Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oiFng1lXJ4-F4JLRb-WKARaz3uA.roa
File: oiFng1lXJ4-F4JLRb-WKARaz3uA.roa (raw, json)
Hash identifier: uHpS6i+8gDcNE57IWZWIWPqa7wd5WuWbVRW44Ng56nI=
Subject key identifier: A2:21:67:83:59:57:27:8F:85:E0:92:D1:6F:E5:8A:01:16:B3:DE:E0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC78728A0237DBD3475A360926CA17AF3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oiFng1lXJ4-F4JLRb-WKARaz3uA.roa
Signing time: Tue 20 Feb 2024 17:19:00 +0000
ROA not before: Tue 20 Feb 2024 17:19:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:87:28:a0:23:7d:bd:34:75:a3:60:92:6c:a1:7a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 20 17:19:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a22167835957278f85e092d16fe58a0116b3dee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:55:8b:32:31:64:5c:25:62:bd:41:e0:a7:47:
75:2b:d7:86:65:61:01:71:d1:ee:23:0c:86:dc:d0:
e5:72:c5:ea:44:1c:50:ec:19:98:10:ba:ea:c9:6c:
20:a8:57:7f:27:9b:be:02:3d:88:de:26:0a:20:f2:
14:27:0f:e6:c6:cf:00:2c:0a:c5:88:92:9e:be:c0:
ac:3f:08:c9:96:13:fb:f7:27:b4:6e:91:09:b2:ae:
4b:d4:06:c5:e3:6f:23:d5:0e:67:06:5c:57:05:0f:
3f:f6:7e:8c:b2:9b:c1:a5:92:40:b8:22:c2:ce:6e:
98:16:b2:0d:9c:fb:fd:17:b6:fd:37:90:b7:be:cd:
f5:87:0d:ef:f8:bb:fa:72:23:fd:d6:ca:21:80:e3:
c3:09:4b:d5:31:e2:50:bc:c6:6e:2e:ee:32:85:8e:
21:78:9f:22:55:4f:ac:c0:ef:9d:c4:ed:53:53:95:
33:23:1d:df:73:b3:cc:de:aa:e3:fb:dd:d3:4e:c8:
e2:ce:bc:bd:c3:65:84:b0:a9:bd:86:3c:cc:d4:a4:
e4:73:97:04:13:7e:0c:33:c1:73:a6:64:ef:fb:bb:
4a:03:1c:12:2e:da:53:05:21:cf:be:91:3b:f2:fb:
26:ad:97:85:1e:aa:66:4e:b7:df:b5:2f:d2:dc:83:
9e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:21:67:83:59:57:27:8F:85:E0:92:D1:6F:E5:8A:01:16:B3:DE:E0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oiFng1lXJ4-F4JLRb-WKARaz3uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:93:cb:57:20:81:5d:51:17:4e:ff:06:f7:cb:99:83:c5:a0:
16:f5:86:2b:61:12:3d:5a:b9:6c:89:85:bb:2a:db:af:df:fa:
62:c8:3b:d9:a7:6e:84:94:8a:f1:25:7f:6e:36:02:8a:7b:08:
24:92:a2:fe:21:fa:30:a3:9c:ca:a5:bc:56:21:64:ce:8c:a6:
f1:b4:9f:a6:2f:7b:7f:bb:9f:a4:61:d5:50:d1:bf:50:82:d5:
55:bc:76:b7:73:15:f2:c4:5c:b2:dc:14:aa:e2:b6:65:cf:77:
6a:f2:6c:c0:38:a3:17:8d:4a:d5:d6:ae:be:e0:4d:6c:1e:2d:
c8:9e:31:94:df:da:a8:c0:0f:91:70:fe:b8:d2:f3:5c:8e:d2:
9e:b2:68:bd:4e:79:2b:1a:0b:d6:9f:09:ca:10:bd:2e:e5:03:
9b:f3:da:d6:79:11:2d:49:6d:b2:9f:8c:a1:76:f7:74:92:9e:
d6:6f:06:f0:6c:a8:2c:ef:fb:8e:87:d9:90:7c:4f:67:9e:8f:
69:2d:47:c4:f7:66:ba:d8:15:7e:10:5f:09:d8:f0:64:42:2c:
56:03:89:79:fa:70:5c:d9:c7:60:b7:ef:fc:6e:73:4b:04:43:
95:20:75:a4:cf:62:5c:2d:73:78:e5:6c:fb:f4:0c:42:e5:16:
2b:58:1c:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3HhyigI329NHWjYJJsoXrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIwMTcxOTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIxNjc4MzU5NTcyNzhmODVlMDkyZDE2ZmU1OGEwMTE2YjNkZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVWLMjFkXCVivUHgp0d1K9eGZWEB
cdHuIwyG3NDlcsXqRBxQ7BmYELrqyWwgqFd/J5u+Aj2I3iYKIPIUJw/mxs8ALArF
iJKevsCsPwjJlhP79ye0bpEJsq5L1AbF428j1Q5nBlxXBQ8/9n6MspvBpZJAuCLC
zm6YFrINnPv9F7b9N5C3vs31hw3v+Lv6ciP91sohgOPDCUvVMeJQvMZuLu4yhY4h
eJ8iVU+swO+dxO1TU5UzIx3fc7PM3qrj+93TTsjizry9w2WEsKm9hjzM1KTkc5cE
E34MM8FzpmTv+7tKAxwSLtpTBSHPvpE78vsmrZeFHqpmTrfftS/S3IOeUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKIhZ4NZVyePheCS0W/ligEWs97gMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvb2lGbmcxbFhKNC1GNEpMUmItV0tBUmF6M3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABWTy1cggV1RF07/BvfL
mYPFoBb1hithEj1auWyJhbsq26/f+mLIO9mnboSUivElf242Aop7CCSSov4h+jCj
nMqlvFYhZM6MpvG0n6Yve3+7n6Rh1VDRv1CC1VW8drdzFfLEXLLcFKritmXPd2ry
bMA4oxeNStXWrr7gTWweLcieMZTf2qjAD5Fw/rjS81yO0p6yaL1OeSsaC9afCcoQ
vS7lA5vz2tZ5ES1JbbKfjKF293SSntZvBvBsqCzv+46H2ZB8T2eej2ktR8T3ZrrY
FX4QXwnY8GRCLFYDiXn6cFzZx2C37/xuc0sEQ5UgdaTPYlwtc3jlbPv0DELlFitY
HKc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:05:15 2025 by rpki-client