Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TAtahRQLsBwsq_fzbc3V6A_OQC0.roa
File: TAtahRQLsBwsq_fzbc3V6A_OQC0.roa (raw, json)
Hash identifier: x9vEf+omxOnGI2fNM6voTDayE4SxP9h384GRCXXXJag=
Subject key identifier: 4C:0B:5A:85:14:0B:B0:1C:2C:AB:F7:F3:6D:CD:D5:E8:0F:CE:40:2D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE3CADF5420732E2112F07BC910F63AE8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TAtahRQLsBwsq_fzbc3V6A_OQC0.roa
Signing time: Mon 15 Apr 2024 22:05:07 +0000
ROA not before: Mon 15 Apr 2024 22:05:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:e3ca:1f87/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:ca:df:54:20:73:2e:21:12:f0:7b:c9:10:f6:3a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 22:05:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c0b5a85140bb01c2cabf7f36dcdd5e80fce402d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:01:c5:03:92:c3:27:3e:f2:20:01:1b:d2:de:
36:3c:1a:81:b0:81:8e:d1:c5:ca:6a:7e:10:ef:2a:
20:e8:f2:26:7e:17:f1:db:b9:d2:15:b9:99:d0:39:
39:14:b5:5f:fc:05:d2:9f:87:60:bb:8f:e1:ab:24:
ba:9e:96:85:84:37:57:61:fe:c3:66:da:b6:79:ad:
43:2b:aa:f6:ac:bc:02:87:5a:c0:09:80:d0:58:b2:
22:e8:4e:9d:74:e7:90:6b:31:77:5e:12:2b:e8:3c:
69:42:1b:73:36:dc:ae:38:3c:e2:26:9f:57:a8:89:
83:5d:5b:f3:1f:9c:80:b9:ae:d7:2f:f0:37:81:a4:
91:1e:6f:a5:fa:49:25:01:7c:4e:a7:d7:fe:bb:e2:
62:53:55:a5:5f:f5:69:77:40:41:7c:68:e4:82:f7:
39:86:7a:8d:54:a7:de:62:8f:67:c4:a2:6d:a1:a8:
ae:9f:2b:8f:cd:82:d8:ef:0a:66:47:30:e5:5c:f5:
d3:cd:52:ed:7f:52:f4:7f:f1:23:ab:98:1d:b7:bb:
92:44:6d:72:7d:57:ab:9c:bd:3e:18:46:76:b2:e4:
e4:25:0c:20:78:57:fc:2e:cb:d2:eb:bb:88:2a:25:
98:25:be:2e:9d:c3:80:9d:92:5d:89:1b:d4:92:4f:
e9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:0B:5A:85:14:0B:B0:1C:2C:AB:F7:F3:6D:CD:D5:E8:0F:CE:40:2D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TAtahRQLsBwsq_fzbc3V6A_OQC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:5f:5a:56:f9:3a:48:db:7a:10:cc:fc:d4:af:0f:6d:77:95:
ca:0a:0b:37:f9:e8:0a:8f:02:84:50:a9:4d:ad:d8:12:78:df:
c9:df:c7:1c:f5:c1:25:3f:c2:ec:89:8b:b1:4a:d0:fa:81:23:
a8:4b:bc:31:6b:d8:7c:bb:5d:be:b4:f5:17:ec:52:6c:a4:66:
12:6a:71:2b:c4:2b:e9:ed:20:30:df:87:c1:f9:41:53:79:de:
fb:36:74:dc:47:42:07:dd:95:18:9f:3c:2c:64:c5:de:b8:4c:
ac:91:2e:72:b1:21:62:af:2b:3b:41:30:0f:dd:0e:6f:24:8f:
44:2f:70:95:a1:08:d4:7a:6a:71:6a:01:74:36:96:b1:ab:d0:
dd:a1:00:de:d9:41:d8:cc:6c:64:08:be:39:f4:dd:e6:ef:50:
25:d0:2c:11:cb:68:7e:2d:c3:8e:17:40:62:ea:7f:ea:9b:50:
37:77:b8:1c:64:7e:ef:b7:f0:78:5c:ff:1f:ea:30:e0:bc:e2:
06:02:d6:a4:43:55:7e:e9:ae:42:21:18:b5:a6:83:8c:f3:5b:
dc:a2:5b:2f:94:4c:f5:ab:7a:02:62:ec:50:c0:a4:4c:7b:4c:
4e:18:3b:70:96:51:37:16:f7:67:a1:06:f3:ac:76:e1:4b:13:
d8:6e:b6:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7jyt9UIHMuIRLwe8kQ9jroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MjIwNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzBiNWE4NTE0MGJiMDFjMmNhYmY3ZjM2ZGNkZDVlODBmY2U0MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgHFA5LDJz7yIAEb0t42PBqBsIGO
0cXKan4Q7yog6PImfhfx27nSFbmZ0Dk5FLVf/AXSn4dgu4/hqyS6npaFhDdXYf7D
Ztq2ea1DK6r2rLwCh1rACYDQWLIi6E6ddOeQazF3XhIr6DxpQhtzNtyuODziJp9X
qImDXVvzH5yAua7XL/A3gaSRHm+l+kklAXxOp9f+u+JiU1WlX/Vpd0BBfGjkgvc5
hnqNVKfeYo9nxKJtoaiunyuPzYLY7wpmRzDlXPXTzVLtf1L0f/Ejq5gdt7uSRG1y
fVernL0+GEZ2suTkJQwgeFf8LsvS67uIKiWYJb4uncOAnZJdiRvUkk/pGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwLWoUUC7AcLKv3823N1egPzkAtMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVEF0YWhSUUxzQndzcV9memJjM1Y2QV9PUUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKJfWlb5OkjbehDM/NSv
D213lcoKCzf56AqPAoRQqU2t2BJ438nfxxz1wSU/wuyJi7FK0PqBI6hLvDFr2Hy7
Xb609RfsUmykZhJqcSvEK+ntIDDfh8H5QVN53vs2dNxHQgfdlRifPCxkxd64TKyR
LnKxIWKvKztBMA/dDm8kj0QvcJWhCNR6anFqAXQ2lrGr0N2hAN7ZQdjMbGQIvjn0
3ebvUCXQLBHLaH4tw44XQGLqf+qbUDd3uBxkfu+38Hhc/x/qMOC84gYC1qRDVX7p
rkIhGLWmg4zzW9yiWy+UTPWregJi7FDApEx7TE4YO3CWUTcW92ehBvOsduFLE9hu
tg0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:02 2025 by rpki-client