Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_UuMoWAjV4M09ooOb-J3N7tYmUQ.roa
File: _UuMoWAjV4M09ooOb-J3N7tYmUQ.roa (raw, json)
Hash identifier: jIEDJDQ5hHeZZL1jycGc12lrdt0o4lW0QlyAT+bNcRo=
Subject key identifier: FD:4B:8C:A1:60:23:57:83:34:F6:8A:0E:6F:E2:77:37:BB:58:99:44
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA03A644CAFE99BE930DAD80B3407AD97
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_UuMoWAjV4M09ooOb-J3N7tYmUQ.roa
Signing time: Tue 02 Apr 2024 19:12:45 +0000
ROA not before: Tue 02 Apr 2024 19:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a0:3a:64:4c:af:e9:9b:e9:30:da:d8:0b:34:07:ad:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 19:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd4b8ca16023578334f68a0e6fe27737bb589944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:79:33:25:7e:3c:c1:fc:6b:a0:d3:d2:88:17:
cb:6a:f7:4f:f4:69:12:c5:ee:ca:54:15:11:06:83:
a4:74:5d:95:79:ed:34:6b:b7:c2:fc:59:f4:c0:61:
ed:4c:cc:63:47:fb:23:a9:48:42:40:ed:a6:c5:4d:
25:b5:eb:73:1e:38:e2:a9:af:20:d5:b1:b2:81:3c:
5b:4a:a0:25:ae:f9:7b:e0:5a:cc:a2:d9:53:1c:7a:
ce:b8:c7:7b:bf:bf:66:ee:74:47:7f:50:8e:78:0b:
73:0d:e3:21:02:6f:d0:80:cc:4d:91:89:e2:ed:98:
82:1a:ae:2a:31:42:83:39:c6:74:5c:27:71:c0:9d:
8d:6b:e9:a6:d5:04:81:23:64:1a:61:81:16:d7:df:
ea:39:19:5c:ae:ba:a7:4a:da:fe:aa:69:e2:f9:36:
e2:6a:44:73:ba:59:12:25:4f:60:7a:48:07:ed:7b:
36:64:7b:08:88:d3:6c:f9:ee:1a:7d:da:19:11:d0:
69:37:6c:5a:a7:96:a9:9b:1e:d3:51:7f:9f:94:f7:
f3:6b:73:ee:13:12:1b:72:1e:4a:97:c2:63:6d:09:
b6:23:3d:a6:88:d1:34:75:13:b9:73:78:34:ad:da:
56:d7:1f:88:36:cd:88:a5:45:ab:f3:be:11:02:a6:
0e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:4B:8C:A1:60:23:57:83:34:F6:8A:0E:6F:E2:77:37:BB:58:99:44
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_UuMoWAjV4M09ooOb-J3N7tYmUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:91:b6:db:fc:73:a1:c7:51:64:45:0e:bf:00:bb:22:b1:8f:
1e:89:27:4c:1c:32:cf:4b:97:66:0a:ca:3e:dd:cc:6a:62:2d:
07:71:75:08:b8:d5:5e:21:6c:7e:3a:48:9b:fd:1f:ab:f5:ec:
a9:24:1d:6b:82:1f:01:40:49:7e:fb:f9:f0:3b:2d:cb:3e:d2:
3f:73:71:eb:ac:78:97:87:72:d7:63:33:d8:b7:ee:fa:1e:15:
e5:d0:01:cb:36:07:86:28:dd:c5:84:d3:eb:f7:35:7c:95:c1:
9e:8d:80:f1:6b:13:bd:b0:96:1e:fa:9d:2d:49:33:f1:9c:eb:
cb:69:f1:2b:2d:39:20:92:9b:47:3f:69:76:74:34:98:59:97:
e0:14:0c:8e:a4:2b:65:3d:bf:24:a3:36:42:1b:00:c9:33:33:
53:41:67:73:ae:6c:1a:2f:a3:4f:34:3c:eb:f1:54:b0:97:78:
1f:5b:6d:d8:70:53:2d:8e:40:d3:bf:36:57:e3:76:19:c6:91:
4c:9c:8b:f7:8e:e3:69:c7:03:b1:93:d9:3c:e9:a1:50:34:bd:
b6:b7:2c:1d:6b:e2:dc:83:dc:31:dc:3e:96:66:84:61:f8:dc:
f7:37:50:f3:3f:a0:33:81:40:48:c0:9b:b7:ea:2b:92:d5:9e:
e3:26:fa:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6gOmRMr+mb6TDa2As0B62XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMTkxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDRiOGNhMTYwMjM1NzgzMzRmNjhhMGU2ZmUyNzczN2JiNTg5OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnkzJX48wfxroNPSiBfLavdP9GkS
xe7KVBURBoOkdF2Vee00a7fC/Fn0wGHtTMxjR/sjqUhCQO2mxU0ltetzHjjiqa8g
1bGygTxbSqAlrvl74FrMotlTHHrOuMd7v79m7nRHf1COeAtzDeMhAm/QgMxNkYni
7ZiCGq4qMUKDOcZ0XCdxwJ2Na+mm1QSBI2QaYYEW19/qORlcrrqnStr+qmni+Tbi
akRzulkSJU9gekgH7Xs2ZHsIiNNs+e4afdoZEdBpN2xap5apmx7TUX+flPfza3Pu
ExIbch5Kl8JjbQm2Iz2miNE0dRO5c3g0rdpW1x+INs2IpUWr874RAqYOnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP1LjKFgI1eDNPaKDm/idze7WJlEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX1V1TW9XQWpWNE0wOW9vT2ItSjNON3RZbVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ2Rttv8c6HHUWRFDr8A
uyKxjx6JJ0wcMs9Ll2YKyj7dzGpiLQdxdQi41V4hbH46SJv9H6v17KkkHWuCHwFA
SX77+fA7Lcs+0j9zceuseJeHctdjM9i37voeFeXQAcs2B4Yo3cWE0+v3NXyVwZ6N
gPFrE72wlh76nS1JM/Gc68tp8SstOSCSm0c/aXZ0NJhZl+AUDI6kK2U9vySjNkIb
AMkzM1NBZ3OubBovo080POvxVLCXeB9bbdhwUy2OQNO/NlfjdhnGkUyci/eO42nH
A7GT2TzpoVA0vba3LB1r4tyD3DHcPpZmhGH43Pc3UPM/oDOBQEjAm7fqK5LVnuMm
+o0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:36:01 2025 by rpki-client