Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aMmxq05QAJlgkpBHGH1rDLYGs6Q.roa
File: aMmxq05QAJlgkpBHGH1rDLYGs6Q.roa (raw, json)
Hash identifier: SL1bODyeOSaskl9rgzkEtPpVQhlxYDYI+Dj/fzlYcwE=
Subject key identifier: 68:C9:B1:AB:4E:50:00:99:60:92:90:47:18:7D:6B:0C:B6:06:B3:A4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB80B067627CF4E206EE514E6CDB86FB2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aMmxq05QAJlgkpBHGH1rDLYGs6Q.roa
Signing time: Sun 07 Apr 2024 10:11:54 +0000
ROA not before: Sun 07 Apr 2024 10:11:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b8:0b:06:76:27:cf:4e:20:6e:e5:14:e6:cd:b8:6f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 10:11:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68c9b1ab4e50009960929047187d6b0cb606b3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:31:bc:17:59:6c:5d:2b:df:5b:a5:77:2e:0c:
7e:e8:e8:35:f5:f1:8f:f2:b9:b8:32:ee:b8:ab:ad:
00:6d:9e:56:dd:f4:07:e8:e6:0e:e4:5d:25:d2:b1:
18:bc:d7:ab:6a:d5:f9:eb:e8:f4:da:ac:06:e2:80:
fb:0b:b9:0b:2b:c9:24:c0:c9:56:91:a5:f0:a9:2e:
2f:75:1f:74:93:d1:d1:31:ba:c5:6a:77:3d:4f:43:
bb:78:1b:3b:81:34:00:4c:19:0a:51:20:40:ed:9f:
bd:c9:4c:e0:b4:ab:3d:bf:b6:a3:ac:2c:87:4a:11:
02:b5:44:85:ec:90:c1:bd:3e:da:a6:e8:3d:95:17:
e9:14:df:8a:ef:09:02:db:52:5d:dc:53:1c:09:08:
c5:b5:2a:b8:7b:3c:85:33:5e:38:49:27:05:e7:cc:
b4:86:85:32:96:1a:92:4b:65:3e:00:d2:0d:7d:f8:
54:e5:53:1e:62:f0:65:94:0f:1d:8f:aa:13:f4:8f:
dc:02:14:df:09:c3:39:15:ea:62:cc:e7:04:ad:ee:
54:02:87:75:65:35:12:90:ec:22:fe:f0:f0:9d:c0:
88:73:6c:93:33:41:03:eb:50:b5:94:25:3c:14:0e:
ca:19:92:c4:06:ef:75:a2:54:6b:6d:e0:8e:6d:6c:
a3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C9:B1:AB:4E:50:00:99:60:92:90:47:18:7D:6B:0C:B6:06:B3:A4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aMmxq05QAJlgkpBHGH1rDLYGs6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:a7:69:4b:a7:d6:9c:86:d4:ba:d0:37:10:c0:ae:79:a9:2b:
34:08:b9:a1:ac:73:f5:fe:ad:5c:56:05:f4:89:dc:69:f9:4c:
e1:6a:1a:86:69:b9:5e:10:01:f7:11:a7:b5:18:a9:1a:a6:56:
85:d7:d0:71:df:75:50:d8:d7:6d:8a:43:fc:1b:15:92:cb:09:
c9:07:07:fa:e0:c3:a5:4e:a4:8e:e0:fa:08:8c:a6:85:fe:dc:
3e:33:5f:da:ee:55:7d:27:3c:10:22:3f:52:08:67:7c:d9:dd:
51:de:d5:16:e9:d7:ba:37:e7:09:91:3b:70:f0:09:93:f8:96:
12:31:1c:9d:14:19:a6:3d:a2:04:8f:18:9d:8c:83:91:e0:27:
99:6f:3c:12:06:c8:8e:5e:9d:72:35:11:88:31:d1:7d:b3:74:
71:4c:f5:19:ed:66:22:4c:ca:52:b9:84:8d:72:16:3d:1f:65:
28:2a:46:cd:28:86:22:06:10:41:82:ec:9f:b1:78:b8:22:8f:
67:b8:87:8c:92:e0:23:15:28:19:37:1b:f6:99:3a:fb:0f:f0:
86:b7:57:56:c4:a1:cd:b5:76:de:4c:70:81:cf:b0:4b:1b:bb:
02:bc:c1:42:27:85:cd:b1:0d:d0:3d:10:30:92:c0:bc:d9:2a:
23:38:52:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY64CwZ2J89OIG7lFObNuG+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MTAxMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM5YjFhYjRlNTAwMDk5NjA5MjkwNDcxODdkNmIwY2I2MDZiM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTG8F1lsXSvfW6V3Lgx+6Og19fGP
8rm4Mu64q60AbZ5W3fQH6OYO5F0l0rEYvNeratX56+j02qwG4oD7C7kLK8kkwMlW
kaXwqS4vdR90k9HRMbrFanc9T0O7eBs7gTQATBkKUSBA7Z+9yUzgtKs9v7ajrCyH
ShECtUSF7JDBvT7apug9lRfpFN+K7wkC21Jd3FMcCQjFtSq4ezyFM144SScF58y0
hoUylhqSS2U+ANINffhU5VMeYvBllA8dj6oT9I/cAhTfCcM5FepizOcEre5UAod1
ZTUSkOwi/vDwncCIc2yTM0ED61C1lCU8FA7KGZLEBu91olRrbeCObWyj9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGjJsatOUACZYJKQRxh9awy2BrOkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYU1teHEwNVFBSmxna3BCSEdIMXJETFlHczZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHynaUun1pyG1LrQNxDA
rnmpKzQIuaGsc/X+rVxWBfSJ3Gn5TOFqGoZpuV4QAfcRp7UYqRqmVoXX0HHfdVDY
122KQ/wbFZLLCckHB/rgw6VOpI7g+giMpoX+3D4zX9ruVX0nPBAiP1IIZ3zZ3VHe
1Rbp17o35wmRO3DwCZP4lhIxHJ0UGaY9ogSPGJ2Mg5HgJ5lvPBIGyI5enXI1EYgx
0X2zdHFM9RntZiJMylK5hI1yFj0fZSgqRs0ohiIGEEGC7J+xeLgij2e4h4yS4CMV
KBk3G/aZOvsP8Ia3V1bEoc21dt5McIHPsEsbuwK8wUInhc2xDdA9EDCSwLzZKiM4
Um4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:01:38 2025 by rpki-client