Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/r7M3RRV1ixZdYDsYAXKgGsLVQos.roa
File: r7M3RRV1ixZdYDsYAXKgGsLVQos.roa (raw, json)
Hash identifier: lMwX9XoueSQGjcr2IrcQz8ZQHcT4rxEOzy785Tyuaes=
Subject key identifier: AF:B3:37:45:15:75:8B:16:5D:60:3B:18:01:72:A0:1A:C2:D5:42:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1C114B2707BEE2BDFB9D5B2A1FDCC452
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/r7M3RRV1ixZdYDsYAXKgGsLVQos.roa
Signing time: Thu 18 Jan 2024 10:15:11 +0000
ROA not before: Thu 18 Jan 2024 10:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:11:4b:27:07:be:e2:bd:fb:9d:5b:2a:1f:dc:c4:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 10:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afb3374515758b165d603b180172a01ac2d5428b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fd:9e:70:7d:c0:ea:09:cb:bc:8a:3d:6a:66:
ff:60:d0:c2:f4:c5:ff:40:2f:29:a9:50:41:c0:a8:
51:01:17:42:6b:15:35:c8:60:4d:45:05:03:0f:0e:
5d:3f:db:8e:cd:95:77:21:ca:fb:79:02:9e:b5:26:
c6:d2:05:53:42:99:2a:86:60:1b:c7:ac:1f:f1:f6:
bd:04:55:18:53:bc:98:92:92:4a:97:78:70:81:ce:
2d:1e:1d:51:1b:eb:cb:24:33:b9:fa:25:96:25:60:
52:38:d7:fa:c7:c3:24:3a:8f:b2:6d:12:a5:f8:2f:
8a:78:99:9c:7e:0e:01:aa:aa:c9:94:54:39:1c:fd:
23:d2:e0:7e:f5:04:95:ca:8d:28:7a:d0:ad:0e:ad:
fd:d1:f8:0d:50:2a:d5:db:8e:c0:32:2a:5c:79:22:
ba:ee:b4:23:0c:20:cd:dc:90:ef:2d:82:de:7c:8f:
ca:ef:e2:20:48:9d:37:68:4d:2f:1e:3d:68:56:fd:
1f:6d:9e:ae:2e:f0:67:88:13:97:f9:04:a0:28:6f:
f5:07:0f:0d:de:fa:19:21:dc:0d:9a:dd:81:53:6f:
db:37:8d:0f:6b:28:a9:27:ab:d3:db:a1:d3:87:be:
03:c3:a8:02:a1:ee:1e:f9:a0:6a:ab:04:61:5e:85:
70:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B3:37:45:15:75:8B:16:5D:60:3B:18:01:72:A0:1A:C2:D5:42:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/r7M3RRV1ixZdYDsYAXKgGsLVQos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:3f:24:5a:96:b0:b7:51:84:1c:fc:3e:c3:1d:55:c7:82:19:
c2:5c:98:61:21:8b:4c:83:91:f9:f2:e7:05:dd:45:e5:03:5b:
34:9d:ed:27:25:51:70:2b:b0:3d:be:73:b5:62:ae:67:92:c9:
fc:36:a4:57:b9:98:83:ba:26:ad:bc:2a:8d:5c:9b:ca:f4:87:
d3:f5:cc:10:b2:f8:b8:67:f9:17:86:da:85:f5:c8:73:b7:13:
26:89:73:5d:49:3d:03:56:79:2d:65:9e:07:cb:25:dc:ba:2e:
1b:99:10:43:55:84:b6:e0:56:0a:6d:df:27:33:20:77:5b:a1:
25:67:f2:b6:c8:2e:48:3c:87:61:c7:17:89:d8:e6:a4:f0:9e:
47:a1:85:a4:10:26:7a:05:e2:ab:25:5c:65:c4:f6:f8:fb:9c:
aa:d2:ec:73:dd:26:56:eb:2f:85:93:05:18:9c:77:2f:24:f4:
c9:26:4c:bf:48:ea:83:ab:3c:c3:9c:81:b4:68:07:db:37:6b:
5a:0b:da:7d:b9:5c:a8:cf:ce:72:d8:6d:bd:95:6d:60:05:50:
10:09:11:55:61:a4:28:2e:48:63:c8:dd:8e:11:da:d3:f1:d3:
6d:a9:17:68:fb:81:5b:f9:9d:75:04:e9:91:8c:63:91:29:b6:
54:36:b9:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0cEUsnB77ivfudWyof3MRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MTAxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmIzMzc0NTE1NzU4YjE2NWQ2MDNiMTgwMTcyYTAxYWMyZDU0MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf2ecH3A6gnLvIo9amb/YNDC9MX/
QC8pqVBBwKhRARdCaxU1yGBNRQUDDw5dP9uOzZV3Icr7eQKetSbG0gVTQpkqhmAb
x6wf8fa9BFUYU7yYkpJKl3hwgc4tHh1RG+vLJDO5+iWWJWBSONf6x8MkOo+ybRKl
+C+KeJmcfg4BqqrJlFQ5HP0j0uB+9QSVyo0oetCtDq390fgNUCrV247AMipceSK6
7rQjDCDN3JDvLYLefI/K7+IgSJ03aE0vHj1oVv0fbZ6uLvBniBOX+QSgKG/1Bw8N
3voZIdwNmt2BU2/bN40PayipJ6vT26HTh74Dw6gCoe4e+aBqqwRhXoVwSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK+zN0UVdYsWXWA7GAFyoBrC1UKLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcjdNM1JSVjFpeFpkWURzWUFYS2dHc0xWUW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJg/JFqWsLdRhBz8PsMd
VceCGcJcmGEhi0yDkfny5wXdReUDWzSd7SclUXArsD2+c7VirmeSyfw2pFe5mIO6
Jq28Ko1cm8r0h9P1zBCy+Lhn+ReG2oX1yHO3EyaJc11JPQNWeS1lngfLJdy6LhuZ
EENVhLbgVgpt3yczIHdboSVn8rbILkg8h2HHF4nY5qTwnkehhaQQJnoF4qslXGXE
9vj7nKrS7HPdJlbrL4WTBRicdy8k9MkmTL9I6oOrPMOcgbRoB9s3a1oL2n25XKjP
znLYbb2VbWAFUBAJEVVhpCguSGPI3Y4R2tPx022pF2j7gVv5nXUE6ZGMY5EptlQ2
ufY=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:20:48 2025 by rpki-client