Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/deqdj601E0GiThD1E9s5JhlGo00.roa
File: deqdj601E0GiThD1E9s5JhlGo00.roa (raw, json)
Hash identifier: Jxw/arW7I2q2nzYjo9mJnzsqJMEYjjtVo3TjCVPkz70=
Subject key identifier: 75:EA:9D:8F:AD:35:13:41:A2:4E:10:F5:13:DB:39:26:19:46:A3:4D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA595D9EC250CDD4C8E5F922082D9060E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/deqdj601E0GiThD1E9s5JhlGo00.roa
Signing time: Wed 03 Apr 2024 20:10:45 +0000
ROA not before: Wed 03 Apr 2024 20:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:95:d9:ec:25:0c:dd:4c:8e:5f:92:20:82:d9:06:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 20:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75ea9d8fad351341a24e10f513db39261946a34d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7d:25:d5:11:68:4b:60:e4:7a:80:2f:5e:e7:
00:75:f9:7e:0f:03:d7:03:6e:a4:df:e2:54:39:df:
9b:f0:f2:4a:66:bf:e3:36:aa:fa:63:c4:05:cb:64:
55:d3:09:16:af:19:27:98:f0:51:26:18:2d:b0:dc:
50:07:fd:05:c9:f3:f2:c7:cc:df:0e:76:f5:ea:c1:
84:63:3b:06:dc:9f:e3:b9:0e:39:08:ea:63:45:a0:
35:33:ad:56:92:e9:b5:ba:68:69:7d:58:0f:4b:b3:
a5:46:95:06:b2:04:f3:a7:9e:7a:1a:1c:09:5e:b4:
9a:f8:ac:f6:24:16:3a:6d:19:de:7b:c5:de:a9:58:
88:cb:c3:29:13:53:f9:b0:38:55:13:33:02:06:e3:
f5:2a:42:4a:3c:e3:a7:2f:fc:d7:0b:79:1c:c5:c4:
cb:3f:47:7d:47:23:aa:29:f3:96:90:58:0f:a8:4e:
04:af:2f:2e:af:d4:08:79:c8:f3:d0:05:25:4d:bc:
e5:f1:4e:8d:21:dd:8f:1f:56:4c:d2:e4:1a:85:5e:
66:bb:85:0d:09:3b:3a:c6:3f:c7:41:33:6b:ad:20:
b7:66:1d:19:b1:a0:e3:32:7f:ba:95:6f:53:ce:43:
bc:06:e2:3b:04:42:a6:8a:23:30:a1:85:d5:27:64:
57:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:EA:9D:8F:AD:35:13:41:A2:4E:10:F5:13:DB:39:26:19:46:A3:4D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/deqdj601E0GiThD1E9s5JhlGo00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:4b:52:26:6d:db:bc:fd:d1:53:c2:0f:e7:6b:b1:8f:c2:e8:
db:79:73:1e:c9:31:19:ac:8d:03:0d:06:c2:d6:67:53:b9:b8:
25:98:f0:3b:ab:15:d2:47:be:bd:d3:9a:25:62:90:0d:6e:bf:
5f:06:aa:2f:52:b6:2b:ce:35:8e:eb:e1:77:68:da:17:ec:a9:
4d:21:44:3b:a7:65:9f:55:27:cd:10:ea:ca:14:f5:31:b0:d2:
94:35:00:ab:36:45:f9:c7:3f:80:2d:ec:2b:29:ea:7b:61:01:
f3:3b:13:d5:1b:72:d9:cb:6e:27:07:7b:3e:8f:8b:f6:e9:14:
83:08:ff:ef:6e:91:3e:47:50:ea:24:e9:22:03:a4:44:d4:04:
34:af:68:39:05:3e:61:30:19:31:1c:a1:0c:d3:f8:26:18:d1:
60:30:f2:c7:2e:92:40:75:7e:b1:d3:05:8d:bc:96:58:87:c4:
9a:d4:92:e8:4d:46:7d:36:06:fd:d9:e5:dd:fa:23:1e:24:43:
8d:5b:ef:a8:fd:ac:a8:c8:df:21:21:04:20:45:75:4f:0d:c4:
84:89:b1:2b:56:8c:2f:aa:c3:fa:5c:d1:30:9c:57:ac:53:42:
a2:fb:10:ab:54:bb:3e:cf:ac:e4:0d:ae:13:b1:7c:0c:29:bb:
32:3b:24:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6lldnsJQzdTI5fkiCC2QYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMjAxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWVhOWQ4ZmFkMzUxMzQxYTI0ZTEwZjUxM2RiMzkyNjE5NDZhMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn0l1RFoS2DkeoAvXucAdfl+DwPX
A26k3+JUOd+b8PJKZr/jNqr6Y8QFy2RV0wkWrxknmPBRJhgtsNxQB/0FyfPyx8zf
Dnb16sGEYzsG3J/juQ45COpjRaA1M61Wkum1umhpfVgPS7OlRpUGsgTzp556GhwJ
XrSa+Kz2JBY6bRnee8XeqViIy8MpE1P5sDhVEzMCBuP1KkJKPOOnL/zXC3kcxcTL
P0d9RyOqKfOWkFgPqE4Ery8ur9QIecjz0AUlTbzl8U6NId2PH1ZM0uQahV5mu4UN
CTs6xj/HQTNrrSC3Zh0ZsaDjMn+6lW9TzkO8BuI7BEKmiiMwoYXVJ2RXYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHXqnY+tNRNBok4Q9RPbOSYZRqNNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZGVxZGo2MDFFMEdpVGhEMUU5czVKaGxHbzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHhLUiZt27z90VPCD+dr
sY/C6Nt5cx7JMRmsjQMNBsLWZ1O5uCWY8DurFdJHvr3TmiVikA1uv18Gqi9StivO
NY7r4Xdo2hfsqU0hRDunZZ9VJ80Q6soU9TGw0pQ1AKs2RfnHP4At7Csp6nthAfM7
E9UbctnLbicHez6Pi/bpFIMI/+9ukT5HUOok6SIDpETUBDSvaDkFPmEwGTEcoQzT
+CYY0WAw8scukkB1frHTBY28lliHxJrUkuhNRn02Bv3Z5d36Ix4kQ41b76j9rKjI
3yEhBCBFdU8NxISJsStWjC+qw/pc0TCcV6xTQqL7EKtUuz7PrOQNrhOxfAwpuzI7
JJo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:26:26 2025 by rpki-client