Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0s5laiAZOCWGNd690whiW6eZT7s.roa
File: 0s5laiAZOCWGNd690whiW6eZT7s.roa (raw, json)
Hash identifier: lB09BVbQnzi23JNVokIuGTxKpPKMfe24110IzbFVr4c=
Subject key identifier: D2:CE:65:6A:20:19:38:25:86:35:DE:BD:D3:08:62:5B:A7:99:4F:BB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB9FE949BFD106A5BB2F9118F3EFD30E3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0s5laiAZOCWGNd690whiW6eZT7s.roa
Signing time: Sat 30 Dec 2023 09:11:58 +0000
ROA not before: Sat 30 Dec 2023 09:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b9:fe:94:9b:fd:10:6a:5b:b2:f9:11:8f:3e:fd:30:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 09:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2ce656a201938258635debdd308625ba7994fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f7:d3:7c:fa:dc:41:20:25:13:f4:c6:6e:fb:
73:61:5a:cf:a4:57:73:82:dd:19:2d:ff:5b:0d:c4:
c3:1b:92:8f:b1:88:a5:42:45:d4:65:71:7d:1d:4e:
51:0f:1f:e8:2b:a1:67:60:a5:48:df:50:ec:5f:b7:
6c:64:ce:96:6d:b8:14:0a:4f:78:35:ac:93:ca:c5:
90:1b:82:00:93:cf:fc:de:c0:31:3a:1c:cf:2e:46:
43:c8:da:7a:f5:f1:7d:f3:de:17:08:01:10:97:74:
ba:fd:7b:23:39:57:9a:3d:0b:82:93:c5:78:55:63:
0a:a7:96:00:c5:b4:5f:df:48:87:05:0c:cb:ce:c4:
de:ff:73:e5:fe:b6:1b:4b:ef:7c:cd:86:44:87:f6:
c1:15:b7:8a:ff:1f:40:d9:02:78:c5:ed:f0:20:41:
9a:0c:9f:29:96:f0:9c:05:40:da:54:d6:46:a7:ac:
13:46:90:5c:a8:45:d5:bb:96:c1:60:32:c0:38:aa:
42:1a:a9:e5:50:25:fe:7d:5e:b1:02:e1:19:5c:ee:
86:61:d3:75:64:44:79:7e:01:53:5a:3e:6b:27:b4:
06:c1:3b:db:12:8d:4e:ce:fc:30:7c:5f:c4:b0:be:
13:c5:24:23:81:b2:a4:f9:6a:8f:aa:1c:43:75:52:
ea:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CE:65:6A:20:19:38:25:86:35:DE:BD:D3:08:62:5B:A7:99:4F:BB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0s5laiAZOCWGNd690whiW6eZT7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:80:65:ef:40:20:b7:44:97:f0:d6:22:6f:de:34:01:41:fb:
eb:06:8b:69:ff:5f:d3:28:90:87:1d:37:99:74:c2:06:37:40:
0f:d4:19:f0:a4:eb:fb:31:d4:ac:b0:c6:3a:d8:75:43:ca:97:
65:1d:31:cd:f8:28:89:6e:03:17:b0:ed:fd:de:c9:75:5e:bc:
2e:f1:f6:4b:17:b4:5c:87:35:8b:c4:cb:37:55:f0:13:7c:42:
8f:af:1c:c9:15:a2:43:13:3a:6a:d4:c8:9e:fc:c6:d6:f2:f9:
94:70:84:be:53:7e:50:8e:09:5c:8e:5c:5c:03:5c:f8:ed:2a:
8a:ce:ab:1e:ac:1a:01:fc:54:1f:8b:ef:06:1b:9c:8e:ec:b7:
85:94:c2:0d:9c:34:4a:4d:49:73:d3:b0:7f:f6:60:e1:81:91:
95:5b:fd:9c:5e:73:9a:d2:8e:23:2f:6d:ba:33:ed:18:1f:bf:
b9:5b:fb:36:21:c0:1f:28:51:89:07:43:db:b3:a7:f9:99:7b:
3f:0e:f4:92:6a:5e:4d:87:8b:36:3c:cf:61:c6:f1:8f:e6:1d:
c3:06:93:1d:0c:ce:cc:37:7f:4e:8f:52:62:ef:10:5c:a3:cf:
87:83:b1:04:f8:db:66:6c:9f:e6:57:5b:5d:c5:92:e7:31:39:
c0:99:7c:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy5/pSb/RBqW7L5EY8+/TDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMDkxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNlNjU2YTIwMTkzODI1ODYzNWRlYmRkMzA4NjI1YmE3OTk0ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvfTfPrcQSAlE/TGbvtzYVrPpFdz
gt0ZLf9bDcTDG5KPsYilQkXUZXF9HU5RDx/oK6FnYKVI31DsX7dsZM6WbbgUCk94
NayTysWQG4IAk8/83sAxOhzPLkZDyNp69fF9894XCAEQl3S6/XsjOVeaPQuCk8V4
VWMKp5YAxbRf30iHBQzLzsTe/3Pl/rYbS+98zYZEh/bBFbeK/x9A2QJ4xe3wIEGa
DJ8plvCcBUDaVNZGp6wTRpBcqEXVu5bBYDLAOKpCGqnlUCX+fV6xAuEZXO6GYdN1
ZER5fgFTWj5rJ7QGwTvbEo1OzvwwfF/EsL4TxSQjgbKk+WqPqhxDdVLqWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLOZWogGTglhjXevdMIYlunmU+7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMHM1bGFpQVpPQ1dHTmQ2OTB3aGlXNmVaVDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABCAZe9AILdEl/DWIm/e
NAFB++sGi2n/X9MokIcdN5l0wgY3QA/UGfCk6/sx1KywxjrYdUPKl2UdMc34KIlu
Axew7f3eyXVevC7x9ksXtFyHNYvEyzdV8BN8Qo+vHMkVokMTOmrUyJ78xtby+ZRw
hL5TflCOCVyOXFwDXPjtKorOqx6sGgH8VB+L7wYbnI7st4WUwg2cNEpNSXPTsH/2
YOGBkZVb/Zxec5rSjiMvbboz7Rgfv7lb+zYhwB8oUYkHQ9uzp/mZez8O9JJqXk2H
izY8z2HG8Y/mHcMGkx0Mzsw3f06PUmLvEFyjz4eDsQT422Zsn+ZXW13FkucxOcCZ
fOc=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:30:23 2025 by rpki-client