Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9hZDTTeGtgVMucgWJ6oFxDtFo6U.roa
File: 9hZDTTeGtgVMucgWJ6oFxDtFo6U.roa (raw, json)
Hash identifier: JMyjKyJANHoh+Odc4mK1WHJBGfh0YmcKjtWRqfhDrHY=
Subject key identifier: F6:16:43:4D:37:86:B6:05:4C:B9:C8:16:27:AA:05:C4:3B:45:A3:A5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D61CE259AA2E383397BC464F294669D65
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9hZDTTeGtgVMucgWJ6oFxDtFo6U.roa
Signing time: Wed 31 Jan 2024 23:15:16 +0000
ROA not before: Wed 31 Jan 2024 23:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:61:ce:25:9a:a2:e3:83:39:7b:c4:64:f2:94:66:9d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 31 23:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f616434d3786b6054cb9c81627aa05c43b45a3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bb:1f:c6:de:e9:63:be:a0:11:6c:f5:5c:8b:
83:86:88:bb:b5:88:9b:a7:00:d5:38:9d:ab:a4:78:
d5:27:26:e2:1f:66:3e:23:53:56:eb:3b:31:71:dc:
ca:57:62:ec:3d:bd:1f:09:1b:d1:a9:d3:b2:93:ec:
51:ea:86:c9:30:b8:33:66:9b:dc:96:c2:3e:54:ce:
c9:d6:a9:7f:65:ae:df:46:d1:2e:59:b4:a1:58:72:
f4:23:69:46:4c:6c:5b:6e:15:48:38:35:90:13:42:
be:5f:77:dd:b0:63:25:00:b2:0c:d6:25:2b:d0:24:
b6:7c:77:cf:d3:fc:33:c7:04:63:95:f0:00:16:2c:
8b:b6:6e:d8:c3:e1:d1:2e:de:da:4f:f4:5d:d9:8d:
89:f3:18:a1:04:2c:fd:c0:df:e4:c8:8e:e6:e8:9d:
9b:a8:3e:9c:a7:e1:dc:bc:f5:51:cd:96:43:f3:c0:
94:54:7b:ab:e3:51:6d:ca:49:72:bb:ff:5c:f6:d8:
45:0d:6e:ed:54:5e:48:3f:cb:04:37:13:98:a7:40:
10:71:25:a6:9e:cb:12:4c:c0:ba:99:46:b2:5a:d8:
90:9e:ae:2e:e2:c8:c8:d0:73:f0:b4:86:bd:8d:de:
8e:56:89:93:03:e0:c4:2f:b9:2c:52:b1:8d:87:d6:
00:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:16:43:4D:37:86:B6:05:4C:B9:C8:16:27:AA:05:C4:3B:45:A3:A5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9hZDTTeGtgVMucgWJ6oFxDtFo6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:49:03:00:da:e9:d1:b7:c6:37:71:3b:f2:1d:09:84:a4:46:
89:39:0b:48:08:0b:d2:d9:ee:45:9b:ec:b4:c1:82:3a:e3:fc:
c4:b5:2d:d0:80:94:42:71:0f:23:ea:71:7a:2b:30:e4:fa:68:
6f:0c:32:15:f2:f5:cc:2b:85:83:4a:92:98:75:9a:f5:76:ee:
07:f4:89:e4:d0:0d:8d:68:5d:9b:c4:90:d3:6c:e4:8c:6e:07:
76:69:0c:f4:5b:d9:26:7e:a5:0b:fb:45:de:00:4d:ea:92:d1:
ec:e9:76:4d:9c:71:90:41:9d:c0:13:c8:dc:80:0c:d5:d4:84:
ef:bf:7e:e0:35:4a:03:0f:dc:76:29:e1:38:a2:bd:e4:c5:ac:
09:39:1b:f7:dc:55:1f:59:20:c4:af:b0:26:2d:ec:cb:a7:86:
b2:73:d1:0d:1e:e6:bd:5c:4a:7f:1f:29:88:81:29:4d:fb:0c:
b4:a7:70:7a:23:71:52:7a:27:64:a8:3f:dd:0f:f6:20:5d:18:
d9:14:eb:eb:1c:28:7c:05:f7:72:1d:90:96:6e:b9:95:d1:3a:
bc:ae:8f:ea:5a:2a:5f:a4:af:ee:4b:8b:7a:20:52:d8:51:68:
be:40:cd:4e:59:e3:91:ec:09:18:af:9b:9e:86:28:fe:38:bc:
c4:5c:a3:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1hziWaouODOXvEZPKUZp1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMxMjMxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE2NDM0ZDM3ODZiNjA1NGNiOWM4MTYyN2FhMDVjNDNiNDVhM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrsfxt7pY76gEWz1XIuDhoi7tYib
pwDVOJ2rpHjVJybiH2Y+I1NW6zsxcdzKV2LsPb0fCRvRqdOyk+xR6obJMLgzZpvc
lsI+VM7J1ql/Za7fRtEuWbShWHL0I2lGTGxbbhVIODWQE0K+X3fdsGMlALIM1iUr
0CS2fHfP0/wzxwRjlfAAFiyLtm7Yw+HRLt7aT/Rd2Y2J8xihBCz9wN/kyI7m6J2b
qD6cp+HcvPVRzZZD88CUVHur41Ftyklyu/9c9thFDW7tVF5IP8sENxOYp0AQcSWm
nssSTMC6mUayWtiQnq4u4sjI0HPwtIa9jd6OVomTA+DEL7ksUrGNh9YA1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPYWQ003hrYFTLnIFieqBcQ7RaOlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOWhaRFRUZUd0Z1ZNdWNnV0o2b0Z4RHRGbzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFZJAwDa6dG3xjdxO/Id
CYSkRok5C0gIC9LZ7kWb7LTBgjrj/MS1LdCAlEJxDyPqcXorMOT6aG8MMhXy9cwr
hYNKkph1mvV27gf0ieTQDY1oXZvEkNNs5IxuB3ZpDPRb2SZ+pQv7Rd4ATeqS0ezp
dk2ccZBBncATyNyADNXUhO+/fuA1SgMP3HYp4TiiveTFrAk5G/fcVR9ZIMSvsCYt
7MunhrJz0Q0e5r1cSn8fKYiBKU37DLSncHojcVJ6J2SoP90P9iBdGNkU6+scKHwF
93IdkJZuuZXROryuj+paKl+kr+5Li3ogUthRaL5AzU5Z45HsCRivm56GKP44vMRc
oxg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:13:14 2025 by rpki-client