Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JDMzU1RXTyUdQz-7zSNo3RjWeYA.roa
File: JDMzU1RXTyUdQz-7zSNo3RjWeYA.roa (raw, json)
Hash identifier: jA5CvQreTga9ckVoCo8ph60+zLY5FvmxXnUDBisUzkM=
Subject key identifier: 24:33:33:53:54:57:4F:25:1D:43:3F:BB:CD:23:68:DD:18:D6:79:80
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D74E70F250C0D5CE468D1FC9523DAC048
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JDMzU1RXTyUdQz-7zSNo3RjWeYA.roa
Signing time: Sun 04 Feb 2024 16:15:16 +0000
ROA not before: Sun 04 Feb 2024 16:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:74:e7:0f:25:0c:0d:5c:e4:68:d1:fc:95:23:da:c0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 16:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2433335354574f251d433fbbcd2368dd18d67980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4c:20:99:9e:01:ff:1e:70:70:6a:d7:c0:04:
21:cf:51:43:c7:97:60:f2:9a:0f:b0:99:27:ff:cc:
70:81:c7:22:ff:1b:d2:18:56:7b:07:5f:ea:12:6a:
f1:15:ed:3c:87:bd:da:85:01:a4:87:e9:82:5f:bf:
17:1b:9d:26:46:7a:9f:97:a7:55:62:64:2e:78:5f:
50:57:6b:a9:55:20:56:a0:64:9a:1f:8d:55:45:ec:
f4:46:d9:c7:cd:e5:a9:a0:ba:43:2f:e0:cc:bc:83:
05:e6:f6:bb:84:90:76:e2:4d:2b:f4:6a:05:cb:44:
35:6e:dc:4c:71:ed:cd:26:9a:72:18:b9:da:2b:0f:
da:1c:31:ba:02:34:51:98:31:1d:40:96:07:11:68:
51:4e:c3:9e:73:2a:ef:e9:65:eb:41:b5:68:02:62:
4e:69:ce:32:ec:9d:af:42:84:b0:f1:18:1f:9d:34:
48:19:79:00:cb:f5:1d:c4:51:5d:8f:4b:09:79:b1:
97:38:bd:a7:46:48:67:a6:e4:51:10:68:b2:d2:dc:
0b:4b:2f:c7:d5:ec:79:a9:66:89:b2:20:58:ef:0c:
be:ba:6c:4c:5d:ae:7f:aa:ef:da:c9:d3:37:9e:d0:
84:d4:cc:4a:b5:f4:5f:49:98:af:d1:29:bc:d3:80:
b8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:33:33:53:54:57:4F:25:1D:43:3F:BB:CD:23:68:DD:18:D6:79:80
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JDMzU1RXTyUdQz-7zSNo3RjWeYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:bb:aa:3c:5a:c5:09:f2:b6:b2:ee:c9:f2:7f:9a:db:36:88:
d2:36:34:e4:10:d8:52:4c:17:73:d8:66:7c:ac:d3:62:e8:e8:
ab:c9:ea:76:8e:c4:7b:db:89:55:9b:55:18:be:4f:50:ce:54:
21:24:02:c0:7e:28:29:f9:9f:a1:0d:91:1d:c3:f4:7e:5d:a7:
87:a7:ec:15:4e:4a:17:87:b3:ad:08:c7:5f:f4:20:77:54:de:
e2:8a:fa:96:03:94:ef:87:ee:7b:15:cf:d9:8e:ad:d3:6f:85:
c1:8a:f9:3a:41:96:ca:5a:24:e2:43:f2:d3:e3:d3:ee:34:4a:
78:94:9d:99:35:84:fd:e8:c8:bc:c3:1e:a9:0c:ec:27:5a:15:
e6:57:7a:02:04:dc:e5:05:24:17:d2:30:09:8d:de:66:c4:9b:
75:85:17:98:c2:a4:a0:11:12:be:43:02:00:9d:a2:4f:30:50:
1c:f1:31:cd:f3:61:dd:36:0b:c2:fe:f5:b0:ef:e4:32:9e:f6:
d6:8a:41:54:84:60:07:dc:5b:76:0f:f8:2e:0e:36:64:f5:cd:
cb:d3:38:b6:2a:a9:86:d3:8f:4f:da:b7:9a:56:ed:79:6d:ff:
01:ca:68:f0:c4:2f:be:af:f6:bf:67:c2:c5:b7:ac:2d:b1:fb:
d2:1d:db:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY105w8lDA1c5GjR/JUj2sBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MTYxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDMzMzM1MzU0NTc0ZjI1MWQ0MzNmYmJjZDIzNjhkZDE4ZDY3OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEwgmZ4B/x5wcGrXwAQhz1FDx5dg
8poPsJkn/8xwgcci/xvSGFZ7B1/qEmrxFe08h73ahQGkh+mCX78XG50mRnqfl6dV
YmQueF9QV2upVSBWoGSaH41VRez0RtnHzeWpoLpDL+DMvIMF5va7hJB24k0r9GoF
y0Q1btxMce3NJppyGLnaKw/aHDG6AjRRmDEdQJYHEWhRTsOecyrv6WXrQbVoAmJO
ac4y7J2vQoSw8RgfnTRIGXkAy/UdxFFdj0sJebGXOL2nRkhnpuRREGiy0twLSy/H
1ex5qWaJsiBY7wy+umxMXa5/qu/aydM3ntCE1MxKtfRfSZiv0Sm804C4awIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCQzM1NUV08lHUM/u80jaN0Y1nmAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSkRNelUxUlhUeVVkUXotN3pTTm8zUmpXZVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHa7qjxaxQnytrLuyfJ/
mts2iNI2NOQQ2FJMF3PYZnys02Lo6KvJ6naOxHvbiVWbVRi+T1DOVCEkAsB+KCn5
n6ENkR3D9H5dp4en7BVOSheHs60Ix1/0IHdU3uKK+pYDlO+H7nsVz9mOrdNvhcGK
+TpBlspaJOJD8tPj0+40SniUnZk1hP3oyLzDHqkM7CdaFeZXegIE3OUFJBfSMAmN
3mbEm3WFF5jCpKAREr5DAgCdok8wUBzxMc3zYd02C8L+9bDv5DKe9taKQVSEYAfc
W3YP+C4ONmT1zcvTOLYqqYbTj0/at5pW7Xlt/wHKaPDEL76v9r9nwsW3rC2x+9Id
290=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:01:37 2025 by rpki-client