1:09:2f:57:7d:77:be:
4a:cd:9b:ca:b5:f3:02:7e:b5:a9:f0:3d:cf:02:bb:65:e1:27:
bf:98:94:84:35:2c:88:05:8a:d9:19:64:57:d6:c4:91:23:87:
4f:ce:83:79:75:4d:44:5a:a2:18:dc:c5:31:f7:22:1e:ef:2e:
1d:66:5c:00:dc:0f:37:2f:b7:b3:a0:45:0a:5f:07:51:5f:9e:
a8:e2:94:9e:51:2c:2d:26:5f:9e:43:df:2b:c6:2a:9d:7a:87:
1f:c5:3f:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3LYAaGHoc3YUoO7X+l5/xMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMTExNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzA2ZGNmNTk4YjI0MGVlY2E4NTA1MGU5ZjAwNjIwNjU0MGQ2NTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRTy3GiqMzZQ4GA2o2lqvWyzWvhd
MMC9gKeXh5UOE07fQrzU8Syg1jgvmt/m9eG5R12sPIc/f3mfHS0t0ez3SMYJdham
gq6fiw6ByX9pJZr7QwcwGQWGmxyuu9cnbNYlEV1pgmOpZbQsnyM/Ms/SnwVkN4S4
gT4j/oE58iM7WKewgG9q8CQTzVsVnw6UUmW+mdJzomi2/4NtXodH2NLKBO6jIgnz
wKus/30g3EAPOxRVD28ntJyxZN7vrvs76QMqdUBnt+FnZaURyoAvDt0K1iLTrmAN
wMzkMVx2h6SYvGnhTPJozALf0ppuK/gX07WHStAf/sT8OcbgxDrdRFHecQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwG3PWYskDuyoUFDp8AYgZUDWU+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVEFiYzlaaXlRTzdLaFFVT253QmlCbFFOWlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADk8e6Y1BE7UiMi2uQ/t
xKVHrC6aZE+F2IrewgqSDNQKxbvl+TXRKMwrBVoEJlUCcyhpTG0p9lfGQvHv7EZ1
3sVw83Bxb5uSUo9IKxwf9KdMK7J/pBXSDy7Dip3PaHNN6WS4sqQZ0XVO/OU/kZhQ
FyVQd/+pjMn/fgmybcKrKWujTLmxVqHHsTN1mBRkbXeh74cmQfcvoKdJ4pRhwQkv
V313vkrNm8q18wJ+tanwPc8Cu2XhJ7+YlIQ1LIgFitkZZFfWxJEjh0/Og3l1TURa
ohjcxTH3Ih7vLh1mXADcDzcvt7OgRQpfB1FfnqjilJ5RLC0mX55D3yvGKp16hx/F
P5k=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:24:14 2025 by rpki-client