Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d0PQV_x1qn-G-XoKrU61cwf23I4.roa
File: d0PQV_x1qn-G-XoKrU61cwf23I4.roa (raw, json)
Hash identifier: KdoD66LX3VTDuVOvHnknf0TIFdZK5sbLUnTnPeDCtZs=
Subject key identifier: 77:43:D0:57:FC:75:AA:7F:86:F9:7A:0A:AD:4E:B5:73:07:F6:DC:8E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6E0018168A29C9980CFBCB01BEEEF211
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d0PQV_x1qn-G-XoKrU61cwf23I4.roa
Signing time: Sat 03 Feb 2024 08:05:16 +0000
ROA not before: Sat 03 Feb 2024 08:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:6dff:3412/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6e:00:18:16:8a:29:c9:98:0c:fb:cb:01:be:ee:f2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 3 08:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7743d057fc75aa7f86f97a0aad4eb57307f6dc8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:73:b8:14:2a:5b:cb:54:73:61:58:4e:53:04:
b8:13:37:02:16:62:29:24:16:12:dc:fc:f7:e0:f6:
eb:0e:f8:0b:7d:a7:43:b7:46:59:b8:f2:ec:75:a8:
1a:89:41:7e:33:1f:de:db:a2:9a:47:62:a6:7d:f8:
41:cf:9c:58:1a:a9:9e:d7:58:ee:ae:20:76:61:30:
a3:fb:6b:b6:49:60:8e:fd:ed:9f:3c:14:ac:71:a3:
bd:a6:4b:d2:a5:67:4c:e5:de:42:7f:51:cb:d9:43:
55:e8:d3:f1:8b:55:6d:8b:29:ca:bb:6b:b3:2d:68:
8e:23:74:7f:b0:e9:dc:c5:87:c8:17:20:1f:da:3e:
5d:64:41:44:09:05:ef:d9:18:2e:ae:83:74:5f:e9:
6f:e5:7b:35:3a:50:f4:11:f0:b9:69:a0:33:ec:15:
27:80:96:03:51:20:f7:4a:89:53:91:93:c2:e0:c9:
df:64:99:e8:17:17:84:32:15:f3:fd:8b:b4:3e:1b:
bb:13:db:aa:ce:14:24:b7:4f:73:2e:1c:de:6f:88:
b4:cd:d7:bb:18:c3:97:5a:7d:a0:f2:b8:85:36:c5:
ff:9d:76:dc:41:94:75:ba:bb:f2:8b:a2:2a:90:60:
da:44:11:51:e0:5e:77:1a:4f:ca:a6:7a:9a:06:d6:
5f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:43:D0:57:FC:75:AA:7F:86:F9:7A:0A:AD:4E:B5:73:07:F6:DC:8E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d0PQV_x1qn-G-XoKrU61cwf23I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:b0:48:2e:b6:d7:2c:bd:b6:1b:f9:f6:52:20:81:84:3f:7f:
b3:84:8e:7d:70:a6:f8:df:3d:d3:ce:8d:82:b0:d4:a0:36:d7:
55:8e:62:89:4c:bd:7d:6e:0a:d4:b8:52:8d:1e:14:28:21:ac:
1c:a6:bc:0c:a8:64:c9:a1:2d:84:19:4a:c0:86:79:10:a4:42:
ff:bd:e2:9c:3d:2a:4c:a9:ad:8d:fa:ac:fd:fa:d6:9c:17:73:
09:57:3c:71:04:ab:2a:fd:61:37:92:45:9b:c9:d4:dc:88:ee:
fa:9e:c8:43:04:d1:5d:69:38:c8:28:27:9c:30:d1:16:13:83:
b2:6a:23:58:8f:53:b0:e8:dc:80:42:cc:7c:6f:99:b7:eb:bc:
b1:99:c9:e5:07:13:83:7c:a4:33:00:b2:ae:33:f6:b1:4d:c8:
ab:82:d9:41:e3:7f:47:f6:fb:b0:e4:48:8d:78:14:cc:1c:07:
23:2d:73:fb:ec:5d:1b:da:84:84:e2:51:51:34:af:71:8e:b2:
cb:ed:31:99:cb:45:c2:84:8d:0e:e6:15:d7:2d:7c:34:26:3d:
46:6d:4f:8b:55:30:2d:20:37:70:e5:da:c6:62:42:64:15:99:
f9:4c:f2:5c:a1:cd:27:a7:8e:26:e2:1e:60:58:9f:77:e4:b1:
80:77:d3:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1uABgWiinJmAz7ywG+7vIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAzMDgwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQzZDA1N2ZjNzVhYTdmODZmOTdhMGFhZDRlYjU3MzA3ZjZkYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnO4FCpby1RzYVhOUwS4EzcCFmIp
JBYS3Pz34PbrDvgLfadDt0ZZuPLsdagaiUF+Mx/e26KaR2KmffhBz5xYGqme11ju
riB2YTCj+2u2SWCO/e2fPBSscaO9pkvSpWdM5d5Cf1HL2UNV6NPxi1VtiynKu2uz
LWiOI3R/sOncxYfIFyAf2j5dZEFECQXv2RguroN0X+lv5Xs1OlD0EfC5aaAz7BUn
gJYDUSD3SolTkZPC4MnfZJnoFxeEMhXz/Yu0Phu7E9uqzhQkt09zLhzeb4i0zde7
GMOXWn2g8riFNsX/nXbcQZR1urvyi6IqkGDaRBFR4F53Gk/KpnqaBtZfMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHdD0Ff8dap/hvl6Cq1OtXMH9tyOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZDBQUVZfeDFxbi1HLVhvS3JVNjFjd2YyM0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJWwSC621yy9thv59lIg
gYQ/f7OEjn1wpvjfPdPOjYKw1KA211WOYolMvX1uCtS4Uo0eFCghrBymvAyoZMmh
LYQZSsCGeRCkQv+94pw9KkyprY36rP361pwXcwlXPHEEqyr9YTeSRZvJ1NyI7vqe
yEME0V1pOMgoJ5ww0RYTg7JqI1iPU7Do3IBCzHxvmbfrvLGZyeUHE4N8pDMAsq4z
9rFNyKuC2UHjf0f2+7DkSI14FMwcByMtc/vsXRvahITiUVE0r3GOssvtMZnLRcKE
jQ7mFdctfDQmPUZtT4tVMC0gN3Dl2sZiQmQVmflM8lyhzSenjibiHmBYn3fksYB3
044=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:01:01 2025 by rpki-client