Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iEHtgrHE94OQ1oSWzzVZw8Dp1mA.roa
File: iEHtgrHE94OQ1oSWzzVZw8Dp1mA.roa (raw, json)
Hash identifier: m2wnmVS4y4KBWC6dPoWmWxPU6p51l1r1HMID9jsbbuE=
Subject key identifier: 88:41:ED:82:B1:C4:F7:83:90:D6:84:96:CF:35:59:C3:C0:E9:D6:60
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E27003AD04AE67C259A5F0473846B9A2F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iEHtgrHE94OQ1oSWzzVZw8Dp1mA.roa
Signing time: Sun 10 Mar 2024 06:15:10 +0000
ROA not before: Sun 10 Mar 2024 06:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:27:00:3a:d0:4a:e6:7c:25:9a:5f:04:73:84:6b:9a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 06:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8841ed82b1c4f78390d68496cf3559c3c0e9d660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:03:67:7b:c7:d7:89:f4:ef:53:3f:6b:d8:17:
df:72:aa:54:10:6a:71:5e:ed:7e:f2:04:0c:ce:8b:
82:15:c1:02:5b:4c:07:e2:cf:15:8c:e2:78:51:39:
63:41:7e:40:48:59:c9:6a:10:57:f2:cd:b5:50:29:
03:b5:41:53:c6:f4:6b:21:ef:3c:4f:47:7f:3e:6f:
7a:a8:c4:a0:f7:6d:b7:08:af:1e:05:00:13:0d:63:
7e:47:ec:d0:20:c2:60:1d:30:84:ee:9f:8b:85:4b:
1c:3a:da:79:21:3e:bb:57:65:dd:aa:8c:20:10:cb:
a1:92:75:e7:5e:d7:f1:5f:ea:e4:e5:c6:67:16:dc:
d2:23:f9:99:6a:0f:2b:34:87:a9:03:fe:60:e0:bf:
7d:8e:c3:1e:9f:24:ba:6f:03:77:5f:12:e7:ac:3c:
3d:10:86:a4:bb:c5:fa:0d:89:33:09:c8:93:08:bf:
e5:84:6e:7a:d0:fd:6f:c9:e4:64:8c:6e:d3:6a:6f:
a6:a2:f8:30:ab:70:fe:38:20:a3:2a:2f:d8:8a:cd:
77:47:6a:17:16:60:3c:84:f4:2b:59:23:c5:01:d8:
24:2b:4d:b5:c0:a7:53:a1:bd:2e:55:8f:cb:30:0c:
e3:46:19:46:b5:1a:8c:6d:4c:87:2b:d7:4c:bb:7a:
c4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:41:ED:82:B1:C4:F7:83:90:D6:84:96:CF:35:59:C3:C0:E9:D6:60
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iEHtgrHE94OQ1oSWzzVZw8Dp1mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:2c:36:6d:24:27:5f:7c:b7:a8:9e:ed:52:56:0d:24:94:1f:
04:09:d3:64:88:79:29:04:1a:1c:51:37:0e:a2:6b:da:c2:c0:
c8:49:ec:6d:65:56:1c:3e:d9:d3:5c:2a:f3:2f:ce:27:0d:7b:
ae:54:30:24:98:f8:c2:da:dc:df:bf:da:37:27:46:6c:0c:83:
b2:77:17:fa:03:e1:33:86:a3:17:e7:c0:6c:ec:8a:8f:95:4b:
95:5c:2e:cd:98:65:ec:4a:17:c3:fe:97:4d:74:99:e3:d0:ac:
9a:44:36:05:e7:ca:81:21:84:31:5a:c6:30:de:cd:36:f0:1f:
fa:ea:dc:82:90:45:78:56:7a:8f:94:aa:f9:e9:3a:eb:42:cf:
03:20:f4:c5:0e:92:6b:8f:5b:4b:6b:6f:92:e4:b2:49:69:4d:
91:68:69:17:49:58:98:1c:4e:58:ba:7c:99:80:71:c0:ed:f3:
b7:2e:46:c3:95:65:12:6d:86:73:d6:3a:ce:85:67:7b:94:ec:
ea:98:93:51:ca:50:12:49:55:3a:a1:5b:6e:88:e9:d5:52:2a:
e3:ec:ab:e9:c2:48:e2:74:8d:e3:77:52:27:0e:24:02:47:cf:
02:1e:a5:ba:b8:89:a8:ec:c3:cf:3b:08:64:89:ef:c5:2c:9e:
e7:38:a8:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4nADrQSuZ8JZpfBHOEa5ovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMDYxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQxZWQ4MmIxYzRmNzgzOTBkNjg0OTZjZjM1NTljM2MwZTlkNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywNne8fXifTvUz9r2BffcqpUEGpx
Xu1+8gQMzouCFcECW0wH4s8VjOJ4UTljQX5ASFnJahBX8s21UCkDtUFTxvRrIe88
T0d/Pm96qMSg9223CK8eBQATDWN+R+zQIMJgHTCE7p+LhUscOtp5IT67V2Xdqowg
EMuhknXnXtfxX+rk5cZnFtzSI/mZag8rNIepA/5g4L99jsMenyS6bwN3XxLnrDw9
EIaku8X6DYkzCciTCL/lhG560P1vyeRkjG7Tam+movgwq3D+OCCjKi/Yis13R2oX
FmA8hPQrWSPFAdgkK021wKdTob0uVY/LMAzjRhlGtRqMbUyHK9dMu3rEHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhB7YKxxPeDkNaEls81WcPA6dZgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaUVIdGdySEU5NE9RMW9TV3p6Vlp3OERwMW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEssNm0kJ198t6ie7VJW
DSSUHwQJ02SIeSkEGhxRNw6ia9rCwMhJ7G1lVhw+2dNcKvMvzicNe65UMCSY+MLa
3N+/2jcnRmwMg7J3F/oD4TOGoxfnwGzsio+VS5VcLs2YZexKF8P+l010mePQrJpE
NgXnyoEhhDFaxjDezTbwH/rq3IKQRXhWeo+UqvnpOutCzwMg9MUOkmuPW0trb5Lk
sklpTZFoaRdJWJgcTli6fJmAccDt87cuRsOVZRJthnPWOs6FZ3uU7OqYk1HKUBJJ
VTqhW26I6dVSKuPsq+nCSOJ0jeN3UicOJAJHzwIepbq4iajsw887CGSJ78Usnuc4
qOM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:02:12 2025 by rpki-client