Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g4qv8WorCQqcttViCjtTFeLMQJY.roa
File: g4qv8WorCQqcttViCjtTFeLMQJY.roa (raw, json)
Hash identifier: N2kfQK9qx3K4OjaVPw0Ax/zI1w+4fDWEN2Yyf25sIQI=
Subject key identifier: 83:8A:AF:F1:6A:2B:09:0A:9C:B6:D5:62:0A:3B:53:15:E2:CC:40:96
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1CB61689369FA427D6D1A4FD72E79343
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g4qv8WorCQqcttViCjtTFeLMQJY.roa
Signing time: Thu 18 Jan 2024 13:15:11 +0000
ROA not before: Thu 18 Jan 2024 13:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:b6:16:89:36:9f:a4:27:d6:d1:a4:fd:72:e7:93:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 13:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=838aaff16a2b090a9cb6d5620a3b5315e2cc4096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:27:6f:ba:cb:61:63:e5:6f:91:ed:19:73:2b:
ba:4a:3b:f0:12:e8:e0:d3:35:75:6f:64:1f:b9:23:
42:96:8c:20:fd:fd:88:08:60:c3:fc:0f:16:84:c0:
69:b6:bc:b7:5d:a7:55:43:6b:47:c3:6a:9f:f2:cd:
42:20:d8:cd:66:34:a4:a3:9a:c0:db:4c:de:af:da:
f1:7d:73:30:3f:73:c5:df:e9:65:5f:c1:ef:c5:14:
46:ba:c4:36:2f:a6:06:6c:b2:1c:97:98:23:5d:f0:
67:4a:7c:fa:36:d4:dc:31:fb:39:7d:d1:99:61:8b:
9c:35:57:6e:83:5e:a8:08:f9:9d:9b:96:51:33:8a:
96:25:77:43:e0:39:4c:75:c0:cb:e0:ab:0b:07:13:
35:28:4a:3f:94:7e:86:d3:6f:02:ca:a7:4b:4e:8f:
57:34:ed:6d:bc:fc:3b:43:ae:f9:f8:0b:b6:df:76:
4d:91:22:e2:54:b0:35:ac:5b:95:22:ca:b6:53:3c:
8e:37:c1:ca:69:73:00:67:df:dc:fe:58:91:bc:7f:
f7:e6:09:2e:35:80:a6:4b:df:f4:74:ae:62:06:a5:
0e:60:d3:45:53:84:c7:0a:82:61:a5:0a:fe:cf:0b:
f5:18:36:5e:a2:f2:c0:08:e1:da:77:e4:8a:a9:41:
8a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8A:AF:F1:6A:2B:09:0A:9C:B6:D5:62:0A:3B:53:15:E2:CC:40:96
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g4qv8WorCQqcttViCjtTFeLMQJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:97:bb:c6:2e:85:74:38:8f:ed:35:3e:47:75:57:a6:7e:56:
cc:94:d6:d0:b1:c8:36:4b:be:03:65:82:7c:f5:13:8f:74:b5:
ba:71:23:a4:e6:d0:4b:1a:50:1b:d7:82:52:4d:1d:c3:74:29:
b6:13:b4:ab:b8:ab:34:0b:5a:4e:9a:94:67:7a:d0:e5:82:cb:
d9:d8:85:5e:1f:cc:cf:2d:2b:92:10:f9:3b:57:74:76:13:6a:
65:71:86:c2:2e:2b:8e:58:e7:1a:30:ed:a6:07:f5:ed:c6:11:
86:30:b0:93:19:de:d8:98:58:84:15:da:8c:f1:c3:e7:57:da:
9c:df:2f:99:6c:93:8d:05:dc:3e:b8:b4:3b:ee:cd:90:84:88:
af:89:ad:49:78:79:41:09:c6:a6:ae:6f:3e:b6:a0:25:07:78:
f5:b4:46:05:ab:7d:9d:15:ab:b8:bc:84:f4:91:55:ec:a2:fe:
29:cc:06:13:9d:72:f7:28:aa:7e:f1:8e:b2:41:80:86:c8:3c:
e4:9e:82:4e:81:3c:3c:6f:ec:dd:79:c3:fc:37:2d:d5:6b:db:
c3:2b:fc:6a:d0:08:61:ef:91:c8:b3:d2:6a:b8:7d:4c:cd:63:
01:1f:25:01:fa:28:8b:e1:eb:d2:3a:c4:e6:75:fa:40:9e:1a:
91:4b:0c:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0cthaJNp+kJ9bRpP1y55NDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MTMxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhhYWZmMTZhMmIwOTBhOWNiNmQ1NjIwYTNiNTMxNWUyY2M0MDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzydvusthY+Vvke0Zcyu6SjvwEujg
0zV1b2QfuSNClowg/f2ICGDD/A8WhMBptry3XadVQ2tHw2qf8s1CINjNZjSko5rA
20zer9rxfXMwP3PF3+llX8HvxRRGusQ2L6YGbLIcl5gjXfBnSnz6NtTcMfs5fdGZ
YYucNVdug16oCPmdm5ZRM4qWJXdD4DlMdcDL4KsLBxM1KEo/lH6G028CyqdLTo9X
NO1tvPw7Q675+Au233ZNkSLiVLA1rFuVIsq2UzyON8HKaXMAZ9/c/liRvH/35gku
NYCmS9/0dK5iBqUOYNNFU4THCoJhpQr+zwv1GDZeovLACOHad+SKqUGK7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIOKr/FqKwkKnLbVYgo7UxXizECWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZzRxdjhXb3JDUXFjdHRWaUNqdFRGZUxNUUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACyXu8YuhXQ4j+01Pkd1
V6Z+VsyU1tCxyDZLvgNlgnz1E490tbpxI6Tm0EsaUBvXglJNHcN0KbYTtKu4qzQL
Wk6alGd60OWCy9nYhV4fzM8tK5IQ+TtXdHYTamVxhsIuK45Y5xow7aYH9e3GEYYw
sJMZ3tiYWIQV2ozxw+dX2pzfL5lsk40F3D64tDvuzZCEiK+JrUl4eUEJxqaubz62
oCUHePW0RgWrfZ0Vq7i8hPSRVeyi/inMBhOdcvcoqn7xjrJBgIbIPOSegk6BPDxv
7N15w/w3LdVr28Mr/GrQCGHvkciz0mq4fUzNYwEfJQH6KIvh69I6xOZ1+kCeGpFL
DPg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:29:59 2025 by rpki-client