Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1--UflVh9htNfItTIXnShPKi9FvI.roa
File: 1--UflVh9htNfItTIXnShPKi9FvI.roa (raw, json)
Hash identifier: Ickfjw9BiWUvDLwrXqoJa5lyevy7jjD73uiJL3988gI=
Subject key identifier: FB:E5:1F:95:58:7D:86:D3:5F:22:D4:C8:5E:74:A1:3C:A8:BD:16:F2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB5068D3AA0C55459F2CBE4EFCCB69F9D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1--UflVh9htNfItTIXnShPKi9FvI.roa
Signing time: Sat 17 Feb 2024 03:05:21 +0000
ROA not before: Sat 17 Feb 2024 03:05:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:b505:c1b8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b5:06:8d:3a:a0:c5:54:59:f2:cb:e4:ef:cc:b6:9f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 17 03:05:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe51f95587d86d35f22d4c85e74a13ca8bd16f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:a8:fb:00:7a:e6:19:83:7d:6e:5e:e5:f0:
2a:f0:32:59:61:8f:1d:80:c1:7f:3b:05:ac:4d:51:
66:df:db:23:1a:b9:f4:3b:69:a4:74:b0:3c:63:4c:
72:14:7b:f8:77:34:f4:8f:8d:17:36:62:72:1e:92:
7a:aa:ea:31:c5:65:02:d0:05:cf:ec:17:d8:f3:61:
ed:0c:84:0c:d0:dc:3b:48:3c:39:4f:9d:1d:d1:06:
a6:3e:e3:02:a6:b4:2e:fa:5d:d7:88:d9:51:83:1e:
a2:73:2a:2c:89:a3:14:28:6c:5a:2a:7a:d5:bf:79:
ea:ba:c0:23:12:16:20:58:22:30:d9:6f:e2:6a:88:
7e:00:22:00:b3:01:40:56:34:69:a7:98:03:c9:9a:
74:e2:6a:90:f9:3e:d0:7b:34:77:7b:7f:8d:58:38:
33:5d:60:34:27:cb:29:fb:60:c7:de:81:5a:6c:3e:
32:6a:a6:a6:dc:1c:0b:18:e3:c7:8e:92:1a:23:7f:
ec:72:dd:55:22:86:55:88:4d:91:66:1b:58:26:58:
5e:c4:e5:e4:79:22:3e:e4:7b:0b:19:a0:b0:b4:23:
97:78:c2:e4:b4:a8:3b:db:c5:f2:66:3c:21:48:4d:
58:ea:74:31:0c:ff:a7:f4:c7:d4:ec:77:40:d3:c2:
4f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E5:1F:95:58:7D:86:D3:5F:22:D4:C8:5E:74:A1:3C:A8:BD:16:F2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1--UflVh9htNfItTIXnShPKi9FvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:29:8b:2c:78:49:54:2d:e5:d8:5e:5e:35:ee:09:a8:bf:f6:
7c:6a:22:26:30:97:18:c7:af:b3:94:99:13:de:64:d4:4c:8b:
d1:1b:ad:5a:26:55:9c:af:5e:3f:0d:4e:b6:2b:14:1d:85:af:
db:ff:2c:30:7d:2d:12:8a:69:98:c2:a6:3c:ea:c9:9a:7c:22:
1b:a2:1d:31:9e:b7:0a:3a:4b:7e:51:fe:77:5a:96:f2:64:64:
ee:54:27:f2:84:8e:54:f3:61:11:d7:d4:86:83:ba:74:b1:40:
39:7f:c9:8b:9c:c3:86:d8:39:ca:95:eb:34:df:97:5a:91:4b:
44:4d:b0:a0:09:5b:b6:08:51:ad:6b:a7:60:66:fa:ba:3a:61:
70:d4:c2:b9:3c:dc:6e:6d:bb:7c:f9:a5:2a:b8:2d:12:0f:87:
29:ca:ed:fe:e8:a1:21:9f:32:f3:4b:31:8d:f3:5f:2a:1d:3c:
4a:b4:3c:6a:07:06:e2:57:5c:f7:c1:1e:4a:c7:d4:33:23:2b:
bb:b9:f5:6e:b1:84:6d:de:45:61:f4:c7:77:6f:c1:15:de:0e:
cc:9e:d6:56:ab:a3:b7:a7:64:6c:69:d9:86:45:8e:10:1d:b8:
0e:5f:f6:a9:7c:48:90:9b:a4:dc:dc:35:23:9e:98:30:7f:41:
d6:7e:88:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY21Bo06oMVUWfLL5O/Mtp+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE3MDMwNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU1MWY5NTU4N2Q4NmQzNWYyMmQ0Yzg1ZTc0YTEzY2E4YmQxNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUuo+wB65hmDfW5e5fAq8DJZYY8d
gMF/OwWsTVFm39sjGrn0O2mkdLA8Y0xyFHv4dzT0j40XNmJyHpJ6quoxxWUC0AXP
7BfY82HtDIQM0Nw7SDw5T50d0QamPuMCprQu+l3XiNlRgx6icyosiaMUKGxaKnrV
v3nqusAjEhYgWCIw2W/iaoh+ACIAswFAVjRpp5gDyZp04mqQ+T7QezR3e3+NWDgz
XWA0J8sp+2DH3oFabD4yaqam3BwLGOPHjpIaI3/sct1VIoZViE2RZhtYJlhexOXk
eSI+5HsLGaCwtCOXeMLktKg728XyZjwhSE1Y6nQxDP+n9MfU7HdA08JPqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPvlH5VYfYbTXyLUyF50oTyovRbyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS0tVWZsVmg5aHROZkl0VElYblNoUEtpOUZ2SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCjKYsseElULeXYXl41
7gmov/Z8aiImMJcYx6+zlJkT3mTUTIvRG61aJlWcr14/DU62KxQdha/b/ywwfS0S
immYwqY86smafCIboh0xnrcKOkt+Uf53WpbyZGTuVCfyhI5U82ER19SGg7p0sUA5
f8mLnMOG2DnKles035dakUtETbCgCVu2CFGta6dgZvq6OmFw1MK5PNxubbt8+aUq
uC0SD4cpyu3+6KEhnzLzSzGN818qHTxKtDxqBwbiV1z3wR5Kx9QzIyu7ufVusYRt
3kVh9Md3b8EV3g7MntZWq6O3p2RsadmGRY4QHbgOX/apfEiQm6Tc3DUjnpgwf0HW
foiP
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:01:35 2025 by rpki-client