Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xOBIhV5IdfoKyhcp1HWQOWnknHs.roa
File: xOBIhV5IdfoKyhcp1HWQOWnknHs.roa (raw, json)
Hash identifier: +LSxFj1vtK2qWZiaavGjFdX2HUY31fSEh0e2sKrmGKg=
Subject key identifier: C4:E0:48:85:5E:48:75:FA:0A:CA:17:29:D4:75:90:39:69:E4:9C:7B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E807798A85269E5F597D47C366C10575D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xOBIhV5IdfoKyhcp1HWQOWnknHs.roa
Signing time: Wed 27 Mar 2024 15:11:45 +0000
ROA not before: Wed 27 Mar 2024 15:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:80:77:98:a8:52:69:e5:f5:97:d4:7c:36:6c:10:57:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 27 15:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4e048855e4875fa0aca1729d475903969e49c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f0:b0:65:fc:08:c8:c2:aa:ea:d7:dd:dd:65:
2a:d8:18:75:ff:fa:6b:70:4e:22:06:c9:7c:87:13:
d0:00:7b:c8:da:22:9f:30:5a:a3:72:9f:ac:3a:15:
02:d8:e3:d9:ec:50:53:69:b7:d1:2b:2d:13:7e:fe:
52:34:a4:9c:0c:06:1c:10:9f:e3:56:58:aa:1f:c8:
44:4c:df:f5:82:3b:a0:cd:78:50:be:71:a8:d1:00:
36:03:60:3f:2a:81:a0:27:0a:a9:48:73:b6:8c:fc:
e2:f4:ce:42:ed:6b:e1:47:b9:9e:c7:9a:09:56:92:
55:a8:30:fa:c3:fb:07:da:5b:24:92:c3:5f:e4:a8:
fb:d6:a1:74:84:5d:7f:71:2c:40:cc:e7:3c:e8:00:
ab:fb:61:52:54:45:e4:03:ac:22:3c:c6:e8:f4:22:
4d:45:7f:dd:91:a9:84:9e:7e:ac:c6:cc:8f:77:b6:
bd:1a:c3:1d:56:fb:68:e2:18:da:24:9d:ea:74:81:
14:50:26:ec:d0:a4:74:82:ca:6a:b5:28:35:7a:3d:
2c:05:f2:d9:eb:11:3b:39:3a:33:bd:21:c7:19:1c:
3a:c2:27:59:3d:e2:68:90:75:24:60:ce:dd:b4:b7:
e8:10:f3:3a:5d:93:89:30:31:e2:98:4b:ef:fa:bc:
d5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E0:48:85:5E:48:75:FA:0A:CA:17:29:D4:75:90:39:69:E4:9C:7B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xOBIhV5IdfoKyhcp1HWQOWnknHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:b0:52:45:91:86:bb:d2:a3:93:f2:9a:63:9d:62:a4:42:ae:
16:b5:42:a2:fa:b8:fa:eb:61:64:62:66:dc:7a:c0:22:8a:9f:
88:29:bd:2b:ab:9f:77:9d:da:40:b0:73:d6:66:8b:98:9a:1e:
3c:47:53:28:3b:47:f6:b8:65:ca:9b:8f:8e:6d:a0:59:48:42:
4c:9b:f4:8a:f8:d1:48:0a:04:a7:0c:fb:fc:da:65:8a:93:90:
97:80:91:05:b4:e4:00:51:99:1e:1b:78:1d:db:37:b1:cd:1f:
12:e0:61:4e:21:a5:8c:36:c6:75:65:9b:bf:8a:c9:0b:3b:5c:
54:a5:e0:69:17:26:27:93:ca:f7:4c:be:84:c8:a2:3c:2e:aa:
a3:1d:f0:81:9a:6a:d3:ec:37:0d:6c:cb:07:6e:df:6a:06:8a:
01:44:23:fb:35:b8:5b:e0:f4:0c:56:19:7f:c1:29:70:f7:e2:
98:4d:5d:ac:36:44:28:27:7e:2a:95:ab:f6:1e:7b:59:99:e2:
41:7d:f1:58:2f:59:6f:c7:9d:1e:4f:7b:72:70:2b:1d:04:be:
cf:a8:d7:20:ee:03:cd:fe:10:b8:ca:f0:da:e9:3e:78:46:66:
61:d6:45:c4:7c:08:71:da:11:30:68:27:46:7f:bd:d1:1c:de:
51:84:57:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6Ad5ioUmnl9ZfUfDZsEFddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI3MTUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGUwNDg4NTVlNDg3NWZhMGFjYTE3MjlkNDc1OTAzOTY5ZTQ5YzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/CwZfwIyMKq6tfd3WUq2Bh1//pr
cE4iBsl8hxPQAHvI2iKfMFqjcp+sOhUC2OPZ7FBTabfRKy0Tfv5SNKScDAYcEJ/j
VliqH8hETN/1gjugzXhQvnGo0QA2A2A/KoGgJwqpSHO2jPzi9M5C7WvhR7mex5oJ
VpJVqDD6w/sH2lskksNf5Kj71qF0hF1/cSxAzOc86ACr+2FSVEXkA6wiPMbo9CJN
RX/dkamEnn6sxsyPd7a9GsMdVvto4hjaJJ3qdIEUUCbs0KR0gspqtSg1ej0sBfLZ
6xE7OTozvSHHGRw6widZPeJokHUkYM7dtLfoEPM6XZOJMDHimEvv+rzVUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMTgSIVeSHX6CsoXKdR1kDlp5Jx7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveE9CSWhWNUlkZm9LeWhjcDFIV1FPV25rbkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD2wUkWRhrvSo5PymmOd
YqRCrha1QqL6uPrrYWRiZtx6wCKKn4gpvSurn3ed2kCwc9Zmi5iaHjxHUyg7R/a4
Zcqbj45toFlIQkyb9Ir40UgKBKcM+/zaZYqTkJeAkQW05ABRmR4beB3bN7HNHxLg
YU4hpYw2xnVlm7+KyQs7XFSl4GkXJieTyvdMvoTIojwuqqMd8IGaatPsNw1sywdu
32oGigFEI/s1uFvg9AxWGX/BKXD34phNXaw2RCgnfiqVq/Yee1mZ4kF98VgvWW/H
nR5Pe3JwKx0Evs+o1yDuA83+ELjK8NrpPnhGZmHWRcR8CHHaETBoJ0Z/vdEc3lGE
Vyc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:48:56 2025 by rpki-client