Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SbdhrK5TLzkJBq-AcUvXCR1qvYQ.roa
File: SbdhrK5TLzkJBq-AcUvXCR1qvYQ.roa (raw, json)
Hash identifier: ohoQxyzCPcKpkm43gqF/M7covFloUGWRGjjVKn1WUqk=
Subject key identifier: 49:B7:61:AC:AE:53:2F:39:09:06:AF:80:71:4B:D7:09:1D:6A:BD:84
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7883BDF5166ED7E8C060542BC3EB13C1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SbdhrK5TLzkJBq-AcUvXCR1qvYQ.roa
Signing time: Mon 05 Feb 2024 09:05:16 +0000
ROA not before: Mon 05 Feb 2024 09:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:7882:d2e9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:83:bd:f5:16:6e:d7:e8:c0:60:54:2b:c3:eb:13:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 09:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49b761acae532f390906af80714bd7091d6abd84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4b:99:6e:4a:27:b1:cb:72:a3:b6:2d:32:8d:
02:d7:89:24:83:2d:88:31:7c:67:b6:b9:9c:c9:05:
7a:b6:8c:ce:42:00:a1:63:b1:56:ff:a7:ba:46:0e:
a0:86:30:68:c7:55:af:f7:de:0e:61:a7:6c:01:46:
a1:bd:ce:e8:d6:fa:5a:94:3d:13:71:cc:06:1f:d8:
73:49:3e:4d:df:33:96:59:e3:7c:96:dc:59:74:f0:
eb:33:cc:55:f8:c7:b1:54:36:11:1e:06:26:ef:8b:
03:d5:3b:5d:72:7f:d1:1c:14:35:2c:76:b3:3e:a0:
fc:8c:bd:17:84:b1:35:91:87:29:56:e0:3e:7a:17:
93:2a:f6:8a:bc:39:57:7d:75:e4:d5:b4:44:92:79:
22:de:e2:17:5e:08:95:d8:cb:b8:80:07:11:3f:1c:
b9:47:e9:a1:bf:05:cc:91:3a:fe:10:55:db:18:d4:
e5:3f:b7:b1:d2:9d:b4:0b:78:96:01:fa:15:36:1d:
ab:b7:e3:76:f4:10:77:fa:40:5c:e1:bd:b5:2e:1a:
7c:20:f1:f6:2e:3e:34:35:f3:5e:27:c4:ae:1e:9a:
9b:05:28:f4:00:c6:4a:59:96:20:33:38:a5:f0:47:
c2:7a:75:a9:83:21:77:95:eb:64:fd:12:b5:bf:7e:
1e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B7:61:AC:AE:53:2F:39:09:06:AF:80:71:4B:D7:09:1D:6A:BD:84
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SbdhrK5TLzkJBq-AcUvXCR1qvYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:a9:f9:38:8b:07:98:99:d9:7f:87:7d:83:65:3b:2e:a8:98:
68:79:62:9d:0f:83:e4:8a:4e:57:75:53:fd:17:73:2d:ba:71:
b9:e9:e7:34:6b:fe:ed:02:9b:4f:25:3c:bd:a8:eb:af:8a:a1:
d4:d4:e3:45:43:95:70:cf:6d:a2:9f:6d:bb:b7:2d:86:16:44:
3b:2b:cb:16:c2:85:ac:e8:d7:af:46:62:af:0a:96:15:55:9a:
06:c3:c7:24:ca:8c:2a:99:3a:cb:9c:f5:43:0f:a5:7f:e4:4e:
4c:51:69:e7:bd:87:7c:45:2e:2a:e1:bc:61:5f:14:4a:dd:4d:
25:38:92:f5:4a:12:a6:39:e5:d3:05:1c:67:0c:8c:a4:3c:71:
3a:7e:75:55:4d:19:1a:d5:d1:c0:37:87:2d:cb:7e:57:19:2c:
be:b8:3a:24:34:a4:f3:d0:12:df:60:22:03:5e:cd:9a:24:2b:
05:58:ee:3d:cc:20:5f:ca:88:2e:b9:4a:48:07:92:8e:a1:23:
a1:4c:30:10:f3:e4:33:6c:fc:57:ff:23:57:59:a6:6f:5c:ac:
82:2a:93:1d:e2:7e:e7:e7:0b:60:dc:7d:4c:3b:fc:13:f9:4e:
07:b8:e0:e2:2f:77:0d:1a:2f:c8:ff:3d:81:b1:c1:3c:43:61:
e2:63:4c:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY14g731Fm7X6MBgVCvD6xPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MDkwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWI3NjFhY2FlNTMyZjM5MDkwNmFmODA3MTRiZDcwOTFkNmFiZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUuZbkonsctyo7YtMo0C14kkgy2I
MXxntrmcyQV6tozOQgChY7FW/6e6Rg6ghjBox1Wv994OYadsAUahvc7o1vpalD0T
ccwGH9hzST5N3zOWWeN8ltxZdPDrM8xV+MexVDYRHgYm74sD1Ttdcn/RHBQ1LHaz
PqD8jL0XhLE1kYcpVuA+eheTKvaKvDlXfXXk1bREknki3uIXXgiV2Mu4gAcRPxy5
R+mhvwXMkTr+EFXbGNTlP7ex0p20C3iWAfoVNh2rt+N29BB3+kBc4b21Lhp8IPH2
Lj40NfNeJ8SuHpqbBSj0AMZKWZYgMzil8EfCenWpgyF3letk/RK1v34e8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEm3YayuUy85CQavgHFL1wkdar2EMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvU2JkaHJLNVRMemtKQnEtQWNVdlhDUjFxdllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGip+TiLB5iZ2X+HfYNl
Oy6omGh5Yp0Pg+SKTld1U/0Xcy26cbnp5zRr/u0Cm08lPL2o66+KodTU40VDlXDP
baKfbbu3LYYWRDsryxbChazo169GYq8KlhVVmgbDxyTKjCqZOsuc9UMPpX/kTkxR
aee9h3xFLirhvGFfFErdTSU4kvVKEqY55dMFHGcMjKQ8cTp+dVVNGRrV0cA3hy3L
flcZLL64OiQ0pPPQEt9gIgNezZokKwVY7j3MIF/KiC65SkgHko6hI6FMMBDz5DNs
/Ff/I1dZpm9crIIqkx3ifufnC2DcfUw7/BP5Tge44OIvdw0aL8j/PYGxwTxDYeJj
TMA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:25:12 2025 by rpki-client