Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9KdPcNvJ_o38yeFH1iN4h7JkYpg.roa
File: 9KdPcNvJ_o38yeFH1iN4h7JkYpg.roa (raw, json)
Hash identifier: inhKpe4QhwYP0rGTLc1ZjepjRqiMIHFwQ2MBqA2PIlo=
Subject key identifier: F4:A7:4F:70:DB:C9:FE:8D:FC:C9:E1:47:D6:23:78:87:B2:64:62:98
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA679A26A858ECD75C928D3BAF7BBE766
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9KdPcNvJ_o38yeFH1iN4h7JkYpg.roa
Signing time: Tue 26 Dec 2023 14:13:58 +0000
ROA not before: Tue 26 Dec 2023 14:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:79:a2:6a:85:8e:cd:75:c9:28:d3:ba:f7:bb:e7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 14:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4a74f70dbc9fe8dfcc9e147d6237887b2646298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cd:5d:53:b3:de:e7:0a:65:f9:4f:70:67:2c:
d6:02:c5:06:03:54:a6:a4:cd:b9:7e:fa:b9:23:1d:
97:10:77:52:c3:d7:49:8b:6d:22:4f:ac:42:b4:99:
d3:61:37:54:1c:fc:d7:ef:3a:19:c1:2d:ff:ce:eb:
66:4e:12:fc:63:48:5f:d8:69:a0:a6:72:20:b4:fe:
5f:13:40:0e:f0:f1:77:69:8a:95:c0:79:00:18:9f:
08:67:48:1f:c1:55:8e:83:56:21:b1:94:ad:79:48:
f6:2a:ec:1f:5f:c4:3c:7d:c3:88:78:93:17:de:aa:
19:f2:01:0c:69:61:6f:a2:00:d5:dc:3c:ca:64:e8:
a4:3f:df:a1:8e:1f:bf:39:ca:8b:6f:0e:33:c9:d8:
f3:bf:72:14:40:f7:e5:eb:21:54:46:dc:97:11:b1:
82:ed:b9:95:82:2a:eb:c4:cd:e8:9f:0b:a5:5f:c9:
ba:34:fe:b3:d4:7e:e6:6d:01:1e:d8:58:82:0e:59:
ec:41:c2:a2:74:5e:3b:0b:b9:fc:00:f4:c3:61:b6:
6f:58:23:29:56:a7:1b:4a:38:f7:30:c3:15:25:9d:
97:da:bd:80:c4:6d:03:c5:4b:4c:f0:ea:4a:85:44:
09:a0:f2:7c:85:86:32:e9:1a:78:ac:c3:a9:67:22:
af:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A7:4F:70:DB:C9:FE:8D:FC:C9:E1:47:D6:23:78:87:B2:64:62:98
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9KdPcNvJ_o38yeFH1iN4h7JkYpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:a8:76:ab:f6:7b:8b:98:8d:d0:ba:ad:67:a0:e7:7e:d2:09:
80:3d:9c:9b:6f:80:78:07:17:23:e5:c1:91:6d:de:eb:26:eb:
1e:86:bd:c0:5f:fe:3d:8b:e8:71:da:39:ff:b7:56:fc:9b:bf:
ba:44:1a:f9:ba:73:78:f5:5a:a0:58:72:e6:79:7d:78:1e:16:
a6:88:85:85:41:4d:2e:ce:49:e8:11:42:7d:83:17:d9:fd:4a:
fc:24:cb:82:83:52:ab:f9:28:ab:bf:a5:f1:b5:fd:31:db:19:
f0:c2:80:4b:53:de:81:7f:12:b0:ab:be:eb:15:4e:dd:41:0e:
9f:b8:14:14:32:d9:46:73:10:9b:92:f0:e2:94:84:2e:ad:1d:
1b:ab:51:37:77:8c:1c:30:9e:bf:8f:04:6a:5d:d0:64:19:90:
eb:88:d7:f8:d9:08:b9:e3:9c:09:ce:37:fe:1a:d8:24:fe:a2:
39:02:9e:d6:37:d1:8a:44:c6:b5:af:a5:63:8d:1d:fd:9f:a9:
b1:ab:2e:32:55:18:49:f2:8a:a3:f8:c8:6b:a9:2d:82:b7:73:
6c:7a:8c:2e:2b:97:1b:68:36:c8:d8:24:4f:9b:06:d4:48:c4:
ac:c7:f1:0e:2b:11:2e:6b:ee:c7:28:72:58:bd:cb:4c:ef:3e:
35:15:dc:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYymeaJqhY7Ndcko07r3u+dmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MTQxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE3NGY3MGRiYzlmZThkZmNjOWUxNDdkNjIzNzg4N2IyNjQ2Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic1dU7Pe5wpl+U9wZyzWAsUGA1Sm
pM25fvq5Ix2XEHdSw9dJi20iT6xCtJnTYTdUHPzX7zoZwS3/zutmThL8Y0hf2Gmg
pnIgtP5fE0AO8PF3aYqVwHkAGJ8IZ0gfwVWOg1YhsZSteUj2KuwfX8Q8fcOIeJMX
3qoZ8gEMaWFvogDV3DzKZOikP9+hjh+/OcqLbw4zydjzv3IUQPfl6yFURtyXEbGC
7bmVgirrxM3onwulX8m6NP6z1H7mbQEe2FiCDlnsQcKidF47C7n8APTDYbZvWCMp
VqcbSjj3MMMVJZ2X2r2AxG0DxUtM8OpKhUQJoPJ8hYYy6Rp4rMOpZyKvIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSnT3Dbyf6N/MnhR9YjeIeyZGKYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOUtkUGNOdkpfbzM4eWVGSDFpTjRoN0prWXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHeodqv2e4uYjdC6rWeg
537SCYA9nJtvgHgHFyPlwZFt3usm6x6GvcBf/j2L6HHaOf+3Vvybv7pEGvm6c3j1
WqBYcuZ5fXgeFqaIhYVBTS7OSegRQn2DF9n9Svwky4KDUqv5KKu/pfG1/THbGfDC
gEtT3oF/ErCrvusVTt1BDp+4FBQy2UZzEJuS8OKUhC6tHRurUTd3jBwwnr+PBGpd
0GQZkOuI1/jZCLnjnAnON/4a2CT+ojkCntY30YpExrWvpWONHf2fqbGrLjJVGEny
iqP4yGupLYK3c2x6jC4rlxtoNsjYJE+bBtRIxKzH8Q4rES5r7scocli9y0zvPjUV
3LU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:49:59 2025 by rpki-client