Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/D36q8GZDwK2GfgSYln-UMIt-86g.roa
File: D36q8GZDwK2GfgSYln-UMIt-86g.roa (raw, json)
Hash identifier: IqOojAfRpvxF/Bjif/9lTE6aqM5wED/ECCOx2+aQZNY=
Subject key identifier: 0F:7E:AA:F0:66:43:C0:AD:86:7E:04:98:96:7F:94:30:8B:7E:F3:A8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD0881545B9278CED3937274820FD8D51
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/D36q8GZDwK2GfgSYln-UMIt-86g.roa
Signing time: Wed 03 Jan 2024 18:13:48 +0000
ROA not before: Wed 03 Jan 2024 18:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:88:15:45:b9:27:8c:ed:39:37:27:48:20:fd:8d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 18:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f7eaaf06643c0ad867e0498967f94308b7ef3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:4a:43:8e:5f:85:13:6b:3c:a6:ef:cd:e3:
1b:99:e2:01:5e:33:d1:0d:23:f1:1d:58:cb:e6:e0:
39:c4:39:53:ac:b0:62:91:52:05:ae:fb:ae:97:19:
7d:c3:c1:9c:a6:68:b1:24:c9:c6:2c:42:03:4d:c7:
1a:08:65:93:18:60:6c:e2:16:ce:d9:63:25:9b:82:
7c:9a:e3:90:68:3b:04:ef:0f:8e:b6:ba:63:5a:5a:
50:ea:da:92:27:e7:6a:cd:e3:f1:34:b3:39:50:3d:
b4:06:f3:b7:8e:20:15:b7:4c:9d:e4:bc:46:e0:62:
f8:21:63:7b:ef:c5:0e:0a:4f:b4:08:53:14:e1:c1:
74:d3:ff:6d:0f:f7:9f:ef:6d:fa:f6:9a:2d:b5:45:
03:5b:cc:a6:aa:7f:08:90:a2:53:21:38:27:e2:d5:
29:68:9d:e9:15:c5:d1:cb:12:3d:7b:bd:f9:17:2f:
3e:c4:2e:3f:cd:20:5f:59:4b:ca:eb:93:d3:28:78:
4d:05:77:55:3e:c1:06:3a:99:62:8c:a8:a8:b0:f7:
a6:69:43:63:27:ca:ff:46:8b:a4:80:2c:05:f4:e7:
0b:12:81:e7:d5:61:aa:1f:55:95:3c:74:6c:ba:0f:
3f:b5:1d:3a:39:26:ae:74:59:bb:ed:ed:5c:53:19:
45:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7E:AA:F0:66:43:C0:AD:86:7E:04:98:96:7F:94:30:8B:7E:F3:A8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/D36q8GZDwK2GfgSYln-UMIt-86g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:dc:b5:7f:73:d5:bc:a1:63:08:6d:57:e3:7f:be:5c:88:e0:
a8:76:fb:85:6d:26:64:c9:0c:f6:17:0f:09:e8:61:08:94:23:
e9:c4:59:4e:ad:ea:26:b8:07:db:55:5c:54:ba:fe:f5:44:de:
b5:5c:ec:76:1d:37:89:47:d3:fd:9f:13:dd:66:4b:74:fb:ee:
5a:71:f8:6b:4c:40:7a:76:0a:42:80:a3:17:4b:60:8b:f6:8e:
d6:ca:1e:22:b3:d2:16:ca:1a:99:c8:57:6a:e1:a7:87:f8:2c:
0c:37:a8:12:5c:16:7f:c0:a5:6f:7c:13:f4:74:55:28:d7:08:
c4:df:16:21:40:18:c6:c5:a2:93:2b:20:92:92:c1:7d:0b:be:
78:41:53:4a:62:f2:08:8a:6e:d8:be:ed:40:c1:ae:0c:59:41:
27:07:8a:7a:b4:2d:05:b9:59:58:70:40:6a:53:d3:e8:c3:56:
cb:35:7c:0b:a9:cf:ce:b5:2d:b4:69:0c:fc:af:78:80:95:ee:
11:0a:b1:aa:b9:2a:30:80:44:57:d6:c3:01:9c:d0:c1:48:d4:
0f:81:bf:e8:97:42:89:73:ba:bd:ef:74:f4:19:0a:3d:a4:04:
c7:aa:87:b5:60:2f:f1:dc:2e:53:2a:3f:5d:0c:7c:28:4d:3e:
13:74:7a:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzQiBVFuSeM7Tk3J0gg/Y1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMTgxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjdlYWFmMDY2NDNjMGFkODY3ZTA0OTg5NjdmOTQzMDhiN2VmM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4pKQ45fhRNrPKbvzeMbmeIBXjPR
DSPxHVjL5uA5xDlTrLBikVIFrvuulxl9w8GcpmixJMnGLEIDTccaCGWTGGBs4hbO
2WMlm4J8muOQaDsE7w+OtrpjWlpQ6tqSJ+dqzePxNLM5UD20BvO3jiAVt0yd5LxG
4GL4IWN778UOCk+0CFMU4cF00/9tD/ef72369pottUUDW8ymqn8IkKJTITgn4tUp
aJ3pFcXRyxI9e735Fy8+xC4/zSBfWUvK65PTKHhNBXdVPsEGOplijKiosPemaUNj
J8r/RoukgCwF9OcLEoHn1WGqH1WVPHRsug8/tR06OSaudFm77e1cUxlF1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA9+qvBmQ8Cthn4EmJZ/lDCLfvOoMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRDM2cThHWkR3SzJHZmdTWWxuLVVNSXQtODZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFLctX9z1byhYwhtV+N/
vlyI4Kh2+4VtJmTJDPYXDwnoYQiUI+nEWU6t6ia4B9tVXFS6/vVE3rVc7HYdN4lH
0/2fE91mS3T77lpx+GtMQHp2CkKAoxdLYIv2jtbKHiKz0hbKGpnIV2rhp4f4LAw3
qBJcFn/ApW98E/R0VSjXCMTfFiFAGMbFopMrIJKSwX0LvnhBU0pi8giKbti+7UDB
rgxZQScHinq0LQW5WVhwQGpT0+jDVss1fAupz861LbRpDPyveICV7hEKsaq5KjCA
RFfWwwGc0MFI1A+Bv+iXQolzur3vdPQZCj2kBMeqh7VgL/HcLlMqP10MfChNPhN0
egw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:44:28 2025 by rpki-client