Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q3b09K9Pr1-D8JeNfzLvYY-kHlk.roa
File: Q3b09K9Pr1-D8JeNfzLvYY-kHlk.roa (raw, json)
Hash identifier: 7o5yw7J7pOcKzqrehERnhx/hl4ukjqwpqE7KzhNYwXg=
Subject key identifier: 43:76:F4:F4:AF:4F:AF:5F:83:F0:97:8D:7F:32:EF:61:8F:A4:1E:59
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC70FE9858475DB2447242129E17B4437
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q3b09K9Pr1-D8JeNfzLvYY-kHlk.roa
Signing time: Wed 10 Apr 2024 08:11:32 +0000
ROA not before: Wed 10 Apr 2024 08:11:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:0f:e9:85:84:75:db:24:47:24:21:29:e1:7b:44:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 10 08:11:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4376f4f4af4faf5f83f0978d7f32ef618fa41e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:47:88:cf:e3:ff:f9:b5:cd:b2:e4:2b:6a:59:
bb:da:e9:ba:69:2c:90:df:84:e9:56:ae:8e:36:6f:
5f:a6:ca:23:32:b2:36:ac:4b:cc:d9:76:b8:72:3b:
8b:e4:ec:bd:7a:7d:88:bc:80:5d:e8:03:a1:78:c3:
e2:dc:49:2f:89:99:eb:34:28:e0:a7:40:5f:87:9d:
e1:3a:26:d0:3c:54:75:7e:c1:ca:ff:91:77:4d:96:
9c:46:cb:d5:c1:1d:25:4a:0d:95:f8:80:95:26:77:
8f:ed:03:05:d0:ac:8f:e6:5c:df:75:86:b8:1c:eb:
67:28:39:a1:d3:bf:68:55:86:d2:63:75:6c:63:7d:
c1:e5:3d:9c:10:6c:c4:b3:c3:b6:fc:40:76:fb:6b:
a3:76:e6:c1:29:dd:74:b2:ef:ec:ee:00:4f:11:b3:
c5:7e:64:90:dc:ca:05:76:f6:68:8f:1d:13:b2:b4:
62:a4:18:37:bb:17:ce:52:27:38:3f:7e:c9:19:99:
3a:89:88:d1:a0:37:61:53:fc:5c:78:b2:aa:ba:f4:
2d:2d:27:76:fc:5d:10:2d:3b:4a:fa:f8:17:8f:ca:
56:8c:8e:4a:81:11:2c:42:cb:37:32:03:f1:28:74:
a9:41:d8:67:d8:72:19:09:74:bb:ac:56:b8:c1:a7:
c7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:76:F4:F4:AF:4F:AF:5F:83:F0:97:8D:7F:32:EF:61:8F:A4:1E:59
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q3b09K9Pr1-D8JeNfzLvYY-kHlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:8a:41:4b:91:50:3c:19:c9:8c:e8:e1:6a:66:85:fb:ad:ca:
c0:0d:a2:a4:a3:e1:43:7d:c1:25:88:9c:16:88:e9:8c:d2:92:
12:70:ac:6d:79:8f:a4:96:5b:a3:27:18:aa:1c:94:43:e8:fc:
98:00:c8:ac:78:25:c3:a2:be:2e:0d:65:5a:1b:d3:23:1c:3d:
18:d4:fb:ff:6a:02:33:6d:67:5a:68:92:6b:2e:e4:6d:e5:1c:
3e:4a:8b:7a:e0:a6:78:73:c5:ef:0a:ac:60:d0:5c:f2:6c:04:
01:45:00:aa:e9:b7:ba:60:56:3f:ed:6c:cb:4c:cc:e9:60:5d:
a8:8c:00:9f:be:d5:6b:e2:35:fe:99:74:37:e7:23:4c:bc:dc:
1f:26:0e:52:c0:7f:7b:03:18:3e:33:b2:1e:9a:de:3c:9a:ad:
e1:3b:43:88:f6:cb:20:7a:72:90:0f:8a:0d:e9:4e:52:e8:9e:
50:7a:62:40:77:34:b0:bb:e7:08:e7:3b:46:5a:cf:d2:1b:6c:
66:8e:f2:b4:9b:51:91:de:9e:68:ee:e7:5d:c1:75:36:d3:5c:
4f:2b:df:75:aa:50:4d:76:f0:39:7e:50:be:65:7e:6a:96:aa:
5b:12:25:91:df:4b:38:ec:aa:82:18:87:a4:e0:36:72:30:37:
d6:20:b8:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7HD+mFhHXbJEckISnhe0Q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEwMDgxMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc2ZjRmNGFmNGZhZjVmODNmMDk3OGQ3ZjMyZWY2MThmYTQxZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEeIz+P/+bXNsuQralm72um6aSyQ
34TpVq6ONm9fpsojMrI2rEvM2Xa4cjuL5Oy9en2IvIBd6AOheMPi3EkviZnrNCjg
p0Bfh53hOibQPFR1fsHK/5F3TZacRsvVwR0lSg2V+ICVJneP7QMF0KyP5lzfdYa4
HOtnKDmh079oVYbSY3VsY33B5T2cEGzEs8O2/EB2+2ujdubBKd10su/s7gBPEbPF
fmSQ3MoFdvZojx0TsrRipBg3uxfOUic4P37JGZk6iYjRoDdhU/xceLKquvQtLSd2
/F0QLTtK+vgXj8pWjI5KgREsQss3MgPxKHSpQdhn2HIZCXS7rFa4wafHvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEN29PSvT69fg/CXjX8y72GPpB5ZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUTNiMDlLOVByMS1EOEplTmZ6THZZWS1rSGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+KQUuRUDwZyYzo4Wpm
hfutysANoqSj4UN9wSWInBaI6YzSkhJwrG15j6SWW6MnGKoclEPo/JgAyKx4JcOi
vi4NZVob0yMcPRjU+/9qAjNtZ1pokmsu5G3lHD5Ki3rgpnhzxe8KrGDQXPJsBAFF
AKrpt7pgVj/tbMtMzOlgXaiMAJ++1WviNf6ZdDfnI0y83B8mDlLAf3sDGD4zsh6a
3jyareE7Q4j2yyB6cpAPig3pTlLonlB6YkB3NLC75wjnO0Zaz9IbbGaO8rSbUZHe
nmju513BdTbTXE8r33WqUE128Dl+UL5lfmqWqlsSJZHfSzjsqoIYh6TgNnIwN9Yg
uHw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:33:22 2025 by rpki-client