Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9aXYkgiWIkaJBKI6ul0QLB7vR3E.roa
File: 9aXYkgiWIkaJBKI6ul0QLB7vR3E.roa (raw, json)
Hash identifier: amcKFAk0ul98Q+TC412j19D/79+1ktuVG+ptXkzLoZw=
Subject key identifier: F5:A5:D8:92:08:96:22:46:89:04:A2:3A:BA:5D:10:2C:1E:EF:47:71
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC1BADD220A7DBD7F5146BB9618BACE9B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9aXYkgiWIkaJBKI6ul0QLB7vR3E.roa
Signing time: Sun 31 Dec 2023 21:14:58 +0000
ROA not before: Sun 31 Dec 2023 21:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c1:ba:dd:22:0a:7d:bd:7f:51:46:bb:96:18:ba:ce:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 21:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5a5d892089622468904a23aba5d102c1eef4771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ba:26:60:01:bf:60:57:71:49:58:f4:0d:3f:
c3:41:ee:9f:e1:e7:8d:5b:76:96:84:27:6d:98:38:
52:81:cc:fd:83:e5:f5:5c:87:cf:7b:08:fc:dd:60:
ab:96:2b:a2:7c:3c:05:3a:7f:21:dc:7b:36:ba:61:
db:f7:b2:32:7c:3c:e0:9a:80:4c:43:36:cb:7d:c4:
bb:9d:f6:1d:0f:bf:a4:e7:76:09:1f:a7:8a:2e:09:
a9:ed:ba:f2:69:19:c4:76:75:78:55:48:98:d9:f2:
07:0a:e3:f8:88:33:70:94:63:58:18:df:1f:fa:61:
c2:47:80:dc:33:e1:c4:e8:da:9a:20:88:78:6b:2f:
7c:4d:3a:8b:d2:34:cd:33:dd:cf:ae:40:48:68:81:
1a:7c:a0:4a:e6:af:11:c3:24:fb:31:b5:90:af:43:
6b:d3:55:f8:ae:bf:d8:4d:c9:dd:e2:ad:53:22:bf:
be:97:25:f4:47:10:72:29:f0:65:53:7d:fb:08:40:
99:ac:8e:87:e7:ad:73:7c:8a:5f:cc:7e:52:a0:77:
05:a0:fb:aa:27:4e:00:d2:1a:f5:b2:8a:f2:7e:a9:
6d:e6:8f:c0:86:6d:f8:cc:e3:00:fe:c2:25:dd:c0:
6b:37:5a:fb:d9:92:8a:d5:66:b2:63:89:d0:a1:ee:
6e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A5:D8:92:08:96:22:46:89:04:A2:3A:BA:5D:10:2C:1E:EF:47:71
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9aXYkgiWIkaJBKI6ul0QLB7vR3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:eb:cd:ee:a4:50:8f:8c:b1:27:67:b4:8c:be:70:d4:c9:86:
ce:e5:d8:39:b7:d1:e1:98:48:37:6a:a6:ab:12:94:a1:49:08:
6c:21:58:73:71:13:ca:e9:a6:f6:23:68:c4:63:db:b4:4e:6e:
81:a0:c9:95:00:de:33:d9:99:d2:5f:9b:6a:5d:40:f3:8e:53:
ba:05:29:84:32:9b:0a:74:d6:b6:63:69:8b:bf:9c:4e:62:9d:
b9:a6:05:d7:ea:f6:9e:31:31:a4:07:6a:29:2d:7f:da:28:98:
b5:d2:24:6f:8b:2b:19:e1:56:07:7c:c1:cd:d8:e2:11:b7:7f:
d3:ca:42:94:7b:04:a8:ae:bc:38:b7:1f:64:c7:df:a9:26:d8:
e6:1f:37:ae:6f:44:9f:c0:ac:9c:03:66:a6:87:71:4b:b0:c4:
ac:af:57:7e:64:c5:18:7a:f1:04:2f:f5:25:77:d1:39:2d:5a:
d8:07:76:cf:8a:7f:66:61:d8:64:61:fe:98:92:fd:8e:94:96:
85:43:2f:07:28:b7:97:40:d4:31:98:ad:4c:a7:1b:fd:23:2f:
cc:04:b4:4d:9f:62:af:68:43:ed:27:0e:25:aa:60:3f:a6:c5:
67:63:38:ec:dc:60:c5:8d:f7:8b:f4:7d:f0:33:6d:16:01:3f:
0f:a6:90:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzBut0iCn29f1FGu5YYus6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMjExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE1ZDg5MjA4OTYyMjQ2ODkwNGEyM2FiYTVkMTAyYzFlZWY0NzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7omYAG/YFdxSVj0DT/DQe6f4eeN
W3aWhCdtmDhSgcz9g+X1XIfPewj83WCrliuifDwFOn8h3Hs2umHb97IyfDzgmoBM
QzbLfcS7nfYdD7+k53YJH6eKLgmp7bryaRnEdnV4VUiY2fIHCuP4iDNwlGNYGN8f
+mHCR4DcM+HE6NqaIIh4ay98TTqL0jTNM93PrkBIaIEafKBK5q8RwyT7MbWQr0Nr
01X4rr/YTcnd4q1TIr++lyX0RxByKfBlU337CECZrI6H561zfIpfzH5SoHcFoPuq
J04A0hr1soryfqlt5o/Ahm34zOMA/sIl3cBrN1r72ZKK1WayY4nQoe5u5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPWl2JIIliJGiQSiOrpdECwe70dxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOWFYWWtnaVdJa2FKQktJNnVsMFFMQjd2UjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD7rze6kUI+MsSdntIy+
cNTJhs7l2Dm30eGYSDdqpqsSlKFJCGwhWHNxE8rppvYjaMRj27ROboGgyZUA3jPZ
mdJfm2pdQPOOU7oFKYQymwp01rZjaYu/nE5inbmmBdfq9p4xMaQHaiktf9oomLXS
JG+LKxnhVgd8wc3Y4hG3f9PKQpR7BKiuvDi3H2TH36km2OYfN65vRJ/ArJwDZqaH
cUuwxKyvV35kxRh68QQv9SV30TktWtgHds+Kf2Zh2GRh/piS/Y6UloVDLwcot5dA
1DGYrUynG/0jL8wEtE2fYq9oQ+0nDiWqYD+mxWdjOOzcYMWN94v0ffAzbRYBPw+m
kOw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:49:49 2025 by rpki-client