Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hoPPp0l-Vi84F8gYyjedkEcGAzI.roa
File: hoPPp0l-Vi84F8gYyjedkEcGAzI.roa (raw, json)
Hash identifier: Y602O1CTUH2GKXMYIUYvQrEYsGB5XwAVYcTy6bRQaDI=
Subject key identifier: 86:83:CF:A7:49:7E:56:2F:38:17:C8:18:CA:37:9D:90:47:06:03:32
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9DD9EEC723CD242CEB63DD9D34298013
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hoPPp0l-Vi84F8gYyjedkEcGAzI.roa
Signing time: Mon 12 Feb 2024 15:05:21 +0000
ROA not before: Mon 12 Feb 2024 15:05:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:9dd9:5816/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:d9:ee:c7:23:cd:24:2c:eb:63:dd:9d:34:29:80:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 12 15:05:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8683cfa7497e562f3817c818ca379d9047060332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:61:1e:29:43:ea:2f:76:3f:ff:72:5c:a0:39:
9d:ee:8d:c1:2d:b6:1a:59:a0:ae:c2:c6:42:20:9d:
40:6b:a4:2b:02:59:64:40:de:78:1c:aa:57:14:68:
26:0c:8f:d5:39:58:68:2f:cd:02:c4:95:bb:55:a5:
12:3f:6d:64:8f:b1:76:90:8c:cf:55:66:2a:82:4a:
d6:0e:d1:7a:35:1d:1a:aa:ba:59:a5:89:37:3e:f6:
40:1c:ae:60:ff:87:85:10:20:e8:c5:46:04:7e:dd:
cc:18:ed:b6:cb:2a:57:ff:a2:2d:9d:e4:e9:e6:50:
2b:32:0d:d7:4c:c0:e6:b4:d2:cc:d6:6b:60:46:ec:
37:1a:9e:03:b5:e6:2e:55:fe:9d:60:49:40:28:8c:
b2:31:f3:63:5e:64:24:da:76:fd:0b:ec:4b:2d:bf:
ad:72:b8:84:ff:a3:e5:66:c6:8a:50:f3:27:a7:43:
ec:e1:cf:2c:01:f7:d3:6e:98:22:62:4f:e5:a3:3f:
b0:a4:69:d9:6b:7c:db:d5:dd:f7:98:fd:fa:57:33:
be:1c:74:15:35:c6:91:36:8a:55:9a:39:45:98:36:
c8:af:fe:34:db:47:ae:a9:77:58:9e:60:ff:09:80:
51:d6:da:5e:65:d8:46:ea:6c:c1:73:c5:7e:31:0e:
2f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:83:CF:A7:49:7E:56:2F:38:17:C8:18:CA:37:9D:90:47:06:03:32
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hoPPp0l-Vi84F8gYyjedkEcGAzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:1b:45:2a:9b:e8:21:a5:5d:d5:c2:5b:12:20:4a:d5:f0:68:
cd:09:14:a6:27:cb:29:6b:c5:31:52:fe:84:fe:51:0e:1d:0d:
ac:ba:fe:12:17:20:67:0b:25:c6:21:e7:ea:83:ee:a1:d5:6e:
2d:99:e8:a2:18:c4:63:d3:75:fb:38:77:a6:04:e0:1c:d0:85:
bc:f4:83:e6:d1:f8:fa:ee:76:00:46:30:b1:7a:36:15:8d:d9:
ad:5c:e9:d9:f8:76:c2:ec:fd:16:20:81:62:7b:3e:3f:47:1f:
8b:55:66:b8:99:7d:84:2a:96:e2:ca:c0:a0:aa:fd:2c:f7:a1:
f9:d8:5f:ea:d5:c6:ce:49:81:1b:0d:f6:6e:65:84:48:ab:4f:
34:cc:a8:c9:54:45:bf:17:a8:e2:ad:72:bd:57:d0:39:14:54:
08:30:0a:de:d9:56:88:5c:5d:d6:c4:28:a4:95:82:22:43:d0:
22:d0:98:dc:86:37:8c:f7:93:2c:75:37:79:1d:31:18:a5:64:
eb:c2:f0:e9:77:94:c8:f2:25:ed:34:aa:22:3a:f5:2d:80:0e:
86:06:1c:9a:36:cd:fe:0a:1e:a0:23:8e:44:6d:95:58:a3:c8:
92:27:b5:dd:fe:66:f4:56:09:75:8b:3f:03:28:a1:fb:85:f2:
43:4b:62:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2d2e7HI80kLOtj3Z00KYATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEyMTUwNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgzY2ZhNzQ5N2U1NjJmMzgxN2M4MThjYTM3OWQ5MDQ3MDYwMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGEeKUPqL3Y//3JcoDmd7o3BLbYa
WaCuwsZCIJ1Aa6QrAllkQN54HKpXFGgmDI/VOVhoL80CxJW7VaUSP21kj7F2kIzP
VWYqgkrWDtF6NR0aqrpZpYk3PvZAHK5g/4eFECDoxUYEft3MGO22yypX/6ItneTp
5lArMg3XTMDmtNLM1mtgRuw3Gp4DteYuVf6dYElAKIyyMfNjXmQk2nb9C+xLLb+t
criE/6PlZsaKUPMnp0Ps4c8sAffTbpgiYk/loz+wpGnZa3zb1d33mP36VzO+HHQV
NcaRNopVmjlFmDbIr/4020euqXdYnmD/CYBR1tpeZdhG6mzBc8V+MQ4v+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIaDz6dJflYvOBfIGMo3nZBHBgMyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaG9QUHAwbC1WaTg0RjhnWXlqZWRrRWNHQXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABAbRSqb6CGlXdXCWxIg
StXwaM0JFKYnyylrxTFS/oT+UQ4dDay6/hIXIGcLJcYh5+qD7qHVbi2Z6KIYxGPT
dfs4d6YE4BzQhbz0g+bR+PrudgBGMLF6NhWN2a1c6dn4dsLs/RYggWJ7Pj9HH4tV
ZriZfYQqluLKwKCq/Sz3ofnYX+rVxs5JgRsN9m5lhEirTzTMqMlURb8XqOKtcr1X
0DkUVAgwCt7ZVohcXdbEKKSVgiJD0CLQmNyGN4z3kyx1N3kdMRilZOvC8Ol3lMjy
Je00qiI69S2ADoYGHJo2zf4KHqAjjkRtlVijyJIntd3+ZvRWCXWLPwMoofuF8kNL
Yg8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:52:16 2025 by rpki-client