Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UiXz1bPQaedfiyPA4QRcmf8z9G4.roa
File: UiXz1bPQaedfiyPA4QRcmf8z9G4.roa (raw, json)
Hash identifier: c++sk4YGhTRnyxWGENGZN6j8XImeuf0zqogGvQCr/Hw=
Subject key identifier: 52:25:F3:D5:B3:D0:69:E7:5F:8B:23:C0:E1:04:5C:99:FF:33:F4:6E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFAC2D25381B0640A503EF25A65477B79
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UiXz1bPQaedfiyPA4QRcmf8z9G4.roa
Signing time: Fri 01 Mar 2024 16:04:48 +0000
ROA not before: Fri 01 Mar 2024 16:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:fac2:5e7b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:c2:d2:53:81:b0:64:0a:50:3e:f2:5a:65:47:7b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 1 16:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5225f3d5b3d069e75f8b23c0e1045c99ff33f46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:fb:71:30:ad:20:d8:3c:ae:70:19:81:ba:c2:
79:7b:6a:e2:ba:3a:65:ee:f7:db:26:6a:db:05:e2:
2d:b2:2f:d9:4f:51:8f:5c:c1:b4:ea:ca:c1:ad:ff:
d1:2e:12:a8:63:88:be:5c:42:6e:7d:f2:ca:6e:ad:
ed:1d:9a:49:46:a8:74:8e:d6:67:d8:37:69:74:01:
bb:f7:b2:7c:fa:a0:16:5e:2a:73:02:36:e8:b7:6f:
f4:ae:88:9b:c6:f0:37:17:df:43:da:0f:4d:69:fa:
11:1a:7e:06:40:8b:66:66:50:57:49:a5:74:dd:16:
28:df:41:9c:a0:fd:08:2e:f7:fe:c3:e7:96:da:2a:
48:23:62:05:2f:08:2f:7f:bb:c2:d3:a7:c4:2b:95:
fa:ef:98:0b:01:d1:d4:10:60:cb:11:71:4c:65:aa:
10:9c:1c:d1:3c:4f:48:09:7d:8f:2e:f1:51:4b:37:
dc:55:66:0b:a5:e8:75:0c:e6:b2:29:9e:1a:4f:2c:
53:e3:62:14:f1:7c:84:2e:26:58:37:43:41:78:f3:
63:9f:93:b6:af:c0:86:61:7f:1d:88:da:1e:31:69:
9e:ca:48:8a:f2:a2:96:e7:77:ac:fa:55:29:46:8b:
6c:a0:56:6a:ba:bc:95:66:cf:6a:4b:d6:97:72:6d:
f9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:25:F3:D5:B3:D0:69:E7:5F:8B:23:C0:E1:04:5C:99:FF:33:F4:6E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UiXz1bPQaedfiyPA4QRcmf8z9G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:8d:fc:59:0c:2f:1f:65:74:df:12:cc:f9:52:e3:40:c3:d5:
1f:ba:02:d8:14:b1:bb:63:c7:e6:cd:78:eb:43:ba:cd:28:93:
fd:ae:cd:ad:8f:64:3d:46:29:03:9d:1d:99:39:60:ac:68:bf:
d2:10:92:ef:0e:d2:4a:8e:26:fc:5c:33:65:8f:f6:e3:fb:db:
0a:5f:95:02:1c:04:d9:35:79:4b:26:c5:4a:83:7b:86:07:28:
8f:4d:e9:e8:34:d0:4e:a3:1e:e3:28:d8:a7:0b:ca:ba:2c:85:
ca:ef:86:91:28:82:da:f4:28:2d:50:26:12:2b:e6:bc:af:98:
9a:bf:3b:b4:44:fd:40:c3:b5:c0:bd:5f:43:df:e2:33:2c:ee:
5f:95:10:30:b3:a2:9b:fa:79:5e:f4:fb:d8:5f:45:40:f9:7c:
82:53:e9:cc:5a:9b:c4:31:7e:3e:e6:5d:06:e8:c4:db:6d:36:
c9:31:52:dd:1c:f2:7f:f5:bd:e4:70:9b:f7:76:de:73:8d:19:
0a:01:0e:41:2e:1f:35:49:05:a2:e0:79:63:8c:fb:90:14:af:
e1:31:01:c2:2f:55:91:88:a1:d4:4e:cb:3b:ff:1e:ba:ed:7a:
a0:06:d5:51:8a:1f:34:ab:31:a3:82:50:3d:19:43:4f:b3:bf:
24:c3:33:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY36wtJTgbBkClA+8lplR3t5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAxMTYwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI1ZjNkNWIzZDA2OWU3NWY4YjIzYzBlMTA0NWM5OWZmMzNmNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ftxMK0g2DyucBmBusJ5e2riujpl
7vfbJmrbBeItsi/ZT1GPXMG06srBrf/RLhKoY4i+XEJuffLKbq3tHZpJRqh0jtZn
2DdpdAG797J8+qAWXipzAjbot2/0roibxvA3F99D2g9NafoRGn4GQItmZlBXSaV0
3RYo30GcoP0ILvf+w+eW2ipII2IFLwgvf7vC06fEK5X675gLAdHUEGDLEXFMZaoQ
nBzRPE9ICX2PLvFRSzfcVWYLpeh1DOayKZ4aTyxT42IU8XyELiZYN0NBePNjn5O2
r8CGYX8diNoeMWmeykiK8qKW53es+lUpRotsoFZquryVZs9qS9aXcm35UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFIl89Wz0GnnX4sjwOEEXJn/M/RuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVWlYejFiUFFhZWRmaXlQQTRRUmNtZjh6OUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAuN/FkMLx9ldN8SzPlS
40DD1R+6AtgUsbtjx+bNeOtDus0ok/2uza2PZD1GKQOdHZk5YKxov9IQku8O0kqO
JvxcM2WP9uP72wpflQIcBNk1eUsmxUqDe4YHKI9N6eg00E6jHuMo2KcLyroshcrv
hpEogtr0KC1QJhIr5ryvmJq/O7RE/UDDtcC9X0Pf4jMs7l+VEDCzopv6eV70+9hf
RUD5fIJT6cxam8Qxfj7mXQboxNttNskxUt0c8n/1veRwm/d23nONGQoBDkEuHzVJ
BaLgeWOM+5AUr+ExAcIvVZGIodROyzv/HrrteqAG1VGKHzSrMaOCUD0ZQ0+zvyTD
M0Q=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:57:08 2025 by rpki-client