Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SUGl3pv-xEZaOybigAA5N54UrZY.roa
File: SUGl3pv-xEZaOybigAA5N54UrZY.roa (raw, json)
Hash identifier: 5D3M1Vy4+U0mBS1/eU6oqdfmGJ66OSEe9oWZNQuphD8=
Subject key identifier: 49:41:A5:DE:9B:FE:C4:46:5A:3B:26:E2:80:00:39:37:9E:14:AD:96
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1FE4E7D4A4C6E84FEDCCFD444F5EEBFF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SUGl3pv-xEZaOybigAA5N54UrZY.roa
Signing time: Fri 19 Jan 2024 04:05:11 +0000
ROA not before: Fri 19 Jan 2024 04:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:1fe4:e42/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1f:e4:e7:d4:a4:c6:e8:4f:ed:cc:fd:44:4f:5e:eb:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 19 04:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4941a5de9bfec4465a3b26e2800039379e14ad96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:ca:59:b2:06:98:55:ad:80:84:ce:12:e1:
a9:c4:b2:68:f7:ce:b5:a7:cc:5c:c4:26:4d:ff:08:
76:ed:93:93:55:6e:40:b2:dc:cd:8c:da:01:d4:5e:
03:a1:e5:fd:b3:3f:46:56:ca:1c:12:fb:4b:e7:32:
48:86:ac:39:76:50:64:a8:50:43:3a:13:ef:40:10:
5b:6b:82:82:17:87:07:d0:54:67:b7:3c:12:05:ec:
a1:c9:74:d0:06:d7:1c:d7:9c:62:59:9e:f5:bc:0c:
dd:36:33:8e:da:a8:d3:c3:4c:f6:39:1c:c7:4a:4f:
10:d4:23:34:82:2e:08:17:f0:4c:c1:28:07:e3:04:
cc:3e:e0:f6:aa:de:f9:c7:df:8d:32:fe:e7:c6:af:
7f:a0:08:6c:b5:ef:f7:47:41:47:c1:da:2f:c5:11:
b2:d2:a7:b1:bf:ee:d4:ee:ba:15:02:8d:a0:59:aa:
9e:0e:a6:c8:ab:59:89:c5:2e:03:ce:7f:46:8b:7b:
5c:3d:e0:bd:63:ac:48:cc:6d:c3:e4:ee:bf:0b:df:
6f:fe:1f:a1:66:2c:26:d3:1c:f2:50:5a:26:c9:2c:
9a:c9:18:ac:22:38:72:e3:b9:64:cf:31:09:6c:d0:
25:f9:5b:b7:89:52:8d:22:14:c6:63:b4:8c:c7:04:
94:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:41:A5:DE:9B:FE:C4:46:5A:3B:26:E2:80:00:39:37:9E:14:AD:96
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SUGl3pv-xEZaOybigAA5N54UrZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:fe:92:fd:76:d6:43:45:a8:ab:e2:c0:f3:01:54:fe:79:aa:
4c:72:89:22:03:ac:51:b3:a8:5f:67:fa:01:f8:07:2f:01:a9:
01:e8:e5:28:49:88:75:c6:7e:e2:8c:07:73:d9:8a:c3:ef:41:
76:4f:e0:13:5b:c3:ae:1a:91:73:ff:d0:53:f5:d6:06:31:5a:
99:75:32:91:22:dd:cb:65:25:41:aa:59:c1:31:e9:fa:44:fb:
a5:93:3f:85:a0:0b:8c:46:b2:0f:81:37:01:c2:de:d0:cd:2c:
c3:e2:2d:06:7b:fe:36:0e:8c:6a:0a:94:47:d6:5d:1c:a4:f9:
6f:49:23:76:ee:a0:93:af:54:eb:b0:2d:92:8f:39:d5:7e:b3:
8d:86:db:b8:50:c3:fc:89:d2:4d:59:f7:f7:eb:e7:67:77:f6:
ea:70:a4:a3:3c:a5:a7:1f:5e:c7:0b:ce:15:61:6a:b7:cf:3d:
10:a4:e5:04:09:1b:e2:47:2d:e5:bd:ec:41:a7:41:78:5d:03:
19:50:2e:09:15:5c:c4:44:f3:72:04:19:fe:82:1d:b3:5a:92:
2a:47:12:7a:ad:ea:bf:53:3e:fc:2c:28:a8:ed:0a:b3:34:a0:
a9:fd:a2:38:18:fb:e5:f4:97:86:91:28:df:da:73:2f:0e:0f:
19:07:2a:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0f5OfUpMboT+3M/URPXuv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE5MDQwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQxYTVkZTliZmVjNDQ2NWEzYjI2ZTI4MDAwMzkzNzllMTRhZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjzKWbIGmFWtgITOEuGpxLJo9861
p8xcxCZN/wh27ZOTVW5AstzNjNoB1F4DoeX9sz9GVsocEvtL5zJIhqw5dlBkqFBD
OhPvQBBba4KCF4cH0FRntzwSBeyhyXTQBtcc15xiWZ71vAzdNjOO2qjTw0z2ORzH
Sk8Q1CM0gi4IF/BMwSgH4wTMPuD2qt75x9+NMv7nxq9/oAhste/3R0FHwdovxRGy
0qexv+7U7roVAo2gWaqeDqbIq1mJxS4Dzn9Gi3tcPeC9Y6xIzG3D5O6/C99v/h+h
Ziwm0xzyUFomySyayRisIjhy47lkzzEJbNAl+Vu3iVKNIhTGY7SMxwSU8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFElBpd6b/sRGWjsm4oAAOTeeFK2WMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvU1VHbDNwdi14RVphT3liaWdBQTVONTRVclpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE3+kv121kNFqKviwPMB
VP55qkxyiSIDrFGzqF9n+gH4By8BqQHo5ShJiHXGfuKMB3PZisPvQXZP4BNbw64a
kXP/0FP11gYxWpl1MpEi3ctlJUGqWcEx6fpE+6WTP4WgC4xGsg+BNwHC3tDNLMPi
LQZ7/jYOjGoKlEfWXRyk+W9JI3buoJOvVOuwLZKPOdV+s42G27hQw/yJ0k1Z9/fr
52d39upwpKM8pacfXscLzhVharfPPRCk5QQJG+JHLeW97EGnQXhdAxlQLgkVXMRE
83IEGf6CHbNakipHEnqt6r9TPvwsKKjtCrM0oKn9ojgY++X0l4aRKN/acy8ODxkH
Kh0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:51:53 2025 by rpki-client