Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/azYjg6FbHFFAjMMhLcVnvVHGTVs.roa
File: azYjg6FbHFFAjMMhLcVnvVHGTVs.roa (raw, json)
Hash identifier: ESS/sjuylRq03DD59NuS1GaB3SMwqvNlG7HvU95zRFc=
Subject key identifier: 6B:36:23:83:A1:5B:1C:51:40:8C:C3:21:2D:C5:67:BD:51:C6:4D:5B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7F5E871D01152797A1D656080035B64E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/azYjg6FbHFFAjMMhLcVnvVHGTVs.roa
Signing time: Wed 27 Mar 2024 10:04:45 +0000
ROA not before: Wed 27 Mar 2024 10:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:7f5e:23a7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:5e:87:1d:01:15:27:97:a1:d6:56:08:00:35:b6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 27 10:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b362383a15b1c51408cc3212dc567bd51c64d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:6d:8a:05:b7:8e:4f:5e:69:91:ec:75:5c:
d7:71:c6:60:e1:ca:5f:0e:f1:99:25:1c:4f:c4:b9:
20:7d:26:d0:ea:57:db:cd:dc:0a:1f:19:a1:3c:58:
fc:d2:65:ec:0c:3b:23:58:bf:4f:da:c9:ef:a1:f4:
aa:8f:c2:6c:29:df:eb:0d:db:b3:bb:9b:fe:8d:55:
58:3e:d3:6e:02:f8:ac:01:fa:c4:f4:10:22:d5:99:
13:a7:b5:f2:71:8f:1e:21:22:5c:35:d2:bc:a4:ff:
b8:50:e6:ae:14:f7:3c:34:9e:d0:04:aa:54:67:36:
7f:df:23:a1:65:6c:de:ef:ef:f1:b2:52:a9:fd:b9:
c1:c9:3c:13:78:66:d9:b2:5a:8e:62:cf:40:77:2f:
7b:34:14:9a:46:04:f6:f7:df:b5:73:53:03:11:ca:
59:06:eb:56:bc:d1:96:a9:c2:ff:49:66:31:ab:ac:
d3:52:03:cd:8b:23:62:1f:34:09:5e:61:4d:fb:1d:
16:c1:a5:a4:d1:df:2a:37:1a:a5:fe:62:73:7b:f8:
e6:ef:7e:90:c7:c5:9a:eb:3b:8f:a3:2a:fe:5a:f6:
53:ef:8f:8e:fd:06:39:88:3b:07:6e:25:cd:50:98:
62:20:37:a9:88:33:08:32:89:98:f0:00:a9:80:eb:
f2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:36:23:83:A1:5B:1C:51:40:8C:C3:21:2D:C5:67:BD:51:C6:4D:5B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/azYjg6FbHFFAjMMhLcVnvVHGTVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:a0:36:08:b1:51:33:fc:db:ca:c2:c2:6a:88:25:be:bd:1d:
8e:db:77:2c:23:33:01:8a:16:7c:9a:fb:30:ec:e6:0f:41:8c:
9c:da:2b:08:47:bf:9a:d1:7e:cb:19:26:58:2e:27:18:02:52:
68:3f:b4:3f:ae:1c:32:6a:56:75:9d:49:8a:93:9b:e8:5c:8c:
d2:86:59:86:a6:3f:a2:5b:6c:c0:95:88:f3:90:f2:05:3e:98:
49:d1:92:5f:14:ce:87:41:e3:ee:f0:d9:95:32:bf:5f:90:00:
45:1b:da:8b:d5:db:50:e1:44:fc:16:c4:10:e8:02:83:2b:86:
31:88:76:59:80:56:c4:bd:e3:15:82:5e:32:54:05:9b:76:00:
73:bc:55:84:8e:18:5c:76:99:a3:c1:e3:ea:2b:d8:29:34:24:
48:d1:39:74:d5:e6:4c:7d:c9:ed:86:08:55:e0:d4:d9:3d:aa:
27:d0:88:0c:cd:7d:de:ae:2f:06:4f:cc:4b:4d:d0:c4:92:54:
49:9a:fd:a2:56:be:94:81:2d:e8:b9:5f:e3:2b:75:11:7f:0a:
c7:35:d7:a0:4a:82:2c:2a:fc:70:e8:08:12:81:7a:7b:06:f2:
49:02:0e:21:1f:c4:4a:cc:69:fa:31:c7:c7:1e:54:fa:5a:ba:
2e:32:ce:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5/XocdARUnl6HWVggANbZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI3MTAwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjM2MjM4M2ExNWIxYzUxNDA4Y2MzMjEyZGM1NjdiZDUxYzY0ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV1tigW3jk9eaZHsdVzXccZg4cpf
DvGZJRxPxLkgfSbQ6lfbzdwKHxmhPFj80mXsDDsjWL9P2snvofSqj8JsKd/rDduz
u5v+jVVYPtNuAvisAfrE9BAi1ZkTp7XycY8eISJcNdK8pP+4UOauFPc8NJ7QBKpU
ZzZ/3yOhZWze7+/xslKp/bnByTwTeGbZslqOYs9Ady97NBSaRgT299+1c1MDEcpZ
ButWvNGWqcL/SWYxq6zTUgPNiyNiHzQJXmFN+x0WwaWk0d8qNxql/mJze/jm736Q
x8Wa6zuPoyr+WvZT74+O/QY5iDsHbiXNUJhiIDepiDMIMomY8ACpgOvyvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGs2I4OhWxxRQIzDIS3FZ71Rxk1bMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYXpZamc2RmJIRkZBak1NaExjVm52VkhHVFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABmgNgixUTP828rCwmqI
Jb69HY7bdywjMwGKFnya+zDs5g9BjJzaKwhHv5rRfssZJlguJxgCUmg/tD+uHDJq
VnWdSYqTm+hcjNKGWYamP6JbbMCViPOQ8gU+mEnRkl8UzodB4+7w2ZUyv1+QAEUb
2ovV21DhRPwWxBDoAoMrhjGIdlmAVsS94xWCXjJUBZt2AHO8VYSOGFx2maPB4+or
2Ck0JEjROXTV5kx9ye2GCFXg1Nk9qifQiAzNfd6uLwZPzEtN0MSSVEma/aJWvpSB
Lei5X+MrdRF/Csc116BKgiwq/HDoCBKBensG8kkCDiEfxErMafoxx8ceVPpaui4y
zrY=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:13:57 2025 by rpki-client