Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nTJm3xwUC-mbJ-2gbvCdhs4Q3G8.roa
File: nTJm3xwUC-mbJ-2gbvCdhs4Q3G8.roa (raw, json)
Hash identifier: 6Ou2HEMScTWfRu/wIZg/sYCclLSvDeq28FGtLpa/cL8=
Subject key identifier: 9D:32:66:DF:1C:14:0B:E9:9B:27:ED:A0:6E:F0:9D:86:CE:10:DC:6F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EAD131B13A275F291FDB83389DE19A2D3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nTJm3xwUC-mbJ-2gbvCdhs4Q3G8.roa
Signing time: Fri 05 Apr 2024 07:04:54 +0000
ROA not before: Fri 05 Apr 2024 07:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:ad12:82cc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:13:1b:13:a2:75:f2:91:fd:b8:33:89:de:19:a2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 5 07:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d3266df1c140be99b27eda06ef09d86ce10dc6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:d7:52:64:2f:33:b2:db:bc:e8:1d:0b:db:
a0:db:80:ae:1c:82:52:66:9a:96:8a:f7:d4:c9:48:
f9:7d:9a:70:19:7a:d8:0b:f1:38:10:6c:e9:6d:22:
bb:35:f0:35:98:ba:8b:85:7a:3f:f5:09:83:7c:dd:
44:c5:87:73:87:2f:8c:72:7a:5a:67:3d:ff:8f:57:
18:9f:8e:42:e4:5f:c5:bf:ab:46:93:2b:13:4c:e1:
38:80:13:e0:c3:cf:2f:5e:6e:64:9d:99:cf:d8:a7:
2d:54:7d:f6:fb:92:fd:63:fb:b9:e8:35:58:a8:67:
96:3a:69:6f:aa:77:d0:3d:90:c7:49:63:f2:da:51:
81:16:03:d9:97:06:af:e9:93:1b:29:5e:51:e4:f5:
79:db:de:ea:ac:56:8e:9b:05:69:43:01:83:2f:48:
89:12:5b:e7:ef:96:30:b5:f9:fe:1f:26:dc:0c:91:
d2:f8:8f:f6:8a:9c:79:ac:10:23:0e:85:f0:b1:93:
7f:60:ba:d1:a4:a7:93:c0:42:0c:8d:f3:14:1b:58:
51:58:97:f8:d8:fd:bb:ee:42:66:5b:b9:5f:95:85:
f8:15:ae:69:eb:7a:62:f2:55:c8:7b:ca:7e:9c:6e:
6a:d6:55:4b:e9:5b:b2:e0:9c:85:3b:36:90:a7:2b:
1d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:32:66:DF:1C:14:0B:E9:9B:27:ED:A0:6E:F0:9D:86:CE:10:DC:6F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nTJm3xwUC-mbJ-2gbvCdhs4Q3G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:6b:27:8d:50:68:bb:13:8c:e2:d0:5c:13:e5:30:d2:ef:26:
af:cb:75:a2:80:d9:b6:b9:bf:e4:83:b5:d7:90:2e:00:59:7e:
d0:8e:32:6b:01:59:3d:7a:8a:ae:d2:85:73:1e:73:72:0a:96:
fc:bf:ad:92:ab:af:65:45:d8:20:0c:7a:5b:b4:80:92:48:f8:
aa:de:b7:05:65:f5:3f:25:d9:16:e5:f5:a3:29:6e:58:d5:47:
25:5b:b5:d6:ef:2e:ea:ed:98:a7:09:b3:c3:56:99:02:8c:cc:
a3:48:68:b9:ae:61:a6:1a:d5:d9:72:54:65:b8:53:6a:c2:6c:
08:12:c8:ad:d9:6b:16:15:81:06:86:11:08:9d:5c:d1:3c:d3:
24:4c:a6:28:27:8f:e1:ae:bf:4f:40:5c:43:93:a0:3c:47:59:
fa:32:2f:f7:47:8e:97:0d:7e:7a:f5:03:05:94:91:bf:91:0a:
2f:00:81:6e:70:34:2c:83:82:f8:20:bc:68:7b:9f:5f:9a:5c:
59:4a:aa:81:24:2d:19:e8:3d:97:b6:be:af:83:cf:f8:ff:03:
a5:d3:40:8b:19:be:06:53:ef:f0:66:48:74:a6:e3:02:d9:5c:
a7:5c:77:21:0e:05:32:a5:3b:51:f8:1b:be:9b:25:89:2f:5e:
e6:e3:87:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6tExsTonXykf24M4neGaLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA1MDcwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMyNjZkZjFjMTQwYmU5OWIyN2VkYTA2ZWYwOWQ4NmNlMTBkYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSTXUmQvM7LbvOgdC9ug24CuHIJS
ZpqWivfUyUj5fZpwGXrYC/E4EGzpbSK7NfA1mLqLhXo/9QmDfN1ExYdzhy+Mcnpa
Zz3/j1cYn45C5F/Fv6tGkysTTOE4gBPgw88vXm5knZnP2KctVH32+5L9Y/u56DVY
qGeWOmlvqnfQPZDHSWPy2lGBFgPZlwav6ZMbKV5R5PV5297qrFaOmwVpQwGDL0iJ
Elvn75Ywtfn+HybcDJHS+I/2ipx5rBAjDoXwsZN/YLrRpKeTwEIMjfMUG1hRWJf4
2P277kJmW7lflYX4Fa5p63pi8lXIe8p+nG5q1lVL6Vuy4JyFOzaQpysd/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0yZt8cFAvpmyftoG7wnYbOENxvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvblRKbTN4d1VDLW1iSi0yZ2J2Q2RoczRRM0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGRrJ41QaLsTjOLQXBPl
MNLvJq/LdaKA2ba5v+SDtdeQLgBZftCOMmsBWT16iq7ShXMec3IKlvy/rZKrr2VF
2CAMelu0gJJI+KretwVl9T8l2Rbl9aMpbljVRyVbtdbvLurtmKcJs8NWmQKMzKNI
aLmuYaYa1dlyVGW4U2rCbAgSyK3ZaxYVgQaGEQidXNE80yRMpignj+Guv09AXEOT
oDxHWfoyL/dHjpcNfnr1AwWUkb+RCi8AgW5wNCyDgvggvGh7n1+aXFlKqoEkLRno
PZe2vq+Dz/j/A6XTQIsZvgZT7/BmSHSm4wLZXKdcdyEOBTKlO1H4G76bJYkvXubj
h9k=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:16:14 2025 by rpki-client