Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kpFBUMA9LTZ-MlVhir6JhsP0IXw.roa
File: kpFBUMA9LTZ-MlVhir6JhsP0IXw.roa (raw, json)
Hash identifier: 2mpJh7fFesHtgLyAVy6HmTRxL3DgQdhptIowY1RHv1g=
Subject key identifier: 92:91:41:50:C0:3D:2D:36:7E:32:55:61:8A:BE:89:86:C3:F4:21:7C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB1CDA96452FC253BD690BA314A56BF0C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kpFBUMA9LTZ-MlVhir6JhsP0IXw.roa
Signing time: Fri 16 Feb 2024 12:04:21 +0000
ROA not before: Fri 16 Feb 2024 12:04:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:b1cd:964c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:cd:a9:64:52:fc:25:3b:d6:90:ba:31:4a:56:bf:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 12:04:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92914150c03d2d367e3255618abe8986c3f4217c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b3:ce:d4:ea:ec:22:22:25:a9:06:88:17:4d:
39:ee:15:27:ae:7c:bb:5f:2e:84:48:8c:ea:08:c9:
fa:61:17:6c:72:15:c7:e9:6c:eb:bf:a4:8c:89:86:
9f:19:0b:c0:e0:ee:a5:ba:ff:b4:2b:85:75:33:af:
8b:df:42:d8:2b:af:17:e7:89:e0:e5:0a:47:77:6a:
7d:fc:c0:79:5a:f1:2a:a0:24:6d:f6:57:41:5e:c8:
15:c9:05:22:c7:e9:1a:37:a5:a2:27:a7:ae:0f:82:
c1:92:9c:9a:8b:3d:40:fd:73:8c:b5:75:8d:c8:6d:
1f:88:35:8f:22:40:36:bb:22:8b:1f:0d:fa:d0:2d:
70:62:29:5b:e5:a6:f5:98:72:fe:32:63:f7:18:d3:
30:f8:d8:aa:c8:70:7a:f1:05:8b:ec:52:01:65:70:
9b:0a:08:05:bc:6f:6e:fc:76:b9:fb:52:19:f6:f6:
34:09:fa:62:04:45:74:14:d0:fa:c9:a5:55:3e:04:
5a:47:ca:9c:56:44:7b:70:db:21:31:01:d1:fa:a2:
45:cf:c9:2d:1f:c4:65:d3:56:ae:cc:1a:0e:b4:0d:
55:75:d0:92:c5:ef:c4:9c:72:02:41:45:68:be:5c:
67:2c:1f:c2:8f:f4:d4:d9:53:15:83:75:e4:b5:5d:
d1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:91:41:50:C0:3D:2D:36:7E:32:55:61:8A:BE:89:86:C3:F4:21:7C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kpFBUMA9LTZ-MlVhir6JhsP0IXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:1a:8b:d8:c0:12:2d:05:97:e8:39:b2:e1:8c:a5:e1:66:8b:
15:2f:37:4c:c5:be:72:3e:5e:5a:e9:b7:a1:62:be:f1:02:34:
e0:6f:39:c9:09:d6:f4:a2:44:f3:cc:77:f1:3a:bc:28:68:d5:
5b:40:88:4e:3d:dd:94:2a:c6:5b:32:61:b6:78:af:6b:1c:3f:
f5:e1:b9:48:76:71:d7:2e:cc:01:b7:bb:c8:b7:e6:1b:56:29:
da:a9:d9:d9:9d:6f:f1:70:af:7e:40:52:aa:0e:45:f8:eb:a9:
e2:0a:3e:0a:1c:a0:16:ec:8d:3f:d0:2b:57:da:5e:41:4c:fd:
00:9f:b2:8e:bd:16:19:89:3d:19:81:54:2d:13:74:e5:19:1f:
3c:65:9e:bc:3c:20:77:79:6b:01:71:a1:8e:eb:ae:f3:bc:61:
ae:61:7e:f6:8a:8f:49:f7:d9:df:a2:50:83:a5:6d:11:37:40:
0d:0c:3c:d3:42:16:bd:29:91:ed:c1:81:ec:92:ef:5f:77:80:
15:ee:0e:e9:ea:5f:79:ed:61:8d:49:08:bd:27:7b:95:a2:8b:
97:ac:1b:6a:98:6e:c1:76:e8:fc:b5:11:f5:b0:ca:79:cd:2a:
6d:ed:4d:1c:ad:b2:76:5c:6d:0e:95:ed:7c:65:5a:89:47:ef:
65:af:af:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2xzalkUvwlO9aQujFKVr8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MTIwNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjkxNDE1MGMwM2QyZDM2N2UzMjU1NjE4YWJlODk4NmMzZjQyMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLPO1OrsIiIlqQaIF0057hUnrny7
Xy6ESIzqCMn6YRdschXH6Wzrv6SMiYafGQvA4O6luv+0K4V1M6+L30LYK68X54ng
5QpHd2p9/MB5WvEqoCRt9ldBXsgVyQUix+kaN6WiJ6euD4LBkpyaiz1A/XOMtXWN
yG0fiDWPIkA2uyKLHw360C1wYilb5ab1mHL+MmP3GNMw+NiqyHB68QWL7FIBZXCb
CggFvG9u/Ha5+1IZ9vY0CfpiBEV0FND6yaVVPgRaR8qcVkR7cNshMQHR+qJFz8kt
H8Rl01auzBoOtA1VddCSxe/EnHICQUVovlxnLB/Cj/TU2VMVg3XktV3ReQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJKRQVDAPS02fjJVYYq+iYbD9CF8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva3BGQlVNQTlMVFotTWxWaGlyNkpoc1AwSVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH4ai9jAEi0Fl+g5suGM
peFmixUvN0zFvnI+Xlrpt6FivvECNOBvOckJ1vSiRPPMd/E6vCho1VtAiE493ZQq
xlsyYbZ4r2scP/XhuUh2cdcuzAG3u8i35htWKdqp2dmdb/Fwr35AUqoORfjrqeIK
PgocoBbsjT/QK1faXkFM/QCfso69FhmJPRmBVC0TdOUZHzxlnrw8IHd5awFxoY7r
rvO8Ya5hfvaKj0n32d+iUIOlbRE3QA0MPNNCFr0pke3BgeyS7193gBXuDunqX3nt
YY1JCL0ne5Wii5esG2qYbsF26Py1EfWwynnNKm3tTRytsnZcbQ6V7XxlWolH72Wv
rzo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:03 2025 by rpki-client