Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X8BYVe3ZBo5wy8NWB7Gprz3IhG4.roa
File: X8BYVe3ZBo5wy8NWB7Gprz3IhG4.roa (raw, json)
Hash identifier: FaWryJEgujFbKv6EEv7c46KvxkdokQFryo3p0lp9wOE=
Subject key identifier: 5F:C0:58:55:ED:D9:06:8E:70:CB:C3:56:07:B1:A9:AF:3D:C8:84:6E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0F2F165D7DD69CC4C5E901859E1F8A21
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X8BYVe3ZBo5wy8NWB7Gprz3IhG4.roa
Signing time: Mon 15 Jan 2024 22:12:40 +0000
ROA not before: Mon 15 Jan 2024 22:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0f:2f:16:5d:7d:d6:9c:c4:c5:e9:01:85:9e:1f:8a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 15 22:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fc05855edd9068e70cbc35607b1a9af3dc8846e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:31:ca:a0:87:03:c9:05:e1:0d:f3:83:8b:cb:
19:9e:fa:73:76:37:df:a7:b6:06:5a:9d:fd:e4:0a:
a0:40:a0:1e:0c:f0:db:d7:46:f8:5d:64:cf:cf:46:
15:a6:4f:e3:65:f2:4e:fa:21:7e:ce:a5:1b:cc:c2:
2e:79:d9:6f:c6:01:33:be:a0:67:4d:2c:c1:f0:30:
30:18:83:fb:19:20:94:7e:d1:e5:ec:68:5f:94:aa:
2a:c5:49:f9:e3:c1:dc:e5:93:2b:ee:d4:6a:11:3f:
05:9f:d4:56:65:a9:0d:ed:2d:ae:88:eb:4a:ce:19:
31:51:bf:73:ec:0b:1c:3b:d4:0e:60:0d:1c:fd:6d:
28:b9:a5:09:88:e5:2e:0a:d2:8f:e2:fb:e7:d0:3b:
6b:1d:b6:1b:b6:d6:55:0b:e5:af:46:80:35:53:a3:
f3:18:f5:72:1d:d9:8c:63:fb:d5:6e:b4:01:47:fb:
79:32:e5:0e:1a:e9:a9:34:df:3d:cc:b5:f2:6f:8c:
82:07:43:2c:2f:40:7a:df:b8:d0:d3:b8:c6:ff:8e:
13:db:e1:84:d7:c2:36:50:98:d8:ee:b5:99:13:95:
6e:07:de:85:74:a5:24:9f:41:89:63:99:a7:bd:5c:
b0:79:cc:90:f5:9f:ee:e2:a6:90:b5:c2:f2:d4:3f:
1c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C0:58:55:ED:D9:06:8E:70:CB:C3:56:07:B1:A9:AF:3D:C8:84:6E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X8BYVe3ZBo5wy8NWB7Gprz3IhG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:03:64:8d:50:6f:a2:54:ed:9d:11:84:0c:4c:73:64:b7:16:
e5:41:fa:b2:28:38:a6:a4:ce:01:53:70:40:67:90:2a:05:d0:
44:5a:ec:e1:d1:04:aa:88:88:0a:4e:cb:a8:f0:45:12:00:e6:
2d:20:44:8d:54:36:e5:29:ae:cf:88:7e:97:2d:50:4d:43:36:
51:51:f3:5a:04:0f:1b:a4:f4:4d:14:7e:ac:fc:12:ce:9e:41:
b7:ff:58:84:b2:69:3c:60:48:43:46:34:a7:47:72:54:c7:fa:
a2:f3:01:52:2b:29:69:ae:46:12:57:6a:fb:2a:97:ac:de:fe:
8b:78:e7:81:48:43:c9:a5:63:02:8d:6a:55:0b:f3:ec:5a:ba:
5f:17:7e:e6:ac:11:6c:47:42:1d:4a:e8:3f:af:a7:5c:95:41:
bf:da:0e:1a:ea:0f:ff:e0:5f:46:f3:8b:e7:53:69:c8:07:a6:
13:ba:61:1e:33:cf:b8:5b:d2:d2:27:a5:8f:af:e3:1b:79:15:
eb:c8:40:58:28:14:15:4f:d8:db:94:fe:b2:25:9c:24:e4:1e:
df:d8:89:f9:96:22:ab:d9:d1:22:85:06:b7:62:75:76:2b:5e:
e3:54:d5:9e:b3:5d:c8:45:fe:e4:15:1a:7e:dc:31:89:8c:13:
a5:d1:98:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0PLxZdfdacxMXpAYWeH4ohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE1MjIxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMwNTg1NWVkZDkwNjhlNzBjYmMzNTYwN2IxYTlhZjNkYzg4NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTHKoIcDyQXhDfODi8sZnvpzdjff
p7YGWp395AqgQKAeDPDb10b4XWTPz0YVpk/jZfJO+iF+zqUbzMIuedlvxgEzvqBn
TSzB8DAwGIP7GSCUftHl7GhflKoqxUn548Hc5ZMr7tRqET8Fn9RWZakN7S2uiOtK
zhkxUb9z7AscO9QOYA0c/W0ouaUJiOUuCtKP4vvn0DtrHbYbttZVC+WvRoA1U6Pz
GPVyHdmMY/vVbrQBR/t5MuUOGumpNN89zLXyb4yCB0MsL0B637jQ07jG/44T2+GE
18I2UJjY7rWZE5VuB96FdKUkn0GJY5mnvVywecyQ9Z/u4qaQtcLy1D8cpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF/AWFXt2QaOcMvDVgexqa89yIRuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWDhCWVZlM1pCbzV3eThOV0I3R3ByejNJaEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI0DZI1Qb6JU7Z0RhAxM
c2S3FuVB+rIoOKakzgFTcEBnkCoF0ERa7OHRBKqIiApOy6jwRRIA5i0gRI1UNuUp
rs+IfpctUE1DNlFR81oEDxuk9E0Ufqz8Es6eQbf/WISyaTxgSENGNKdHclTH+qLz
AVIrKWmuRhJXavsql6ze/ot454FIQ8mlYwKNalUL8+xaul8XfuasEWxHQh1K6D+v
p1yVQb/aDhrqD//gX0bzi+dTacgHphO6YR4zz7hb0tInpY+v4xt5FevIQFgoFBVP
2NuU/rIlnCTkHt/YifmWIqvZ0SKFBrdidXYrXuNU1Z6zXchF/uQVGn7cMYmME6XR
mOg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:18:06 2025 by rpki-client