Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ci_K4hM-nJi4sdxV-QeR2Tpv7gs.roa
File: ci_K4hM-nJi4sdxV-QeR2Tpv7gs.roa (raw, json)
Hash identifier: U1Ejhg95jeM7xMOGRHVbwZ2MPlQmr50l5c9Y0wfwRqA=
Subject key identifier: 72:2F:CA:E2:13:3E:9C:98:B8:B1:DC:55:F9:07:91:D9:3A:6F:EE:0B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2E80A1C071521ED981551886D8CA568A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ci_K4hM-nJi4sdxV-QeR2Tpv7gs.roa
Signing time: Mon 11 Mar 2024 17:12:45 +0000
ROA not before: Mon 11 Mar 2024 17:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:80:a1:c0:71:52:1e:d9:81:55:18:86:d8:ca:56:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 17:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=722fcae2133e9c98b8b1dc55f90791d93a6fee0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:32:09:f2:a5:fd:0a:6d:0d:e6:e2:d4:71:1d:
77:b7:ae:c6:6d:0a:d8:45:17:3d:27:f5:ba:c2:f2:
61:b9:c3:63:ca:76:b4:36:f1:f6:2c:42:d5:e1:b4:
b3:6c:8e:1c:20:2c:07:12:77:7e:f7:1c:8d:06:38:
04:53:c6:b5:a8:93:0c:7b:87:7d:24:dc:30:19:62:
a1:3f:c6:27:ee:f0:44:63:c7:8d:81:68:5b:28:fe:
f9:5f:07:40:78:ec:be:2d:97:e2:ef:15:59:1b:ee:
f3:a9:66:13:ea:80:6f:a7:4c:42:e1:10:ba:61:ad:
19:1f:b8:ff:02:d3:53:9d:b6:c8:86:05:69:82:2d:
3f:f1:c4:ce:d9:3f:69:45:d8:4c:e9:39:86:d9:80:
1a:d7:dc:89:6d:1f:74:c8:56:4c:f3:a8:45:e1:b7:
45:3d:8e:07:d1:46:83:17:be:61:f9:b8:3c:e4:a1:
71:1d:69:38:dc:f5:b6:9f:80:f1:09:b0:d9:22:07:
e9:ab:04:70:47:49:1e:82:fd:75:09:67:29:0b:45:
29:3b:75:63:a5:b6:21:5f:0a:1f:76:86:66:63:3b:
3e:da:86:90:35:0d:05:da:7b:28:b9:dc:38:66:d5:
a4:8d:1f:81:42:f2:2d:05:01:28:41:07:5e:e8:b2:
3a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2F:CA:E2:13:3E:9C:98:B8:B1:DC:55:F9:07:91:D9:3A:6F:EE:0B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ci_K4hM-nJi4sdxV-QeR2Tpv7gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:ce:50:8a:64:91:76:fa:9c:3c:64:bb:54:2a:5e:34:6f:43:
67:a1:af:24:a9:e4:89:b9:91:08:25:d4:83:35:b6:47:3e:96:
af:2f:03:2a:47:7c:4e:50:14:b0:46:77:51:63:c1:71:c0:ac:
de:fa:0e:fe:10:58:13:d5:a7:5c:28:0d:44:e4:46:2b:5b:69:
66:9a:26:cf:b4:11:c3:a3:d9:6c:6f:99:83:2c:fc:06:1b:d8:
d1:8e:d3:8b:03:39:2a:6e:b0:0e:20:30:27:6d:f9:af:40:c8:
89:3c:a2:ff:1a:9a:81:b0:dc:22:46:e0:66:22:49:0d:1f:44:
d9:9d:48:89:0f:3b:f9:29:ff:cd:34:d8:d0:01:82:4e:b9:d0:
0f:ee:cf:04:fa:3f:89:67:1d:51:48:5e:4d:a8:82:5c:d1:43:
39:29:db:ac:6e:b2:37:f9:53:79:25:ba:27:60:7d:91:d0:94:
a9:ea:9d:34:a8:63:35:8f:93:e9:f7:b7:37:86:74:62:11:c1:
84:4a:9d:71:90:ed:68:0e:a7:9b:71:1a:11:28:1a:bc:d3:02:
a7:3c:2a:57:ec:c7:98:ab:f8:ab:87:1d:ca:0f:97:40:12:c7:
a9:ed:98:76:2f:7d:04:cc:86:e2:9c:0c:8e:4a:5b:82:3a:18:
7c:ef:77:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4ugKHAcVIe2YFVGIbYylaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMTcxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJmY2FlMjEzM2U5Yzk4YjhiMWRjNTVmOTA3OTFkOTNhNmZlZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTIJ8qX9Cm0N5uLUcR13t67GbQrY
RRc9J/W6wvJhucNjyna0NvH2LELV4bSzbI4cICwHEnd+9xyNBjgEU8a1qJMMe4d9
JNwwGWKhP8Yn7vBEY8eNgWhbKP75XwdAeOy+LZfi7xVZG+7zqWYT6oBvp0xC4RC6
Ya0ZH7j/AtNTnbbIhgVpgi0/8cTO2T9pRdhM6TmG2YAa19yJbR90yFZM86hF4bdF
PY4H0UaDF75h+bg85KFxHWk43PW2n4DxCbDZIgfpqwRwR0kegv11CWcpC0UpO3Vj
pbYhXwofdoZmYzs+2oaQNQ0F2nsoudw4ZtWkjR+BQvItBQEoQQde6LI64QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHIvyuITPpyYuLHcVfkHkdk6b+4LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY2lfSzRoTS1uSmk0c2R4Vi1RZVIyVHB2N2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF7OUIpkkXb6nDxku1Qq
XjRvQ2ehrySp5Im5kQgl1IM1tkc+lq8vAypHfE5QFLBGd1FjwXHArN76Dv4QWBPV
p1woDUTkRitbaWaaJs+0EcOj2WxvmYMs/AYb2NGO04sDOSpusA4gMCdt+a9AyIk8
ov8amoGw3CJG4GYiSQ0fRNmdSIkPO/kp/8002NABgk650A/uzwT6P4lnHVFIXk2o
glzRQzkp26xusjf5U3kluidgfZHQlKnqnTSoYzWPk+n3tzeGdGIRwYRKnXGQ7WgO
p5txGhEoGrzTAqc8Klfsx5ir+KuHHcoPl0ASx6ntmHYvfQTMhuKcDI5KW4I6GHzv
d1M=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:25:48 2025 by rpki-client