Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8cv4wavMl790DXYKyOW1v7dOH5o.roa
File: 8cv4wavMl790DXYKyOW1v7dOH5o.roa (raw, json)
Hash identifier: pHX1FGNli0q4FVLmIe8wcRPUTpM84nqjVwOeVVuAFKI=
Subject key identifier: F1:CB:F8:C1:AB:CC:97:BF:74:0D:76:0A:C8:E5:B5:BF:B7:4E:1F:9A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFD60ADA1F5E0E50357524C498377F0F2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8cv4wavMl790DXYKyOW1v7dOH5o.roa
Signing time: Fri 12 Jan 2024 11:13:40 +0000
ROA not before: Fri 12 Jan 2024 11:13:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:60:ad:a1:f5:e0:e5:03:57:52:4c:49:83:77:f0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 11:13:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1cbf8c1abcc97bf740d760ac8e5b5bfb74e1f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c3:c3:73:98:0b:89:4a:43:34:ed:1f:ed:52:
11:b8:85:c0:cb:4d:45:05:6b:b3:e3:3a:13:b3:f7:
74:69:d8:af:da:ee:45:0e:60:1f:53:00:68:37:6e:
19:de:3a:70:51:b2:8d:67:34:20:dc:9e:5a:a1:d7:
4d:dd:29:57:4d:8f:db:e3:65:03:69:fb:8c:3d:e4:
e3:63:01:e2:ba:ba:9e:84:83:52:3c:45:c1:9a:27:
5d:86:0a:05:eb:ba:77:1a:36:c2:7f:eb:0a:12:f1:
39:b2:42:30:88:ac:09:7b:87:00:2f:e0:cf:0f:4c:
a3:b4:73:7b:01:f0:51:54:b5:13:1e:a0:43:1d:bf:
05:f8:b1:93:73:2a:99:6b:95:5c:d2:f5:5c:5e:49:
1b:bf:18:23:60:e5:5c:d3:dc:b0:b7:5a:b6:6d:f3:
be:9f:81:9c:1a:f1:db:7c:1c:15:e2:ea:81:65:f5:
5e:10:23:c3:18:65:af:62:17:1c:08:54:e2:55:31:
23:ef:fd:ff:d9:6d:6b:23:9b:d1:8c:9a:b1:c3:cb:
aa:18:bb:38:9d:59:67:ab:e2:ea:54:81:54:23:62:
40:b0:a3:f8:2b:63:f7:49:16:23:b4:74:f6:41:fa:
e4:f7:71:d6:32:ed:e6:c7:c3:38:b7:a1:0b:8e:ad:
86:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CB:F8:C1:AB:CC:97:BF:74:0D:76:0A:C8:E5:B5:BF:B7:4E:1F:9A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8cv4wavMl790DXYKyOW1v7dOH5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:79:b7:a9:d4:30:1c:70:3d:fb:2d:cf:e0:69:e1:52:1e:8b:
e7:f7:2e:37:ad:7b:65:48:29:fd:d4:95:36:26:c1:a7:b6:95:
9a:a7:ef:81:f1:b8:fe:b3:82:ad:a8:34:05:49:f5:9f:b7:20:
65:aa:99:a0:07:08:ac:3b:c0:79:81:bc:9c:f3:51:c4:31:d9:
2d:75:be:e0:82:70:e2:ea:25:71:fd:b1:36:67:32:4d:48:91:
42:37:e8:38:c5:d0:ac:21:38:ab:3d:a4:a4:e5:36:2b:28:24:
41:2e:4c:3f:fa:7e:c7:44:af:16:0d:49:f5:60:52:80:2a:de:
0e:82:9e:7f:d6:d0:cb:b1:5c:7b:da:8b:c0:8b:d1:23:db:2e:
bd:5b:b3:e7:8e:93:d3:91:7e:aa:bc:f3:d1:21:ac:35:b4:e4:
12:be:14:b6:84:94:5f:79:ef:fa:b9:b4:9d:be:58:2f:0f:08:
96:1e:b5:44:4b:28:6b:c9:07:91:b8:0c:02:97:cd:4b:96:e9:
4e:35:93:69:1a:c4:ad:87:02:61:58:37:65:8a:d5:bf:1a:fc:
ac:d6:5d:be:df:33:f0:a4:dc:6a:eb:20:50:80:2e:59:d2:21:
6f:6a:6f:76:4d:c5:45:c1:29:79:c8:6c:16:b7:a2:9d:be:f1:
ff:b9:c5:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz9YK2h9eDlA1dSTEmDd/DyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMTExMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNiZjhjMWFiY2M5N2JmNzQwZDc2MGFjOGU1YjViZmI3NGUxZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMPDc5gLiUpDNO0f7VIRuIXAy01F
BWuz4zoTs/d0adiv2u5FDmAfUwBoN24Z3jpwUbKNZzQg3J5aoddN3SlXTY/b42UD
afuMPeTjYwHiurqehINSPEXBmiddhgoF67p3GjbCf+sKEvE5skIwiKwJe4cAL+DP
D0yjtHN7AfBRVLUTHqBDHb8F+LGTcyqZa5Vc0vVcXkkbvxgjYOVc09ywt1q2bfO+
n4GcGvHbfBwV4uqBZfVeECPDGGWvYhccCFTiVTEj7/3/2W1rI5vRjJqxw8uqGLs4
nVlnq+LqVIFUI2JAsKP4K2P3SRYjtHT2Qfrk93HWMu3mx8M4t6ELjq2GAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPHL+MGrzJe/dA12Csjltb+3Th+aMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOGN2NHdhdk1sNzkwRFhZS3lPVzF2N2RPSDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJh5t6nUMBxwPfstz+Bp
4VIei+f3Ljete2VIKf3UlTYmwae2lZqn74HxuP6zgq2oNAVJ9Z+3IGWqmaAHCKw7
wHmBvJzzUcQx2S11vuCCcOLqJXH9sTZnMk1IkUI36DjF0KwhOKs9pKTlNisoJEEu
TD/6fsdErxYNSfVgUoAq3g6Cnn/W0MuxXHvai8CL0SPbLr1bs+eOk9ORfqq889Eh
rDW05BK+FLaElF957/q5tJ2+WC8PCJYetURLKGvJB5G4DAKXzUuW6U41k2kaxK2H
AmFYN2WK1b8a/KzWXb7fM/Ck3GrrIFCALlnSIW9qb3ZNxUXBKXnIbBa3op2+8f+5
xeA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:38:07 2025 by rpki-client