Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/D8EfNoPh01fmgs8QtEILs3Rt9iA.roa
File: D8EfNoPh01fmgs8QtEILs3Rt9iA.roa (raw, json)
Hash identifier: ZoGtAHNDDmw+4yWcS83Q0ll9mVBsxDR08wA9fE66zMM=
Subject key identifier: 0F:C1:1F:36:83:E1:D3:57:E6:82:CF:10:B4:42:0B:B3:74:6D:F6:20
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDA90CE52A9436870A1532CBD3361C009
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/D8EfNoPh01fmgs8QtEILs3Rt9iA.roa
Signing time: Sun 14 Apr 2024 03:05:06 +0000
ROA not before: Sun 14 Apr 2024 03:05:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:da90:ba88/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:da:90:ce:52:a9:43:68:70:a1:53:2c:bd:33:61:c0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 14 03:05:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fc11f3683e1d357e682cf10b4420bb3746df620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0d:73:21:6e:41:5d:4e:36:40:ef:9a:d5:13:
a3:cc:8d:c3:3f:55:3c:2a:ec:15:82:11:85:87:83:
73:12:40:70:00:d7:d1:b0:2e:11:4b:b4:51:67:0e:
2f:39:05:16:ba:73:22:c7:40:17:50:7e:50:34:1c:
d5:6d:c7:cb:97:54:ce:cb:de:3f:e1:e2:8b:d5:04:
16:8a:86:75:a4:09:7d:28:7d:7b:c7:63:d7:fb:8d:
b4:13:43:72:da:d0:47:2e:47:71:cb:02:36:da:17:
a9:71:f4:18:08:90:08:8b:68:da:e3:57:77:92:d1:
7a:99:01:6d:fd:ed:21:cd:11:a8:f5:f3:39:fc:b3:
07:a2:5b:d2:99:bf:7f:d8:dd:52:b2:69:03:51:9b:
16:7c:c1:74:b2:cf:c3:4d:24:fd:78:87:38:91:1f:
14:7a:78:88:6c:03:d7:5a:08:67:bd:1f:01:7a:ac:
27:1e:6e:ef:98:4a:61:10:6f:e7:56:7e:8d:94:22:
4e:e0:93:73:28:98:e1:40:fe:ad:14:2c:d2:e6:36:
d6:73:f4:24:b8:ec:39:f0:8b:ab:0e:97:59:bf:8a:
2f:9e:fe:01:8d:8b:72:a2:0d:6c:08:30:b5:2c:c9:
e5:38:8b:14:3c:de:f1:89:4f:d5:b6:23:94:f9:06:
2a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C1:1F:36:83:E1:D3:57:E6:82:CF:10:B4:42:0B:B3:74:6D:F6:20
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/D8EfNoPh01fmgs8QtEILs3Rt9iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:c5:0f:d1:29:86:4f:0f:6b:55:f9:f2:49:cf:3e:0a:35:ee:
f9:50:a6:95:04:a4:af:32:6e:10:c2:6c:68:f8:54:f5:2a:51:
b8:e3:21:ff:b0:18:ed:d8:30:5c:35:44:82:68:d0:21:8a:ee:
0f:f3:3f:07:9e:88:9f:7c:fa:98:e5:85:ff:27:c3:db:b6:62:
55:9e:2d:c5:30:0b:0c:45:8d:0e:2b:f6:80:db:a7:75:8a:56:
0c:37:53:2f:6d:8b:f9:66:06:98:74:4d:78:f7:2d:3a:c5:a9:
4a:b4:3d:12:b6:6d:d1:48:7e:ba:16:38:d6:5b:15:c7:8b:d6:
e5:6b:f6:95:7c:0e:9e:d1:2f:b3:5b:1d:30:bf:f6:50:6a:12:
3e:7b:e8:e8:05:a5:b5:e3:87:d5:62:9b:80:60:9c:65:82:53:
fb:a0:c7:e1:53:7c:0e:1a:66:bb:c3:fe:d2:76:bb:36:9f:89:
0d:ea:15:72:1b:48:22:8e:01:9c:77:cd:84:ee:a5:15:c5:4b:
95:4a:18:d7:8e:0d:91:81:57:da:17:00:63:57:b6:45:b1:11:
62:a7:ef:99:26:62:64:dc:eb:b2:d4:eb:4c:e4:8c:3f:e4:7c:
58:05:53:5e:34:65:fb:06:ba:6f:1a:2c:ed:a3:70:ce:53:f2:
04:b1:82:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7akM5SqUNocKFTLL0zYcAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE0MDMwNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmMxMWYzNjgzZTFkMzU3ZTY4MmNmMTBiNDQyMGJiMzc0NmRmNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg1zIW5BXU42QO+a1ROjzI3DP1U8
KuwVghGFh4NzEkBwANfRsC4RS7RRZw4vOQUWunMix0AXUH5QNBzVbcfLl1TOy94/
4eKL1QQWioZ1pAl9KH17x2PX+420E0Ny2tBHLkdxywI22hepcfQYCJAIi2ja41d3
ktF6mQFt/e0hzRGo9fM5/LMHolvSmb9/2N1SsmkDUZsWfMF0ss/DTST9eIc4kR8U
eniIbAPXWghnvR8BeqwnHm7vmEphEG/nVn6NlCJO4JNzKJjhQP6tFCzS5jbWc/Qk
uOw58IurDpdZv4ovnv4BjYtyog1sCDC1LMnlOIsUPN7xiU/VtiOU+QYqtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA/BHzaD4dNX5oLPELRCC7N0bfYgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRDhFZk5vUGgwMWZtZ3M4UXRFSUxzM1J0OWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFvFD9Ephk8Pa1X58knP
Pgo17vlQppUEpK8ybhDCbGj4VPUqUbjjIf+wGO3YMFw1RIJo0CGK7g/zPweeiJ98
+pjlhf8nw9u2YlWeLcUwCwxFjQ4r9oDbp3WKVgw3Uy9ti/lmBph0TXj3LTrFqUq0
PRK2bdFIfroWONZbFceL1uVr9pV8Dp7RL7NbHTC/9lBqEj576OgFpbXjh9Vim4Bg
nGWCU/ugx+FTfA4aZrvD/tJ2uzafiQ3qFXIbSCKOAZx3zYTupRXFS5VKGNeODZGB
V9oXAGNXtkWxEWKn75kmYmTc67LU60zkjD/kfFgFU140ZfsGum8aLO2jcM5T8gSx
gvg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:09:22 2025 by rpki-client