Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-bQMnIvMJZiTTev-kD1mE-3O3s4.roa
File: 1-bQMnIvMJZiTTev-kD1mE-3O3s4.roa (raw, json)
Hash identifier: 3ZXcAxvLHabfE0TrkRXlOF/AkshoYHNsUHdgF4+xxn0=
Subject key identifier: F9:B4:0C:9C:8B:CC:25:98:93:4D:EB:FE:90:3D:66:13:ED:CE:DE:CE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB1D643020B96C4781ED9339E7DD7A087
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-bQMnIvMJZiTTev-kD1mE-3O3s4.roa
Signing time: Thu 28 Dec 2023 19:10:58 +0000
ROA not before: Thu 28 Dec 2023 19:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:d6:43:02:0b:96:c4:78:1e:d9:33:9e:7d:d7:a0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 28 19:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9b40c9c8bcc2598934debfe903d6613edcedece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ca:b1:0f:ee:2e:a0:0b:9c:8c:30:56:d4:02:
7a:fa:bf:52:ce:2e:de:99:44:e3:5b:f7:83:bb:99:
40:81:60:36:66:69:87:49:04:49:a3:e7:d8:68:49:
69:98:8e:91:46:b3:f4:ff:0e:47:2c:bf:e2:af:7b:
23:a3:aa:a9:96:dd:96:71:98:d5:93:e9:79:e2:51:
8e:33:6b:b1:d6:7f:db:f5:3a:65:56:da:21:0f:64:
bf:e0:f8:ce:04:91:19:7f:98:ec:b7:03:58:02:13:
75:de:5b:47:80:3e:11:93:3d:37:83:a8:22:d8:b8:
00:94:c9:ab:f5:30:76:e3:49:96:a2:d4:92:4b:31:
cf:1e:d1:1e:00:29:50:53:37:80:8e:9d:a2:13:2c:
81:a7:d2:72:99:17:b5:2e:e1:61:a9:31:85:a6:1c:
e7:cb:d3:e2:9f:79:0f:72:8b:c6:75:f3:78:bb:32:
c3:8f:55:63:d4:09:8e:29:c2:fd:e3:b5:66:74:ee:
ee:9b:17:69:c3:37:b2:f5:59:89:25:4e:ca:4e:0f:
76:5f:1f:f2:74:cd:a2:ec:64:ff:2e:c1:92:5b:cd:
fc:ff:b7:32:9b:bc:91:fd:18:bd:35:77:4b:0f:5e:
b5:88:47:22:c6:8d:28:f7:4e:dc:f5:be:8b:d2:51:
c2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B4:0C:9C:8B:CC:25:98:93:4D:EB:FE:90:3D:66:13:ED:CE:DE:CE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-bQMnIvMJZiTTev-kD1mE-3O3s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:da:37:a3:b6:54:9e:a6:74:c5:1d:8d:76:ed:7f:01:35:87:
65:72:cb:5d:1c:76:63:68:c2:49:a8:ff:f9:ca:b4:ab:6f:24:
e9:34:c8:ce:21:6f:e2:39:94:0c:85:33:da:25:e4:a2:c0:fe:
09:f4:e1:a0:8b:c7:c6:80:1b:34:1d:cc:92:78:64:0e:5e:4e:
33:ed:fe:b5:29:6a:dc:2e:be:83:2c:68:17:7f:a8:b7:ba:7b:
ff:2b:bc:5b:8c:2c:f0:8a:01:70:f0:2b:78:27:a3:51:a8:4d:
0e:81:e7:85:c7:f8:57:0c:0c:e9:7b:1f:c2:46:bb:24:81:88:
d3:90:6e:e3:24:de:1d:0e:f8:69:92:8c:24:1f:7d:a0:5a:78:
62:61:12:e2:62:75:40:76:30:40:13:58:ca:1d:4f:03:42:b3:
9c:92:e3:23:08:57:a2:9f:d4:c4:ef:7c:a5:1f:b4:b8:ec:72:
47:bb:3c:b4:db:e6:d9:4b:d4:fe:6e:29:df:93:52:09:a9:f8:
68:83:8f:e5:67:71:65:e3:a4:fe:1a:fb:2f:88:7f:18:a8:76:
00:50:18:51:26:99:29:7a:13:b9:5f:e8:5b:66:28:de:6c:c4:
d1:70:0e:e8:04:fd:98:21:81:69:c2:67:97:d1:b6:72:34:78:
e6:7e:ec:32
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyx1kMCC5bEeB7ZM55916CHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI4MTkxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI0MGM5YzhiY2MyNTk4OTM0ZGViZmU5MDNkNjYxM2VkY2VkZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8qxD+4uoAucjDBW1AJ6+r9Szi7e
mUTjW/eDu5lAgWA2ZmmHSQRJo+fYaElpmI6RRrP0/w5HLL/ir3sjo6qplt2WcZjV
k+l54lGOM2ux1n/b9TplVtohD2S/4PjOBJEZf5jstwNYAhN13ltHgD4Rkz03g6gi
2LgAlMmr9TB240mWotSSSzHPHtEeAClQUzeAjp2iEyyBp9JymRe1LuFhqTGFphzn
y9Pin3kPcovGdfN4uzLDj1Vj1AmOKcL947VmdO7umxdpwzey9VmJJU7KTg92Xx/y
dM2i7GT/LsGSW838/7cym7yR/Ri9NXdLD161iEcixo0o907c9b6L0lHCfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPm0DJyLzCWYk03r/pA9ZhPtzt7OMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1iUU1uSXZNSlppVFRldi1rRDFtRS0zTzNzNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQAC2jejtlSepnTFHY12
7X8BNYdlcstdHHZjaMJJqP/5yrSrbyTpNMjOIW/iOZQMhTPaJeSiwP4J9OGgi8fG
gBs0HcySeGQOXk4z7f61KWrcLr6DLGgXf6i3unv/K7xbjCzwigFw8Ct4J6NRqE0O
geeFx/hXDAzpex/CRrskgYjTkG7jJN4dDvhpkowkH32gWnhiYRLiYnVAdjBAE1jK
HU8DQrOckuMjCFein9TE73ylH7S47HJHuzy02+bZS9T+binfk1IJqfhog4/lZ3Fl
46T+GvsviH8YqHYAUBhRJpkpehO5X+hbZijebMTRcA7oBP2YIYFpwmeX0bZyNHjm
fuwy
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:35 2025 by rpki-client