Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hSvid4KAwqH6xlEkAPQ7u0Q0jt8.roa
File: hSvid4KAwqH6xlEkAPQ7u0Q0jt8.roa (raw, json)
Hash identifier: 7exT10lZCgaD9IjjWh5GAU7FW45xWBzV76K617Sek4s=
Subject key identifier: 85:2B:E2:77:82:80:C2:A1:FA:C6:51:24:00:F4:3B:BB:44:34:8E:DF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D788BFBC4CE16CA4E8818D6A0FAE69BA1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hSvid4KAwqH6xlEkAPQ7u0Q0jt8.roa
Signing time: Mon 05 Feb 2024 09:14:16 +0000
ROA not before: Mon 05 Feb 2024 09:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:8b:fb:c4:ce:16:ca:4e:88:18:d6:a0:fa:e6:9b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 09:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=852be2778280c2a1fac6512400f43bbb44348edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:76:18:59:2a:5d:aa:3d:62:88:36:24:4d:5e:
af:6c:69:6e:56:b0:6f:95:7a:fb:f8:50:1d:7b:97:
da:f7:19:75:8b:10:c5:e8:32:e7:e4:e9:9d:dc:d3:
62:3c:6b:7c:21:9d:04:9b:69:dd:ef:dd:db:1d:21:
59:ef:cc:b1:cb:f1:c4:b4:de:d6:b4:2a:70:d6:9d:
b7:30:ce:c8:bf:d8:13:d6:c7:72:a7:07:d8:d6:60:
00:ea:7b:8c:22:eb:a3:82:56:54:46:66:cc:62:bb:
9c:bc:7d:7b:19:38:be:9b:8d:57:0e:da:32:5e:55:
26:84:57:49:0b:3b:2d:5f:bd:48:3a:9c:54:8c:92:
6e:e8:b9:07:1b:d0:02:97:4d:7d:f7:e5:da:9d:58:
50:ef:14:f2:73:e6:f0:18:bd:a5:f7:e7:72:5d:c2:
9f:1a:2a:50:ee:ed:a7:e2:80:9b:e7:88:dc:3a:43:
ad:77:45:04:e6:19:83:b7:b4:df:c6:a2:1b:53:01:
27:64:48:6e:cc:e5:8e:9c:09:6c:d1:a9:c3:aa:ae:
f5:91:9d:e2:eb:32:5d:9a:a4:4c:e0:c9:a0:f4:8b:
63:c1:05:e1:31:a0:72:82:f4:88:e3:c4:cd:16:aa:
e1:5f:76:80:19:ac:81:dc:83:7b:c0:38:f3:10:e5:
a1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2B:E2:77:82:80:C2:A1:FA:C6:51:24:00:F4:3B:BB:44:34:8E:DF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hSvid4KAwqH6xlEkAPQ7u0Q0jt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:a6:3d:d6:cb:bd:8a:bd:94:39:c4:f7:e6:ae:64:51:c9:b2:
91:8f:9c:16:6e:1b:9b:2e:4e:43:37:b4:6e:46:84:78:e6:81:
c4:b2:9d:bf:00:44:77:ca:dc:f2:75:5c:44:18:50:5e:a4:30:
6c:af:10:22:6d:96:97:a7:ad:62:3a:25:e9:bc:f1:37:86:bf:
68:54:7b:80:98:09:2d:3b:4a:fb:83:b1:1a:07:bf:47:71:a8:
ba:5c:5c:90:12:60:55:4e:a5:6d:b5:06:0c:35:77:72:cf:20:
34:da:08:cb:c6:e7:34:5c:20:f2:76:0a:a6:33:b6:e5:af:91:
d2:e3:19:e8:bf:14:5d:52:93:7a:05:5b:3f:d0:e3:75:fc:71:
2b:64:48:f5:9b:1f:6e:d6:71:82:b1:af:9d:50:75:bc:4c:80:
9b:fd:5d:0b:1b:95:f7:6d:4f:3b:6a:78:75:ac:9a:bd:91:ab:
ca:0e:be:23:20:e7:4e:61:fe:d3:dc:3f:06:3c:dc:cd:98:f0:
2c:1f:ac:77:d3:1b:6b:dd:66:1e:fd:1d:d4:23:5b:19:94:81:
45:6e:27:28:06:ef:f3:70:35:ba:a3:c4:e9:2e:60:8b:e1:e6:
c9:02:7d:6f:5e:82:f5:c3:e6:ad:35:6f:27:ec:28:74:79:a4:
1a:d4:5e:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY14i/vEzhbKTogY1qD65puhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MDkxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJiZTI3NzgyODBjMmExZmFjNjUxMjQwMGY0M2JiYjQ0MzQ4ZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nYYWSpdqj1iiDYkTV6vbGluVrBv
lXr7+FAde5fa9xl1ixDF6DLn5Omd3NNiPGt8IZ0Em2nd793bHSFZ78yxy/HEtN7W
tCpw1p23MM7Iv9gT1sdypwfY1mAA6nuMIuujglZURmbMYrucvH17GTi+m41XDtoy
XlUmhFdJCzstX71IOpxUjJJu6LkHG9ACl0199+XanVhQ7xTyc+bwGL2l9+dyXcKf
GipQ7u2n4oCb54jcOkOtd0UE5hmDt7TfxqIbUwEnZEhuzOWOnAls0anDqq71kZ3i
6zJdmqRM4Mmg9ItjwQXhMaBygvSI48TNFqrhX3aAGayB3IN7wDjzEOWhFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUr4neCgMKh+sZRJAD0O7tENI7fMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaFN2aWQ0S0F3cUg2eGxFa0FQUTd1MFEwanQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIumPdbLvYq9lDnE9+au
ZFHJspGPnBZuG5suTkM3tG5GhHjmgcSynb8ARHfK3PJ1XEQYUF6kMGyvECJtlpen
rWI6Jem88TeGv2hUe4CYCS07SvuDsRoHv0dxqLpcXJASYFVOpW21Bgw1d3LPIDTa
CMvG5zRcIPJ2CqYztuWvkdLjGei/FF1Sk3oFWz/Q43X8cStkSPWbH27WcYKxr51Q
dbxMgJv9XQsblfdtTztqeHWsmr2Rq8oOviMg505h/tPcPwY83M2Y8CwfrHfTG2vd
Zh79HdQjWxmUgUVuJygG7/NwNbqjxOkuYIvh5skCfW9egvXD5q01byfsKHR5pBrU
Xvg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:34:30 2025 by rpki-client