Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iobYe7ETV1iDbbbdg6sNWlcj2Ds.roa
File: iobYe7ETV1iDbbbdg6sNWlcj2Ds.roa (raw, json)
Hash identifier: 4n21l+TzYOTEUDDW0aKAbkBGLb7riNrn+hS2WmIuyNo=
Subject key identifier: 8A:86:D8:7B:B1:13:57:58:83:6D:B6:DD:83:AB:0D:5A:57:23:D8:3B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9B1203AFDBF967921B09DEC6065FC220
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iobYe7ETV1iDbbbdg6sNWlcj2Ds.roa
Signing time: Sun 24 Dec 2023 09:04:58 +0000
ROA not before: Sun 24 Dec 2023 09:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9b11:67db/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:12:03:af:db:f9:67:92:1b:09:de:c6:06:5f:c2:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 09:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a86d87bb1135758836db6dd83ab0d5a5723d83b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0c:20:a8:c5:ad:90:fd:79:45:e0:49:34:e4:
e9:fb:c3:e8:b9:c4:7f:ef:df:9b:0d:7b:88:96:c9:
d8:33:4a:ba:5c:08:e7:6b:c2:33:ae:4b:ad:b5:3e:
e9:52:a5:25:ba:51:4c:2c:55:13:f8:0f:b6:1f:9b:
13:e9:d9:42:bb:32:a4:40:44:de:70:c9:c3:6b:07:
59:c9:fc:dc:93:7c:7a:d6:02:3c:66:4c:1d:11:21:
8b:69:65:b9:cd:bb:f1:66:ef:f8:73:05:36:2b:43:
bc:f3:4d:5d:ac:b3:1d:f3:7a:ae:53:47:73:c7:e8:
aa:8a:1c:77:27:04:b3:fa:b4:45:14:0c:b5:bf:d9:
d5:8f:02:a2:9f:88:7c:13:ca:fe:ac:ae:52:83:b4:
a6:a0:e4:66:c9:0c:28:48:13:59:51:ae:f9:30:64:
08:53:fa:37:d6:ef:ab:63:69:c0:9c:ce:8f:b9:ad:
62:6d:99:7c:bf:72:dd:49:9a:10:f0:8b:c0:be:2d:
c6:e3:d9:96:1c:04:fd:85:f3:47:1a:9d:ea:c2:b2:
7f:a0:4f:37:e7:ef:a4:20:b7:6f:d9:df:c6:f8:c0:
3b:fe:56:b1:df:44:24:27:c9:b0:58:58:a7:3a:93:
a7:64:8a:6f:f2:c0:58:bb:68:0f:b1:72:7f:f9:12:
ea:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:86:D8:7B:B1:13:57:58:83:6D:B6:DD:83:AB:0D:5A:57:23:D8:3B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iobYe7ETV1iDbbbdg6sNWlcj2Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:0c:cd:ae:8f:a4:4b:0d:51:00:32:9f:ff:84:ed:29:39:30:
8a:99:ba:13:96:65:1c:14:6f:73:0a:f5:3e:fe:e5:7e:64:da:
f5:00:61:19:a6:46:d7:c5:de:2d:8b:de:8b:41:9c:19:62:22:
16:cd:a4:f5:c6:5e:11:b7:9d:ea:58:ac:55:84:08:5c:2b:e2:
c8:8c:24:0c:83:bd:6b:26:f5:58:10:6f:07:73:d7:6f:d5:cc:
3c:c4:1e:63:2a:11:f1:86:c1:30:f7:d8:8e:d2:63:1c:e3:75:
29:13:9a:cf:49:1a:ec:51:67:87:05:2b:26:5e:8a:4e:65:2f:
17:b9:28:5f:7b:17:9c:64:3c:ba:09:0a:9b:f4:d2:90:23:99:
1a:c3:e6:2e:a9:dc:25:b9:5a:fd:e9:1b:1d:df:b5:df:37:11:
25:94:73:d6:6a:6e:61:e5:23:d6:98:20:06:e0:08:ab:e8:f7:
3f:4e:7a:ae:59:b5:3a:1a:bc:5b:25:8e:ba:80:68:66:bc:7f:
82:54:99:cb:4d:e0:da:7e:be:1f:cd:2d:42:d5:f6:f0:eb:5e:
3b:44:b4:e9:eb:e7:b6:c3:1a:3f:16:b2:49:24:ef:40:d3:b6:
44:8b:56:77:84:fa:d6:0a:41:dc:6a:c4:fa:13:7a:27:75:9c:
37:75:50:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYybEgOv2/lnkhsJ3sYGX8IgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MDkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTg2ZDg3YmIxMTM1NzU4ODM2ZGI2ZGQ4M2FiMGQ1YTU3MjNkODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QwgqMWtkP15ReBJNOTp+8PoucR/
79+bDXuIlsnYM0q6XAjna8IzrkuttT7pUqUlulFMLFUT+A+2H5sT6dlCuzKkQETe
cMnDawdZyfzck3x61gI8ZkwdESGLaWW5zbvxZu/4cwU2K0O8801drLMd83quU0dz
x+iqihx3JwSz+rRFFAy1v9nVjwKin4h8E8r+rK5Sg7SmoORmyQwoSBNZUa75MGQI
U/o31u+rY2nAnM6Pua1ibZl8v3LdSZoQ8IvAvi3G49mWHAT9hfNHGp3qwrJ/oE83
5++kILdv2d/G+MA7/lax30QkJ8mwWFinOpOnZIpv8sBYu2gPsXJ/+RLqWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIqG2HuxE1dYg2223YOrDVpXI9g7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaW9iWWU3RVRWMWlEYmJiZGc2c05XbGNqMkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGsMza6PpEsNUQAyn/+E
7Sk5MIqZuhOWZRwUb3MK9T7+5X5k2vUAYRmmRtfF3i2L3otBnBliIhbNpPXGXhG3
nepYrFWECFwr4siMJAyDvWsm9VgQbwdz12/VzDzEHmMqEfGGwTD32I7SYxzjdSkT
ms9JGuxRZ4cFKyZeik5lLxe5KF97F5xkPLoJCpv00pAjmRrD5i6p3CW5Wv3pGx3f
td83ESWUc9ZqbmHlI9aYIAbgCKvo9z9Oeq5ZtToavFsljrqAaGa8f4JUmctN4Np+
vh/NLULV9vDrXjtEtOnr57bDGj8Wskkk70DTtkSLVneE+tYKQdxqxPoTeid1nDd1
UNk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:16 2025 by rpki-client