Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g-iRddhZClCdkCoLP0pAgktpoZU.roa
File: g-iRddhZClCdkCoLP0pAgktpoZU.roa (raw, json)
Hash identifier: bUl4qRfSji2a+3C6YNBBr1+X+2YmrjADTKEpnhtjhU4=
Subject key identifier: 83:E8:91:75:D8:59:0A:50:9D:90:2A:0B:3F:4A:40:82:4B:69:A1:95
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D32296AF9B30DFA62435FEEB5B2B8EC19
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g-iRddhZClCdkCoLP0pAgktpoZU.roa
Signing time: Mon 22 Jan 2024 17:13:11 +0000
ROA not before: Mon 22 Jan 2024 17:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:29:6a:f9:b3:0d:fa:62:43:5f:ee:b5:b2:b8:ec:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 22 17:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83e89175d8590a509d902a0b3f4a40824b69a195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:d4:02:77:8b:45:22:94:00:7c:05:20:f4:
4b:14:05:56:c5:85:50:61:6c:6b:84:72:75:26:ca:
11:e0:ad:1f:84:7f:16:ae:a8:e8:69:4f:86:51:47:
06:a4:bc:9f:69:2a:6c:5b:49:5d:ab:95:01:0e:0d:
cd:60:0d:b0:6b:a6:6d:1f:86:7f:93:a9:2a:a2:15:
af:92:60:06:e7:77:fe:1f:fd:5a:31:f0:28:34:e5:
8b:87:4f:13:1f:cb:67:21:1a:ce:4f:ac:d2:55:18:
45:eb:28:d5:7e:ca:b8:9a:04:27:aa:84:ce:98:ec:
81:22:32:1e:1c:06:71:93:e0:52:cb:21:b9:02:18:
a1:8a:65:f1:83:70:52:38:54:12:65:2c:a0:d5:6d:
36:d7:96:f3:1b:bb:8f:72:58:c3:f7:dd:b9:06:3f:
71:cb:f2:5a:01:5a:65:5c:5e:fc:29:6f:84:86:8e:
9c:66:30:09:d2:1f:fd:a2:c4:e4:fe:12:cd:bc:42:
c6:d9:91:34:cb:dd:55:cb:6a:e8:cf:bd:54:81:30:
1a:11:2a:89:0b:5a:07:4d:15:a9:8d:f4:c5:1b:7d:
22:c7:c2:b7:cf:d9:32:e6:6a:1e:f5:c8:d9:cd:8c:
16:bf:9d:66:3c:06:85:07:b4:2e:81:40:8e:48:59:
14:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E8:91:75:D8:59:0A:50:9D:90:2A:0B:3F:4A:40:82:4B:69:A1:95
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g-iRddhZClCdkCoLP0pAgktpoZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:7f:a2:0a:de:01:3e:bd:a1:6f:c2:2e:3d:55:7b:7e:3d:ca:
12:7c:c5:78:81:27:65:12:1c:dc:6b:7b:cd:e9:e5:cf:6b:51:
1e:2d:8c:94:91:b8:03:b5:f4:19:cf:76:c8:80:7e:71:ce:d6:
1e:d1:68:a5:55:84:b0:99:57:8a:c8:06:cc:b5:39:23:39:d6:
23:47:90:60:00:8c:e2:f3:ff:a7:fb:e5:4c:8f:df:48:b7:24:
22:32:ef:8f:23:7f:6a:14:1e:60:12:31:64:6a:2c:47:98:de:
29:4a:b0:d8:a2:b8:3f:7b:e5:36:78:75:8f:af:b4:9b:14:64:
b8:ae:83:dd:61:db:63:84:ae:ad:dd:38:e5:8d:bc:df:2d:71:
7b:a3:4e:1a:8c:eb:eb:bd:3d:89:db:46:dc:c9:e6:1a:cd:77:
b9:e7:9f:51:c4:8f:38:8d:98:3e:85:4f:a5:7a:31:be:e2:46:
10:83:c1:0d:10:6a:bd:ef:9f:20:1e:c4:b4:14:d9:ad:85:7a:
1e:86:cb:6c:3a:fd:43:1a:02:c5:34:b2:26:d5:b9:3b:bb:db:
94:c8:99:ac:8f:38:eb:06:04:ca:b9:b6:75:a1:67:1d:4a:8f:
bf:2f:73:3e:75:3e:07:f6:9c:f4:68:ac:7d:77:53:0b:15:bb:
da:6d:6d:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0yKWr5sw36YkNf7rWyuOwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIyMTcxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2U4OTE3NWQ4NTkwYTUwOWQ5MDJhMGIzZjRhNDA4MjRiNjlhMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtjUAneLRSKUAHwFIPRLFAVWxYVQ
YWxrhHJ1JsoR4K0fhH8WrqjoaU+GUUcGpLyfaSpsW0ldq5UBDg3NYA2wa6ZtH4Z/
k6kqohWvkmAG53f+H/1aMfAoNOWLh08TH8tnIRrOT6zSVRhF6yjVfsq4mgQnqoTO
mOyBIjIeHAZxk+BSyyG5AhihimXxg3BSOFQSZSyg1W0215bzG7uPcljD9925Bj9x
y/JaAVplXF78KW+Eho6cZjAJ0h/9osTk/hLNvELG2ZE0y91Vy2roz71UgTAaESqJ
C1oHTRWpjfTFG30ix8K3z9ky5moe9cjZzYwWv51mPAaFB7QugUCOSFkUjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIPokXXYWQpQnZAqCz9KQIJLaaGVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZy1pUmRkaFpDbENka0NvTFAwcEFna3Rwb1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKV/ogreAT69oW/CLj1V
e349yhJ8xXiBJ2USHNxre83p5c9rUR4tjJSRuAO19BnPdsiAfnHO1h7RaKVVhLCZ
V4rIBsy1OSM51iNHkGAAjOLz/6f75UyP30i3JCIy748jf2oUHmASMWRqLEeY3ilK
sNiiuD975TZ4dY+vtJsUZLiug91h22OErq3dOOWNvN8tcXujThqM6+u9PYnbRtzJ
5hrNd7nnn1HEjziNmD6FT6V6Mb7iRhCDwQ0Qar3vnyAexLQU2a2Feh6Gy2w6/UMa
AsU0sibVuTu725TImayPOOsGBMq5tnWhZx1Kj78vcz51Pgf2nPRorH13UwsVu9pt
bRI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:30:54 2025 by rpki-client