Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dfxnZNmm2wjLgpR-0XMvnBPi72w.roa
File: dfxnZNmm2wjLgpR-0XMvnBPi72w.roa (raw, json)
Hash identifier: mx+1p7Alg2kS0yHRLBZfZTLJfQ/5E1bJ1Zf3zAOmVTc=
Subject key identifier: 75:FC:67:64:D9:A6:DB:08:CB:82:94:7E:D1:73:2F:9C:13:E2:EF:6C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFB3A72D47BE248C11565655BC6D3C078
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dfxnZNmm2wjLgpR-0XMvnBPi72w.roa
Signing time: Fri 12 Jan 2024 01:12:40 +0000
ROA not before: Fri 12 Jan 2024 01:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fb:3a:72:d4:7b:e2:48:c1:15:65:65:5b:c6:d3:c0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 01:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75fc6764d9a6db08cb82947ed1732f9c13e2ef6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1d:94:ee:08:66:93:b3:45:02:4f:35:67:0e:
8c:5d:62:95:ab:e2:5a:ae:67:d9:19:6c:20:b9:0b:
37:c9:45:60:cc:79:13:f2:8a:58:cc:15:5e:eb:26:
2d:5b:4e:f5:ec:86:0f:d1:25:65:9c:20:37:ed:2b:
ec:db:02:83:72:4a:9a:e0:11:3f:d8:1b:8f:e6:e7:
c1:92:1a:f9:ff:ae:e1:dc:3c:12:c7:c7:1f:2f:03:
b1:ad:aa:70:b5:da:2e:c8:96:bd:da:da:b6:5c:4e:
83:c4:4b:86:01:1e:cc:31:af:8b:7d:61:f0:e5:d4:
a9:5e:0f:ff:9e:a2:3e:98:22:da:67:d1:bc:3e:c4:
ef:0c:bf:84:d4:68:5f:2b:eb:b9:8b:9f:f0:43:3c:
25:14:2f:ae:64:6f:c3:ce:73:28:74:c8:14:7f:a2:
65:91:49:8b:75:2e:81:ac:db:b5:95:71:90:30:56:
03:c6:32:33:23:d1:38:9b:93:bd:8e:7c:eb:d6:58:
d6:8c:f9:de:79:46:d2:a5:cd:39:03:24:be:ad:08:
16:fc:b8:39:51:77:f9:30:f3:69:bb:ca:b8:bb:b9:
62:bc:5b:e8:b9:ab:eb:cc:a7:b0:d1:45:cd:1e:72:
f0:68:72:75:50:fe:ec:ff:89:a3:70:91:5a:34:e0:
a9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FC:67:64:D9:A6:DB:08:CB:82:94:7E:D1:73:2F:9C:13:E2:EF:6C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dfxnZNmm2wjLgpR-0XMvnBPi72w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:01:a6:87:bd:84:34:63:56:43:42:68:6c:82:37:27:d6:ae:
46:f1:8c:58:fb:80:43:b7:40:88:17:cd:26:79:d1:82:64:17:
a1:4e:ea:d5:a9:92:35:cc:9b:e3:96:e4:44:c5:3c:14:47:7e:
eb:8a:47:1a:3c:37:00:cb:32:0e:4d:86:2e:d0:66:c6:ed:69:
f5:92:82:c8:76:53:ee:c8:2d:11:90:96:c5:b6:22:b9:49:a3:
87:38:ce:3b:d7:8e:70:d4:ca:bd:04:e9:4a:2c:ae:0d:c8:78:
d1:06:ab:53:5d:07:58:7f:ff:2a:66:ab:94:24:5a:2d:1b:b5:
04:2e:4d:61:88:6a:1b:d8:ae:b9:66:93:36:ce:69:9d:10:21:
f4:dd:da:70:76:c2:b7:93:a9:d9:55:16:f1:84:16:40:df:65:
1b:9f:fb:7e:3b:11:2c:4c:a6:89:7f:89:b5:5b:28:ac:f2:e9:
50:3e:aa:a2:1a:1b:d4:7d:78:c2:fa:58:73:a3:22:07:bf:94:
bb:46:03:f7:1f:ad:53:4a:68:34:93:3a:37:b2:76:ae:53:eb:
a4:43:f3:f4:24:52:96:8c:1d:29:21:b6:79:be:fd:4f:29:a0:
d8:1b:0d:9c:05:5b:63:f0:db:76:d4:52:a5:ea:b1:f3:16:61:
63:55:dc:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz7OnLUe+JIwRVlZVvG08B4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMDExMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZjNjc2NGQ5YTZkYjA4Y2I4Mjk0N2VkMTczMmY5YzEzZTJlZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR2U7ghmk7NFAk81Zw6MXWKVq+Ja
rmfZGWwguQs3yUVgzHkT8opYzBVe6yYtW0717IYP0SVlnCA37Svs2wKDckqa4BE/
2BuP5ufBkhr5/67h3DwSx8cfLwOxrapwtdouyJa92tq2XE6DxEuGAR7MMa+LfWHw
5dSpXg//nqI+mCLaZ9G8PsTvDL+E1GhfK+u5i5/wQzwlFC+uZG/DznModMgUf6Jl
kUmLdS6BrNu1lXGQMFYDxjIzI9E4m5O9jnzr1ljWjPneeUbSpc05AyS+rQgW/Lg5
UXf5MPNpu8q4u7livFvouavrzKew0UXNHnLwaHJ1UP7s/4mjcJFaNOCpBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHX8Z2TZptsIy4KUftFzL5wT4u9sMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZGZ4blpObW0yd2pMZ3BSLTBYTXZuQlBpNzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACwBpoe9hDRjVkNCaGyC
NyfWrkbxjFj7gEO3QIgXzSZ50YJkF6FO6tWpkjXMm+OW5ETFPBRHfuuKRxo8NwDL
Mg5Nhi7QZsbtafWSgsh2U+7ILRGQlsW2IrlJo4c4zjvXjnDUyr0E6Uosrg3IeNEG
q1NdB1h//ypmq5QkWi0btQQuTWGIahvYrrlmkzbOaZ0QIfTd2nB2wreTqdlVFvGE
FkDfZRuf+347ESxMpol/ibVbKKzy6VA+qqIaG9R9eML6WHOjIge/lLtGA/cfrVNK
aDSTOjeydq5T66RD8/QkUpaMHSkhtnm+/U8poNgbDZwFW2Pw23bUUqXqsfMWYWNV
3OQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:51:30 2025 by rpki-client