Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-rhRTipnfph9Hgj9n81iNenar4o.roa
File: 1-rhRTipnfph9Hgj9n81iNenar4o.roa (raw, json)
Hash identifier: 7qcOuJufHcdSnMqd7cEaHqrZJ+A0UqYk8NBXpIM5Yfw=
Subject key identifier: FA:B8:51:4E:2A:67:7E:98:7D:1E:08:FD:9F:CD:62:35:E9:DA:AF:8A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEE50CAE9E1B06D879B4610B2FF7624E8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-rhRTipnfph9Hgj9n81iNenar4o.roa
Signing time: Wed 28 Feb 2024 06:04:48 +0000
ROA not before: Wed 28 Feb 2024 06:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:ee50:4639/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:50:ca:e9:e1:b0:6d:87:9b:46:10:b2:ff:76:24:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 06:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fab8514e2a677e987d1e08fd9fcd6235e9daaf8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:85:50:cb:e0:d5:cd:97:44:4d:b7:a4:88:ac:
07:e1:48:bb:81:83:36:71:c0:e3:a6:2d:21:b8:c4:
46:2b:04:70:d8:23:90:04:5f:7f:27:c5:55:e1:6a:
43:2f:e7:7e:73:23:be:1c:bc:aa:63:f2:e0:ee:7f:
6c:fe:fa:6d:37:b5:91:91:2b:61:f1:ba:0c:40:9a:
e7:56:f7:e3:19:b5:ca:b4:a0:af:b0:0b:43:8d:45:
ca:6b:ba:46:51:e0:60:4c:0f:a5:5e:35:bb:7b:16:
47:2c:1a:06:65:e7:fe:cd:28:c0:2c:9d:a3:ce:4b:
26:67:9e:f5:3a:ae:36:58:90:51:70:a5:5c:c6:46:
2a:8c:ba:11:bb:ff:d1:46:1b:b0:55:0d:46:02:ba:
d1:05:97:e7:8d:ee:b5:76:f0:a6:5b:4f:76:73:b4:
d0:c1:60:f5:12:bd:d8:45:f4:43:40:2a:45:5b:e4:
76:c5:64:da:eb:50:b0:51:47:07:b5:32:b9:68:29:
f6:f6:22:77:66:cb:31:79:20:b6:bb:5f:21:f8:bc:
5a:82:6d:14:ad:3c:36:50:4a:7f:7d:f5:e3:71:cb:
9e:f1:19:5f:24:f1:c1:c8:eb:de:e7:6d:8b:df:c9:
29:92:bf:64:21:a9:4b:93:31:24:22:fe:0d:a2:be:
11:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B8:51:4E:2A:67:7E:98:7D:1E:08:FD:9F:CD:62:35:E9:DA:AF:8A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-rhRTipnfph9Hgj9n81iNenar4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:34:f8:c6:b9:8e:b6:25:59:a0:d2:38:eb:5b:38:c8:77:d1:
98:ac:bb:9e:8c:bf:9d:b5:ad:d6:f9:ba:64:5e:f5:07:e8:de:
bc:98:88:a7:cd:64:f9:6a:07:44:db:f6:71:12:ed:cc:3e:e6:
94:63:9e:92:26:6a:6b:91:fd:b1:a1:05:63:2c:cd:ed:fa:45:
e3:b0:5f:15:1a:af:f2:41:dc:13:4e:c4:b3:c1:c6:50:f7:29:
4e:1c:70:80:af:36:cd:64:0f:a6:c1:bb:84:a1:aa:61:90:60:
be:8e:2e:1c:dc:9e:17:71:39:e4:db:7d:75:bf:34:b1:6b:66:
a7:4f:e8:cf:c5:56:b9:e3:e4:ac:3d:f2:4e:70:76:6c:db:c1:
9f:81:92:91:c0:1b:35:2f:d0:bd:6c:24:90:e3:1c:04:a7:23:
a6:e2:7e:d6:1e:43:af:f2:1d:13:73:34:f7:23:45:66:b5:21:
b1:a8:00:97:5a:6d:03:1c:5b:0c:84:64:05:84:86:e9:2e:28:
58:37:b3:df:e0:d7:f1:6c:f6:7e:e7:48:08:ea:62:81:20:93:
42:37:a5:f2:b7:6f:0e:e5:44:97:60:2d:f1:49:57:6a:c0:d2:
26:f6:47:9b:85:5b:c4:92:9d:ad:ca:7e:a7:ce:b6:da:f0:d3:
cf:58:e8:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3uUMrp4bBth5tGELL/diToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDYwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWI4NTE0ZTJhNjc3ZTk4N2QxZTA4ZmQ5ZmNkNjIzNWU5ZGFhZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9oVQy+DVzZdETbekiKwH4Ui7gYM2
ccDjpi0huMRGKwRw2COQBF9/J8VV4WpDL+d+cyO+HLyqY/Lg7n9s/vptN7WRkSth
8boMQJrnVvfjGbXKtKCvsAtDjUXKa7pGUeBgTA+lXjW7exZHLBoGZef+zSjALJ2j
zksmZ571Oq42WJBRcKVcxkYqjLoRu//RRhuwVQ1GArrRBZfnje61dvCmW092c7TQ
wWD1Er3YRfRDQCpFW+R2xWTa61CwUUcHtTK5aCn29iJ3ZssxeSC2u18h+Lxagm0U
rTw2UEp/ffXjccue8RlfJPHByOve522L38kpkr9kIalLkzEkIv4Nor4R1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPq4UU4qZ36YfR4I/Z/NYjXp2q+KMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1yaFJUaXBuZnBoOUhnajluODFpTmVuYXI0by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQA9NPjGuY62JVmg0jjr
WzjId9GYrLuejL+dta3W+bpkXvUH6N68mIinzWT5agdE2/ZxEu3MPuaUY56SJmpr
kf2xoQVjLM3t+kXjsF8VGq/yQdwTTsSzwcZQ9ylOHHCArzbNZA+mwbuEoaphkGC+
ji4c3J4XcTnk2311vzSxa2anT+jPxVa54+SsPfJOcHZs28GfgZKRwBs1L9C9bCSQ
4xwEpyOm4n7WHkOv8h0TczT3I0VmtSGxqACXWm0DHFsMhGQFhIbpLihYN7Pf4Nfx
bPZ+50gI6mKBIJNCN6Xyt28O5USXYC3xSVdqwNIm9kebhVvEkp2tyn6nzrba8NPP
WOiI
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:49:44 2025 by rpki-client