Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rU7aTvAmdh-ZLO4hLDH79iQG-dw.roa
File: rU7aTvAmdh-ZLO4hLDH79iQG-dw.roa (raw, json)
Hash identifier: Ar8+VXLI1Eae6HURlw3lxK3uLGGFkCtgQoFPtQHR9HQ=
Subject key identifier: AD:4E:DA:4E:F0:26:76:1F:99:2C:EE:21:2C:31:FB:F6:24:06:F9:DC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB73775A6AC902773111DE9E89CC17257
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rU7aTvAmdh-ZLO4hLDH79iQG-dw.roa
Signing time: Sat 17 Feb 2024 13:18:01 +0000
ROA not before: Sat 17 Feb 2024 13:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b7:37:75:a6:ac:90:27:73:11:1d:e9:e8:9c:c1:72:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 17 13:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad4eda4ef026761f992cee212c31fbf62406f9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ab:4e:4f:4b:92:7a:da:a1:e3:51:f5:70:44:
fc:95:cd:e1:2b:49:06:6b:c7:45:fc:37:00:2b:d9:
34:8a:4c:78:6e:46:b2:84:5b:a7:cb:7e:17:42:5b:
03:35:ad:57:32:af:3a:3c:e8:59:9e:f6:7f:bb:5d:
fa:9d:6c:a6:c0:cf:9a:0e:a7:a7:c7:40:8f:87:fd:
fc:fa:e9:70:29:14:69:03:95:18:b6:b1:e8:93:f5:
9b:cd:05:5a:cf:3d:80:1e:79:a7:e2:9a:3e:da:f0:
1f:1b:49:c3:f1:bd:b5:91:e5:08:97:83:27:69:9b:
63:5c:46:64:cd:73:b0:17:34:49:5c:2a:3d:63:3e:
52:dc:cf:10:24:6c:cb:13:b0:40:f7:3c:15:0e:d1:
ae:bd:3f:4f:e8:de:33:11:3b:25:e9:19:3f:c4:c0:
02:e5:ef:f5:33:bf:03:94:95:8d:a2:f4:e3:6b:90:
cc:a3:5d:e7:dd:11:fd:db:7e:16:fc:fe:e4:60:7f:
2d:f6:e2:c1:8d:38:0d:ca:b5:93:91:7a:f8:09:a0:
7d:64:33:7e:6b:97:82:54:53:6e:cb:98:51:88:1b:
53:d3:1c:b5:22:12:c9:22:f8:83:d4:98:a7:7e:16:
92:e5:38:ba:55:d5:91:f6:e3:a1:b2:5c:16:d2:e0:
23:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4E:DA:4E:F0:26:76:1F:99:2C:EE:21:2C:31:FB:F6:24:06:F9:DC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rU7aTvAmdh-ZLO4hLDH79iQG-dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:02:9e:dd:50:bb:d0:b1:d9:31:e9:b4:5d:76:b5:fb:35:8e:
b0:fc:be:3f:b8:65:2e:37:d2:d8:30:0b:59:ab:4c:5e:8d:6f:
56:bb:22:46:df:c4:9e:4a:2f:c7:4d:c9:d7:61:06:8d:0c:eb:
32:a4:4a:41:31:f8:3e:29:cf:4f:12:5f:3a:76:60:ab:a2:54:
d2:92:fb:20:bb:47:ee:67:9a:c9:63:ff:76:8a:f4:49:2d:a6:
0d:a8:50:9d:24:b5:1a:7a:30:8a:bb:bf:d0:9d:48:6f:a0:d2:
e5:6c:14:05:ca:9b:5e:09:72:8d:c9:d0:bb:4b:23:05:ec:c5:
3c:b4:69:37:6a:33:c5:2e:09:61:50:ba:e6:d9:b5:c4:92:67:
d9:ca:50:c9:6d:20:aa:6e:be:5b:ac:de:39:88:5f:15:37:b8:
9e:f8:ec:36:b4:4b:e3:b8:8f:04:d0:0e:06:3e:29:45:a5:d6:
c0:a5:b8:06:6b:01:41:71:f1:93:74:73:e5:00:39:3b:89:db:
82:f7:7c:ef:10:fc:4b:64:e8:5e:33:08:55:b8:80:a4:05:2c:
66:1c:8c:9f:e9:2a:28:05:28:e8:15:88:20:02:8b:00:93:32:
1b:a0:c4:33:04:b8:d6:41:d1:2c:ef:54:61:d4:99:cd:0b:91:
c4:f2:0c:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY23N3WmrJAncxEd6eicwXJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE3MTMxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRlZGE0ZWYwMjY3NjFmOTkyY2VlMjEyYzMxZmJmNjI0MDZmOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKtOT0uSetqh41H1cET8lc3hK0kG
a8dF/DcAK9k0ikx4bkayhFuny34XQlsDNa1XMq86POhZnvZ/u136nWymwM+aDqen
x0CPh/38+ulwKRRpA5UYtrHok/WbzQVazz2AHnmn4po+2vAfG0nD8b21keUIl4Mn
aZtjXEZkzXOwFzRJXCo9Yz5S3M8QJGzLE7BA9zwVDtGuvT9P6N4zETsl6Rk/xMAC
5e/1M78DlJWNovTja5DMo13n3RH9234W/P7kYH8t9uLBjTgNyrWTkXr4CaB9ZDN+
a5eCVFNuy5hRiBtT0xy1IhLJIviD1JinfhaS5Ti6VdWR9uOhslwW0uAj9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK1O2k7wJnYfmSzuISwx+/YkBvncMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvclU3YVR2QW1kaC1aTE80aExESDc5aVFHLWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADgCnt1Qu9Cx2THptF12
tfs1jrD8vj+4ZS430tgwC1mrTF6Nb1a7IkbfxJ5KL8dNyddhBo0M6zKkSkEx+D4p
z08SXzp2YKuiVNKS+yC7R+5nmslj/3aK9Ektpg2oUJ0ktRp6MIq7v9CdSG+g0uVs
FAXKm14Jco3J0LtLIwXsxTy0aTdqM8UuCWFQuubZtcSSZ9nKUMltIKpuvlus3jmI
XxU3uJ747Da0S+O4jwTQDgY+KUWl1sCluAZrAUFx8ZN0c+UAOTuJ24L3fO8Q/Etk
6F4zCFW4gKQFLGYcjJ/pKigFKOgViCACiwCTMhugxDMEuNZB0SzvVGHUmc0LkcTy
DCc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:20:18 2025 by rpki-client