Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/29gaspE0Ms9pMKwYEaZmk719brs.roa
File: 29gaspE0Ms9pMKwYEaZmk719brs.roa (raw, json)
Hash identifier: 1wHxkKyNCLQPJK0/nOkW7W1VmtIDe9nHUpuPqq9fRD4=
Subject key identifier: DB:D8:1A:B2:91:34:32:CF:69:30:AC:18:11:A6:66:93:BD:7D:6E:BB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4463A658304F852B968E3CBE92C52E7F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/29gaspE0Ms9pMKwYEaZmk719brs.roa
Signing time: Fri 15 Mar 2024 23:12:45 +0000
ROA not before: Fri 15 Mar 2024 23:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:44:63:a6:58:30:4f:85:2b:96:8e:3c:be:92:c5:2e:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 15 23:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbd81ab2913432cf6930ac1811a66693bd7d6ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1a:d7:4a:f6:13:b4:bd:37:07:6a:a5:c5:74:
36:cf:91:70:f0:18:0b:cb:33:2a:e4:ca:7e:3b:e2:
8e:e8:f7:51:a4:e1:00:83:fa:0f:ab:97:be:9b:55:
cc:78:b7:8c:29:08:8d:a5:b6:db:99:b5:37:b0:3f:
38:75:20:44:62:c7:ad:29:59:9a:1b:46:76:9d:d7:
36:af:be:f7:b7:b0:da:1d:ad:28:7f:ff:bf:41:50:
ae:75:ef:4b:39:89:15:26:83:33:1d:1a:f6:b8:66:
54:aa:b7:bc:1f:40:ce:d9:1b:c1:f8:fc:18:f2:38:
09:e0:3c:ef:37:f9:21:d6:1b:e6:9d:cb:2b:00:47:
4d:38:04:24:1e:ab:1d:f9:93:db:2c:0b:f4:d8:05:
22:f2:27:9b:af:b7:d1:ce:68:64:83:18:fe:f1:f3:
9d:b4:62:91:73:ea:62:23:11:e1:56:89:e8:e0:57:
15:0b:64:e1:3d:36:b4:a7:49:17:c1:fd:72:e8:3f:
88:ef:86:19:3e:23:f1:e0:ac:ae:3c:a1:4c:ee:1d:
fd:25:31:47:e0:17:07:2a:59:87:08:27:3d:6c:97:
73:62:a1:9a:6b:29:98:be:64:ef:16:bc:7b:8e:5a:
9c:a0:e8:7a:d9:4f:e3:53:4e:45:72:db:bc:80:7b:
5a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D8:1A:B2:91:34:32:CF:69:30:AC:18:11:A6:66:93:BD:7D:6E:BB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/29gaspE0Ms9pMKwYEaZmk719brs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:bf:67:9b:bc:ba:58:9e:0d:9d:00:0b:bf:b8:ec:58:69:14:
8f:99:e0:d5:ba:21:d2:d8:bd:38:21:d3:ba:48:27:bc:23:aa:
c8:36:ce:13:53:76:58:59:80:9e:d6:9c:67:0e:24:c1:d9:6f:
4e:91:f9:cf:15:a9:94:8b:56:c2:f8:ed:f3:f5:ba:fd:f5:d8:
8c:09:e5:4a:59:b6:d0:85:32:f6:43:02:2f:58:23:1c:98:94:
39:95:65:a4:40:0b:7e:83:54:73:ee:7e:1d:70:ba:90:b0:96:
7f:a8:75:b4:dc:74:40:c4:ee:4f:a1:cb:8e:4e:ab:ad:86:d7:
69:45:46:3d:9c:eb:22:eb:2e:b5:fc:c1:9a:98:ce:ff:a1:48:
54:06:db:73:6d:3e:29:7d:5a:a2:8e:48:7d:d3:ca:6e:35:ea:
19:b3:35:65:27:10:df:35:5c:f6:9e:94:54:a4:a9:83:b4:d4:
8f:c5:7a:67:c2:95:90:5a:1d:02:35:f2:55:d0:e1:37:0f:5f:
e0:e1:9c:65:92:d4:88:9e:cc:85:1e:07:69:cd:e4:37:64:32:
11:57:21:07:34:cb:55:05:8e:d3:1d:43:c4:64:da:27:61:1e:
35:13:dc:db:24:a6:f8:ac:86:f7:1d:1a:1c:df:03:13:8c:16:
7a:c2:64:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5EY6ZYME+FK5aOPL6SxS5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE1MjMxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQ4MWFiMjkxMzQzMmNmNjkzMGFjMTgxMWE2NjY5M2JkN2Q2ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBrXSvYTtL03B2qlxXQ2z5Fw8BgL
yzMq5Mp+O+KO6PdRpOEAg/oPq5e+m1XMeLeMKQiNpbbbmbU3sD84dSBEYsetKVma
G0Z2ndc2r773t7DaHa0of/+/QVCude9LOYkVJoMzHRr2uGZUqre8H0DO2RvB+PwY
8jgJ4DzvN/kh1hvmncsrAEdNOAQkHqsd+ZPbLAv02AUi8iebr7fRzmhkgxj+8fOd
tGKRc+piIxHhVono4FcVC2ThPTa0p0kXwf1y6D+I74YZPiPx4KyuPKFM7h39JTFH
4BcHKlmHCCc9bJdzYqGaaymYvmTvFrx7jlqcoOh62U/jU05Fctu8gHta0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNvYGrKRNDLPaTCsGBGmZpO9fW67MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMjlnYXNwRTBNczlwTUt3WUVhWm1rNzE5YnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ+/Z5u8ulieDZ0AC7+4
7FhpFI+Z4NW6IdLYvTgh07pIJ7wjqsg2zhNTdlhZgJ7WnGcOJMHZb06R+c8VqZSL
VsL47fP1uv312IwJ5UpZttCFMvZDAi9YIxyYlDmVZaRAC36DVHPufh1wupCwln+o
dbTcdEDE7k+hy45Oq62G12lFRj2c6yLrLrX8wZqYzv+hSFQG23NtPil9WqKOSH3T
ym416hmzNWUnEN81XPaelFSkqYO01I/FemfClZBaHQI18lXQ4TcPX+DhnGWS1Iie
zIUeB2nN5DdkMhFXIQc0y1UFjtMdQ8Rk2idhHjUT3NskpvishvcdGhzfAxOMFnrC
ZKU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:55:11 2025 by rpki-client