Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X_9Nef5wWMVgU0gSMsu0aw0PzJE.roa
File: X_9Nef5wWMVgU0gSMsu0aw0PzJE.roa (raw, json)
Hash identifier: yGDfCuE8twaWd6KeS74mC4wfAjAdDOR4smUwKQWCcXA=
Subject key identifier: 5F:FF:4D:79:FE:70:58:C5:60:53:48:12:32:CB:B4:6B:0D:0F:CC:91
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC5595F69ED09A92F48EC27853B887FBB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X_9Nef5wWMVgU0gSMsu0aw0PzJE.roa
Signing time: Wed 10 Apr 2024 00:12:32 +0000
ROA not before: Wed 10 Apr 2024 00:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c5:59:5f:69:ed:09:a9:2f:48:ec:27:85:3b:88:7f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 10 00:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fff4d79fe7058c56053481232cbb46b0d0fcc91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:af:1f:91:70:88:e6:01:3e:65:2b:11:8a:38:
55:50:90:e8:bf:1d:c5:7d:10:76:f4:e3:4b:de:2d:
7b:86:4c:0e:88:e1:06:e1:f0:39:d6:44:d6:a3:fb:
26:23:e9:e4:5b:5b:52:28:05:55:d3:9d:ed:93:b9:
3b:50:45:0f:e4:48:3d:80:a5:50:3f:2d:0f:93:47:
57:d6:aa:c3:79:78:d2:86:cf:12:77:08:ee:57:b5:
03:27:88:2a:89:32:67:7e:b8:90:3a:3e:76:95:b9:
41:dc:75:29:0b:03:07:4c:46:76:78:3a:8c:e1:f1:
af:8d:74:ff:26:3f:25:69:eb:cf:32:1f:49:28:98:
ed:f3:ad:26:74:d4:d4:94:5a:86:8f:a5:e8:fe:3d:
a4:ec:d0:b9:4a:75:b4:8d:d5:6b:c4:60:41:ad:ee:
7c:f0:6c:56:89:95:b6:23:31:41:91:fe:40:61:fd:
f3:5d:95:26:16:a0:04:3c:9e:78:df:b5:a1:03:a4:
87:12:51:8e:20:64:0f:32:fc:e9:17:73:da:c5:4b:
37:0a:eb:09:cf:e9:0d:e4:5d:02:fb:26:43:92:2a:
25:1d:52:f5:6e:d4:7c:d9:43:c6:45:34:63:15:c3:
9f:cc:81:4d:ec:89:bb:83:c5:a8:33:2a:22:8a:67:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:FF:4D:79:FE:70:58:C5:60:53:48:12:32:CB:B4:6B:0D:0F:CC:91
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X_9Nef5wWMVgU0gSMsu0aw0PzJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:ad:5d:48:07:00:e6:61:0c:7f:5d:eb:72:1d:33:2b:1f:b4:
c2:c2:b9:aa:44:71:5b:4c:b0:40:03:bd:8f:07:d5:60:4c:8e:
ba:a4:ee:67:0b:ba:e0:67:36:fd:74:0f:8a:88:99:c9:4d:da:
23:6c:c9:6f:e2:d6:9a:f5:87:60:fc:39:e1:61:2f:28:6c:5c:
c6:75:3b:ba:f3:92:f5:be:c2:f3:38:9d:3b:42:5a:7d:04:97:
c5:d2:b4:11:ce:f1:0f:0b:29:25:10:de:46:12:0b:49:98:27:
f0:6d:4c:21:44:c0:fe:77:19:3d:e5:f5:b6:46:42:50:27:d6:
fa:6b:5d:2e:84:d4:61:c1:e9:ba:ab:55:b1:b6:b6:0f:c9:b7:
36:c9:af:08:0a:e9:bf:c1:4a:1d:58:a3:1a:5d:6d:cd:51:e9:
f8:ec:15:77:67:d9:63:8b:12:ea:1d:95:1c:9a:5c:60:f1:de:
a6:16:4e:18:38:54:a9:8e:06:05:1b:58:a8:09:8f:60:be:c2:
33:4b:a3:28:6b:fa:49:34:89:f9:89:af:69:f0:aa:0d:b2:61:
de:ac:43:57:f8:9c:10:41:09:a5:66:24:63:e8:92:7d:a3:fa:
5f:d2:94:74:8b:60:9e:59:8b:6b:04:d1:19:8c:02:45:21:c9:
06:f7:64:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7FWV9p7QmpL0jsJ4U7iH+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEwMDAxMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmZmNGQ3OWZlNzA1OGM1NjA1MzQ4MTIzMmNiYjQ2YjBkMGZjYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa8fkXCI5gE+ZSsRijhVUJDovx3F
fRB29ONL3i17hkwOiOEG4fA51kTWo/smI+nkW1tSKAVV053tk7k7UEUP5Eg9gKVQ
Py0Pk0dX1qrDeXjShs8SdwjuV7UDJ4gqiTJnfriQOj52lblB3HUpCwMHTEZ2eDqM
4fGvjXT/Jj8laevPMh9JKJjt860mdNTUlFqGj6Xo/j2k7NC5SnW0jdVrxGBBre58
8GxWiZW2IzFBkf5AYf3zXZUmFqAEPJ5437WhA6SHElGOIGQPMvzpF3PaxUs3CusJ
z+kN5F0C+yZDkiolHVL1btR82UPGRTRjFcOfzIFN7Im7g8WoMyoiimdoGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF//TXn+cFjFYFNIEjLLtGsND8yRMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWF85TmVmNXdXTVZnVTBnU01zdTBhdzBQekpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEmtXUgHAOZhDH9d63Id
MysftMLCuapEcVtMsEADvY8H1WBMjrqk7mcLuuBnNv10D4qImclN2iNsyW/i1pr1
h2D8OeFhLyhsXMZ1O7rzkvW+wvM4nTtCWn0El8XStBHO8Q8LKSUQ3kYSC0mYJ/Bt
TCFEwP53GT3l9bZGQlAn1vprXS6E1GHB6bqrVbG2tg/JtzbJrwgK6b/BSh1Yoxpd
bc1R6fjsFXdn2WOLEuodlRyaXGDx3qYWThg4VKmOBgUbWKgJj2C+wjNLoyhr+kk0
ifmJr2nwqg2yYd6sQ1f4nBBBCaVmJGPokn2j+l/SlHSLYJ5Zi2sE0RmMAkUhyQb3
ZIE=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:05:48 2025 by rpki-client