Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Xf1wY8b0qkaKdotzIYWlNqU4tvI.roa
File: Xf1wY8b0qkaKdotzIYWlNqU4tvI.roa (raw, json)
Hash identifier: jVkcbg28FXmSZYiwvYDRtWoaF73W02h63q3yTwsTQ/g=
Subject key identifier: 5D:FD:70:63:C6:F4:AA:46:8A:76:8B:73:21:85:A5:36:A5:38:B6:F2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D724AB9F5BD9A1959D668088DD7E07429
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Xf1wY8b0qkaKdotzIYWlNqU4tvI.roa
Signing time: Sun 04 Feb 2024 04:05:16 +0000
ROA not before: Sun 04 Feb 2024 04:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:7249:d6f8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:72:4a:b9:f5:bd:9a:19:59:d6:68:08:8d:d7:e0:74:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 04:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dfd7063c6f4aa468a768b732185a536a538b6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:13:4d:43:92:30:e4:fe:ea:72:2d:32:77:53:
4b:b3:42:3c:77:84:1f:2a:f1:77:6f:c3:dd:22:3c:
5a:f7:47:56:e9:9a:58:c2:bf:79:74:b0:21:15:ec:
8b:eb:1a:d0:80:14:55:09:5b:0d:68:c3:6c:f5:40:
dc:c3:3b:59:24:cf:64:4c:80:e7:01:92:65:99:a7:
27:0d:39:56:40:c4:e8:f5:84:54:83:28:10:b0:1d:
8c:ee:13:19:ea:41:74:57:41:df:dd:08:94:a4:56:
98:da:26:ad:f4:16:5b:2e:fb:cd:71:f6:28:a4:30:
03:d5:dc:df:72:0c:d2:fe:82:c2:cf:b7:f0:fd:75:
7c:85:df:a9:7d:45:c4:d5:a4:29:37:86:fd:38:0c:
d7:5a:4d:31:db:84:58:8d:cb:03:a5:b0:be:4b:11:
87:ad:ee:84:5b:36:86:88:40:06:a1:1f:25:3e:1d:
15:6e:d4:aa:04:93:d6:27:92:23:37:31:67:3a:6f:
8a:54:73:23:0c:c0:21:83:ae:ed:89:64:89:24:b3:
fb:82:61:af:ee:37:3b:70:60:0a:22:48:0a:5c:da:
2a:9e:6f:27:af:86:0c:12:2c:cb:7e:71:63:f4:c2:
b1:e7:34:02:46:3d:03:14:04:ef:a8:2b:9d:7c:a6:
51:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FD:70:63:C6:F4:AA:46:8A:76:8B:73:21:85:A5:36:A5:38:B6:F2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Xf1wY8b0qkaKdotzIYWlNqU4tvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:84:96:4c:33:04:0a:7c:42:bd:fe:27:11:51:f7:ba:a7:05:
cc:8c:e5:0c:16:a5:e2:46:83:a7:6b:8a:49:a3:4e:42:a2:f6:
c5:b0:73:bc:f1:57:8d:99:e1:ce:d9:a6:bb:d8:1c:f4:8d:05:
2f:5a:3e:9b:47:53:88:b2:b6:67:55:67:5a:7a:16:7e:23:5d:
2d:82:3d:51:97:0f:1e:2f:ec:3c:7f:18:99:7f:3c:4e:82:0c:
66:e2:63:1d:ec:bc:cf:6b:d5:81:b3:cf:79:df:51:47:61:03:
c0:c8:11:a0:c6:d9:25:9a:99:1e:12:6e:c5:30:32:a0:de:42:
75:88:26:61:10:b7:b6:c9:f3:0e:17:82:79:04:ae:d9:ce:ce:
f5:6b:e1:4a:b9:48:5e:b5:4c:22:c1:dd:10:26:e8:5c:db:66:
2d:4b:9d:b1:ec:20:97:7a:e3:f8:99:65:2b:c6:c8:54:5c:84:
fd:06:7c:26:57:51:49:1b:01:6e:d8:de:21:bd:4c:cb:25:b6:
f1:fd:5d:ec:15:d0:36:73:87:d7:6e:3b:98:fd:93:cd:62:f2:
9e:98:c3:13:f8:17:4c:ba:9a:0e:25:fe:8c:fa:cb:4c:0a:d8:
6c:9a:f0:5f:cb:2f:6c:20:1c:68:6c:2b:3c:24:dd:20:a5:69:
49:65:fe:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1ySrn1vZoZWdZoCI3X4HQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MDQwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGZkNzA2M2M2ZjRhYTQ2OGE3NjhiNzMyMTg1YTUzNmE1MzhiNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRNNQ5Iw5P7qci0yd1NLs0I8d4Qf
KvF3b8PdIjxa90dW6ZpYwr95dLAhFeyL6xrQgBRVCVsNaMNs9UDcwztZJM9kTIDn
AZJlmacnDTlWQMTo9YRUgygQsB2M7hMZ6kF0V0Hf3QiUpFaY2iat9BZbLvvNcfYo
pDAD1dzfcgzS/oLCz7fw/XV8hd+pfUXE1aQpN4b9OAzXWk0x24RYjcsDpbC+SxGH
re6EWzaGiEAGoR8lPh0VbtSqBJPWJ5IjNzFnOm+KVHMjDMAhg67tiWSJJLP7gmGv
7jc7cGAKIkgKXNoqnm8nr4YMEizLfnFj9MKx5zQCRj0DFATvqCudfKZR5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF39cGPG9KpGinaLcyGFpTalOLbyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWGYxd1k4YjBxa2FLZG90eklZV2xOcVU0dHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJeElkwzBAp8Qr3+JxFR
97qnBcyM5QwWpeJGg6drikmjTkKi9sWwc7zxV42Z4c7ZprvYHPSNBS9aPptHU4iy
tmdVZ1p6Fn4jXS2CPVGXDx4v7Dx/GJl/PE6CDGbiYx3svM9r1YGzz3nfUUdhA8DI
EaDG2SWamR4SbsUwMqDeQnWIJmEQt7bJ8w4XgnkErtnOzvVr4Uq5SF61TCLB3RAm
6FzbZi1LnbHsIJd64/iZZSvGyFRchP0GfCZXUUkbAW7Y3iG9TMsltvH9XewV0DZz
h9duO5j9k81i8p6YwxP4F0y6mg4l/oz6y0wK2Gya8F/LL2wgHGhsKzwk3SClaUll
/mw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:29:07 2025 by rpki-client