Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/llKxei60rjIZAM5j9gk6JTguB4k.roa
File: llKxei60rjIZAM5j9gk6JTguB4k.roa (raw, json)
Hash identifier: 3B4+MK4eo0KUabUHG7jQRLw/kQqEcEBomPm/6cuSSWg=
Subject key identifier: 96:52:B1:7A:2E:B4:AE:32:19:00:CE:63:F6:09:3A:25:38:2E:07:89
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D480BF65C86FE0B0EDECF6EC884F9A59D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/llKxei60rjIZAM5j9gk6JTguB4k.roa
Signing time: Fri 26 Jan 2024 23:12:39 +0000
ROA not before: Fri 26 Jan 2024 23:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:48:0b:f6:5c:86:fe:0b:0e:de:cf:6e:c8:84:f9:a5:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 26 23:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9652b17a2eb4ae321900ce63f6093a25382e0789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:f3:38:83:3b:21:e0:d0:fd:15:d8:6b:fb:
05:b8:92:2d:4f:be:cf:cb:de:c7:10:3e:d8:71:08:
08:2e:02:d1:ca:7f:26:6b:71:dc:27:be:32:fc:6a:
af:39:2f:ff:72:6c:30:1a:2a:d0:30:10:79:6f:01:
46:5d:4b:7d:39:be:f3:3f:03:28:c0:ba:8d:36:33:
5a:00:38:37:b7:34:7f:92:6d:8a:51:7f:a9:88:4d:
a4:fc:60:90:0e:03:d1:34:a1:a0:99:bc:7d:a4:df:
4a:ad:bf:18:47:e1:7d:a9:ea:8b:4e:cc:b5:f8:b9:
db:30:45:6e:b8:4e:a8:61:bb:a2:93:99:30:27:b8:
ce:28:6b:0e:2e:33:cf:44:da:49:f5:1f:a2:60:7a:
1b:c1:86:ff:6b:6c:67:dc:43:b0:fb:26:21:be:d8:
46:ba:8f:36:b8:85:c2:75:48:6e:c8:8f:0d:83:3a:
02:4f:97:53:05:34:b4:33:51:cf:46:f4:8f:a5:e2:
be:df:ce:9d:a8:d3:39:69:d1:4f:47:04:21:30:54:
0f:c4:fe:10:b8:b3:b7:6e:61:1b:ae:12:0f:d4:3e:
05:f7:ec:c0:d4:32:8a:f5:fb:1f:4e:d5:87:ff:90:
76:db:4d:62:3e:30:89:a8:52:3a:23:d8:7b:4d:44:
a1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:52:B1:7A:2E:B4:AE:32:19:00:CE:63:F6:09:3A:25:38:2E:07:89
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/llKxei60rjIZAM5j9gk6JTguB4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:1c:b7:c3:af:55:2b:47:e6:cd:89:19:4c:1b:20:ff:92:8d:
3a:f9:2b:4b:44:05:eb:46:b5:ab:b6:f5:b6:5d:cc:18:ad:85:
cd:74:43:19:8f:a6:18:d0:a6:53:36:b1:ad:b8:de:6e:7f:b9:
4f:15:88:17:1e:8d:e3:f3:39:33:26:83:c9:af:36:cf:77:cf:
a8:d2:a4:4c:98:7d:22:5d:53:dc:eb:69:a0:49:a3:39:4b:3c:
b1:e2:e8:0a:65:1a:02:39:b4:4e:65:23:2a:90:13:29:9c:47:
bb:4c:9f:a6:42:d2:a5:ff:9c:98:d7:9f:83:8a:c9:59:60:69:
08:d8:21:08:d7:83:2f:42:ad:b7:a8:49:1f:b0:96:e5:f4:e5:
79:ac:df:4e:1e:16:0b:fe:8b:47:fc:62:d1:f4:98:70:17:66:
0b:7d:b1:0c:9f:ef:51:93:dc:b7:47:27:f0:11:ad:a0:30:2a:
65:65:5d:bf:9e:3d:4d:39:7b:8e:f3:80:f8:5d:26:5d:6e:90:
c7:65:28:00:c3:9f:d4:66:75:31:0a:e0:60:be:2a:ee:66:51:
ed:89:e6:11:c6:4f:61:6f:a2:6b:11:71:ad:77:7b:a8:c5:d5:
eb:e2:30:f4:34:77:7d:2b:e8:d6:f7:04:11:5b:d7:f1:cc:b5:
1f:a0:f1:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1IC/Zchv4LDt7PbsiE+aWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI2MjMxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjUyYjE3YTJlYjRhZTMyMTkwMGNlNjNmNjA5M2EyNTM4MmUwNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMrzOIM7IeDQ/RXYa/sFuJItT77P
y97HED7YcQgILgLRyn8ma3HcJ74y/GqvOS//cmwwGirQMBB5bwFGXUt9Ob7zPwMo
wLqNNjNaADg3tzR/km2KUX+piE2k/GCQDgPRNKGgmbx9pN9Krb8YR+F9qeqLTsy1
+LnbMEVuuE6oYbuik5kwJ7jOKGsOLjPPRNpJ9R+iYHobwYb/a2xn3EOw+yYhvthG
uo82uIXCdUhuyI8NgzoCT5dTBTS0M1HPRvSPpeK+386dqNM5adFPRwQhMFQPxP4Q
uLO3bmEbrhIP1D4F9+zA1DKK9fsfTtWH/5B2201iPjCJqFI6I9h7TUShAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJZSsXoutK4yGQDOY/YJOiU4LgeJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbGxLeGVpNjByaklaQU01ajlnazZKVGd1QjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADsct8OvVStH5s2JGUwb
IP+SjTr5K0tEBetGtau29bZdzBithc10QxmPphjQplM2sa243m5/uU8ViBcejePz
OTMmg8mvNs93z6jSpEyYfSJdU9zraaBJozlLPLHi6AplGgI5tE5lIyqQEymcR7tM
n6ZC0qX/nJjXn4OKyVlgaQjYIQjXgy9CrbeoSR+wluX05Xms304eFgv+i0f8YtH0
mHAXZgt9sQyf71GT3LdHJ/ARraAwKmVlXb+ePU05e47zgPhdJl1ukMdlKADDn9Rm
dTEK4GC+Ku5mUe2J5hHGT2FvomsRca13e6jF1eviMPQ0d30r6Nb3BBFb1/HMtR+g
8ag=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:27:40 2025 by rpki-client