Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hdpv9DCwG5WTQwszfbCa8IM9bUo.roa
File: hdpv9DCwG5WTQwszfbCa8IM9bUo.roa (raw, json)
Hash identifier: qlTAacKv/ML6CR65vGIFbSQrAGS8vKnFCqufEqUbMDs=
Subject key identifier: 85:DA:6F:F4:30:B0:1B:95:93:43:0B:33:7D:B0:9A:F0:83:3D:6D:4A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB0538C09CADEF5D50E48AEB25C649C5E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hdpv9DCwG5WTQwszfbCa8IM9bUo.roa
Signing time: Fri 16 Feb 2024 05:11:21 +0000
ROA not before: Fri 16 Feb 2024 05:11:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:53:8c:09:ca:de:f5:d5:0e:48:ae:b2:5c:64:9c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 05:11:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85da6ff430b01b9593430b337db09af0833d6d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:28:74:aa:97:c5:c9:41:64:fd:ed:97:f8:cc:
7a:82:a4:2b:fe:99:07:58:ec:94:5a:1b:79:39:39:
7d:4d:da:75:8f:b5:cb:ce:b9:63:32:ce:af:a0:a3:
75:4d:56:33:d7:5f:bf:a1:d3:e2:36:c7:7b:24:37:
65:d1:b9:a1:84:fc:6c:bd:58:9d:c7:21:2a:37:47:
b3:0f:27:07:8d:b5:05:9e:b3:ca:4c:ed:c3:3a:6e:
57:61:61:e4:12:21:7b:fd:de:94:ef:77:7a:28:38:
24:e2:78:35:3c:92:75:7e:7b:6b:f9:7c:99:dc:20:
57:66:1c:01:04:fd:50:88:2a:54:bb:bc:a4:ff:83:
63:c5:3c:6e:35:95:e5:6b:a2:db:80:7e:c0:81:3f:
5b:98:49:e2:6f:6b:c4:a7:11:ce:6f:83:5f:d8:32:
7f:d3:10:4f:d3:ef:b1:83:7e:98:4d:e9:9b:e2:ed:
e9:2e:a4:09:3f:09:61:15:1c:76:dd:02:8d:97:50:
df:85:6f:9b:e1:ad:c3:dc:8c:cb:7e:33:e1:86:81:
3f:58:f0:0c:f3:0b:83:ae:22:b9:89:3e:89:81:0e:
6c:e7:fe:32:24:7f:0a:55:4d:e5:c2:ce:14:92:b4:
82:5d:63:25:41:70:cc:5a:fd:45:8b:96:f4:ec:2f:
0f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DA:6F:F4:30:B0:1B:95:93:43:0B:33:7D:B0:9A:F0:83:3D:6D:4A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hdpv9DCwG5WTQwszfbCa8IM9bUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:fe:54:23:10:68:2f:77:d8:fa:d4:91:a0:34:e7:fc:54:b9:
21:99:b1:c5:0f:71:8c:21:78:78:e7:ff:ec:0d:57:49:be:88:
63:21:d4:fa:e3:60:fb:c0:8c:b6:5d:ec:b0:fc:da:99:4c:8d:
ad:2e:fd:fb:40:00:81:15:b6:20:a5:21:ed:3b:71:c8:b1:2e:
0c:28:4c:94:64:c5:19:36:5a:89:c0:4f:97:51:a5:04:29:df:
db:ad:7f:33:0b:bf:54:bc:1c:9b:12:2e:b0:5d:a4:2b:60:e8:
f2:40:e6:47:2e:4b:af:34:ad:7a:50:b6:47:34:b1:f9:92:04:
15:c7:11:26:70:15:f1:34:c1:25:e3:7f:38:14:34:b6:9a:ab:
76:96:f7:26:3a:4f:4b:f7:5b:2c:ac:48:42:e8:1a:97:98:ec:
16:0e:b6:22:9b:c4:92:46:f3:ae:16:ce:8b:96:84:11:57:c2:
4d:db:33:7d:02:d5:c8:cf:73:7f:b1:19:4c:b4:3f:3d:17:56:
74:1a:c5:00:35:0e:f9:4f:2f:33:dc:af:40:fe:7f:7d:49:3d:
d0:3b:8b:b2:4c:36:b8:78:dd:c8:0a:6e:c7:b2:0a:05:c6:df:
d5:30:50:bf:85:b5:96:37:02:73:7c:94:79:bd:6f:f6:7a:81:
8a:fa:b3:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2wU4wJyt711Q5IrrJcZJxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MDUxMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRhNmZmNDMwYjAxYjk1OTM0MzBiMzM3ZGIwOWFmMDgzM2Q2ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgih0qpfFyUFk/e2X+Mx6gqQr/pkH
WOyUWht5OTl9Tdp1j7XLzrljMs6voKN1TVYz11+/odPiNsd7JDdl0bmhhPxsvVid
xyEqN0ezDycHjbUFnrPKTO3DOm5XYWHkEiF7/d6U73d6KDgk4ng1PJJ1fntr+XyZ
3CBXZhwBBP1QiCpUu7yk/4NjxTxuNZXla6LbgH7AgT9bmEnib2vEpxHOb4Nf2DJ/
0xBP0++xg36YTemb4u3pLqQJPwlhFRx23QKNl1DfhW+b4a3D3IzLfjPhhoE/WPAM
8wuDriK5iT6JgQ5s5/4yJH8KVU3lws4UkrSCXWMlQXDMWv1Fi5b07C8P1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIXab/QwsBuVk0MLM32wmvCDPW1KMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaGRwdjlEQ3dHNVdUUXdzemZiQ2E4SU05YlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABL+VCMQaC932PrUkaA0
5/xUuSGZscUPcYwheHjn/+wNV0m+iGMh1PrjYPvAjLZd7LD82plMja0u/ftAAIEV
tiClIe07ccixLgwoTJRkxRk2WonAT5dRpQQp39utfzMLv1S8HJsSLrBdpCtg6PJA
5kcuS680rXpQtkc0sfmSBBXHESZwFfE0wSXjfzgUNLaaq3aW9yY6T0v3WyysSELo
GpeY7BYOtiKbxJJG864WzouWhBFXwk3bM30C1cjPc3+xGUy0Pz0XVnQaxQA1DvlP
LzPcr0D+f31JPdA7i7JMNrh43cgKbseyCgXG39UwUL+FtZY3AnN8lHm9b/Z6gYr6
syU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:41:08 2025 by rpki-client