Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0QYAjO72md4c7s_ffI2YQNusgOY.roa
File: 0QYAjO72md4c7s_ffI2YQNusgOY.roa (raw, json)
Hash identifier: 1Ec01qw+8am0GlCmYIhP8+ty18jyiXWX4vophtckCY8=
Subject key identifier: D1:06:00:8C:EE:F6:99:DE:1C:EE:CF:DF:7C:8D:98:40:DB:AC:80:E6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DCA8574E6C380195F4F90E869B1A3A0FD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0QYAjO72md4c7s_ffI2YQNusgOY.roa
Signing time: Wed 21 Feb 2024 07:16:00 +0000
ROA not before: Wed 21 Feb 2024 07:16:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:85:74:e6:c3:80:19:5f:4f:90:e8:69:b1:a3:a0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 07:16:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d106008ceef699de1ceecfdf7c8d9840dbac80e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:95:87:ef:60:e2:57:02:3b:50:a5:ae:44:0d:
76:4a:3b:50:8d:37:61:2f:71:76:21:bb:7b:e1:3f:
63:c2:81:e5:c4:39:a8:33:c8:bf:b3:ef:6f:8a:1d:
19:d0:7b:c7:b9:5c:d7:33:6b:1f:09:d6:5f:fd:c2:
d2:56:d1:87:40:cb:ea:45:30:49:50:e0:42:b3:4c:
f0:c4:75:ee:2b:61:37:6e:f0:ed:2e:3a:9c:bc:78:
82:bc:99:b5:4a:cd:ef:96:49:82:ad:8e:21:af:bd:
1a:3b:6d:c1:00:8d:2c:4e:16:b5:27:50:e8:48:0b:
a8:31:43:a1:af:67:9f:39:32:7f:a6:7f:e8:b7:b3:
4f:6c:a4:2f:5e:99:d1:60:cb:d1:1d:d8:1d:fa:6b:
15:be:72:9b:26:0e:68:97:fc:71:68:ff:f3:6f:81:
4e:a1:5b:e1:69:96:08:ce:a8:80:77:2b:3a:f3:8c:
58:51:2f:38:6a:56:37:5a:7a:89:16:f8:a5:88:d8:
95:7f:bb:d3:35:51:b2:64:e3:2e:9b:d6:96:7e:c3:
06:2a:33:b3:21:d2:6e:b8:ff:36:9f:3f:a5:60:56:
70:8f:38:cb:a9:bf:02:0c:40:38:b1:a4:e9:1a:b2:
32:3f:d2:5f:12:a3:1d:8e:34:c9:29:7f:d9:d6:81:
45:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:06:00:8C:EE:F6:99:DE:1C:EE:CF:DF:7C:8D:98:40:DB:AC:80:E6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0QYAjO72md4c7s_ffI2YQNusgOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:ed:73:55:11:ed:b8:ab:3f:e1:cb:70:59:fd:c1:1d:1a:63:
9b:5d:c7:c1:c1:80:62:a7:18:86:d0:81:f2:cd:c8:d9:b1:d4:
9d:1b:7c:ec:bb:d2:26:f5:94:f0:29:8e:71:64:ca:8a:8c:db:
79:7c:2e:fe:ef:02:e0:98:26:83:79:a1:fd:9f:f5:2f:15:27:
a0:f7:c4:7a:91:c5:59:61:96:25:dc:5c:19:bd:76:9c:a6:f3:
ab:f7:78:69:d7:73:54:b3:a8:15:14:40:94:12:d6:63:c7:d7:
de:6b:79:d1:f7:a4:45:3e:cb:cd:b4:fe:da:9e:f8:1c:64:6f:
e0:71:18:44:60:c6:14:66:e5:08:11:35:57:cb:53:4c:fa:28:
03:cf:58:88:8c:90:5b:c3:f4:0f:a7:46:7b:e1:0b:fc:65:b6:
1c:b6:e6:22:54:06:9f:eb:7a:4a:43:15:a6:7c:f1:90:86:71:
a1:53:84:80:a5:6c:46:72:73:6d:93:21:bc:b2:dc:b2:46:77:
e6:e3:78:13:de:16:e3:2f:83:ce:c0:e7:94:a8:05:0c:dc:52:
f6:1f:2d:99:f6:6a:ba:95:fd:0b:1a:7b:17:25:25:2d:d7:8b:
15:b5:2d:2c:b0:17:09:ca:86:3d:f0:66:dd:11:f2:d4:19:a8:
c3:a8:27:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3KhXTmw4AZX0+Q6Gmxo6D9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMDcxNjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA2MDA4Y2VlZjY5OWRlMWNlZWNmZGY3YzhkOTg0MGRiYWM4MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJWH72DiVwI7UKWuRA12SjtQjTdh
L3F2Ibt74T9jwoHlxDmoM8i/s+9vih0Z0HvHuVzXM2sfCdZf/cLSVtGHQMvqRTBJ
UOBCs0zwxHXuK2E3bvDtLjqcvHiCvJm1Ss3vlkmCrY4hr70aO23BAI0sTha1J1Do
SAuoMUOhr2efOTJ/pn/ot7NPbKQvXpnRYMvRHdgd+msVvnKbJg5ol/xxaP/zb4FO
oVvhaZYIzqiAdys684xYUS84alY3WnqJFviliNiVf7vTNVGyZOMum9aWfsMGKjOz
IdJuuP82nz+lYFZwjzjLqb8CDEA4saTpGrIyP9JfEqMdjjTJKX/Z1oFFHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNEGAIzu9pneHO7P33yNmEDbrIDmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMFFZQWpPNzJtZDRjN3NfZmZJMllRTnVzZ09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAztc1UR7birP+HLcFn9
wR0aY5tdx8HBgGKnGIbQgfLNyNmx1J0bfOy70ib1lPApjnFkyoqM23l8Lv7vAuCY
JoN5of2f9S8VJ6D3xHqRxVlhliXcXBm9dpym86v3eGnXc1SzqBUUQJQS1mPH195r
edH3pEU+y820/tqe+Bxkb+BxGERgxhRm5QgRNVfLU0z6KAPPWIiMkFvD9A+nRnvh
C/xlthy25iJUBp/rekpDFaZ88ZCGcaFThIClbEZyc22TIbyy3LJGd+bjeBPeFuMv
g87A55SoBQzcUvYfLZn2arqV/QsaexclJS3XixW1LSywFwnKhj3wZt0R8tQZqMOo
J+s=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:39:53 2025 by rpki-client