Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UzM8pAl8l-3_SHNi7bfISKojEIw.roa
File: UzM8pAl8l-3_SHNi7bfISKojEIw.roa (raw, json)
Hash identifier: Mf8GdEqVjsyacOy8im9ul4Eodm902zsXd8dTAMdhc7s=
Subject key identifier: 53:33:3C:A4:09:7C:97:ED:FF:48:73:62:ED:B7:C8:48:AA:23:10:8C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFB6A0E76DA973C3F24D5F68F37BB241D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UzM8pAl8l-3_SHNi7bfISKojEIw.roa
Signing time: Fri 12 Jan 2024 02:04:40 +0000
ROA not before: Fri 12 Jan 2024 02:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:fb69:c1cf/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fb:6a:0e:76:da:97:3c:3f:24:d5:f6:8f:37:bb:24:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 02:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53333ca4097c97edff487362edb7c848aa23108c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cd:72:1b:b8:0b:78:31:73:ce:48:ed:1a:fd:
7e:cf:00:a2:c8:e0:ed:09:6c:78:50:30:8c:78:2f:
c3:3c:f1:71:ff:e7:1e:6b:fc:3d:a9:38:33:f9:92:
ec:c3:e0:9d:c6:ea:32:34:06:a6:32:70:57:03:15:
22:59:7a:e0:cf:7f:af:fc:03:65:d0:dd:f0:8e:5e:
00:28:63:34:e6:c4:aa:af:17:38:75:fe:06:23:c9:
6b:4b:3f:e1:b0:41:be:20:ab:10:d7:ac:af:01:c9:
ec:69:08:84:a7:44:cd:24:1a:e7:bc:3b:a8:30:4e:
8e:f1:93:ed:0e:ce:db:71:9b:49:87:30:30:2c:9b:
19:a1:c9:54:f7:25:aa:a0:05:07:f4:a7:87:3b:dd:
29:73:06:9c:f0:0d:81:8d:84:3a:c6:57:a7:25:c9:
56:c8:36:d9:93:6c:69:2e:b7:7f:f6:6b:3a:45:14:
37:e0:04:17:36:f5:a2:c2:54:bd:46:d9:36:72:2c:
78:5b:91:9b:cb:03:12:46:62:ee:70:4a:d6:30:c6:
14:c6:94:47:c6:09:62:83:2c:68:74:90:69:52:02:
17:7b:f0:bf:8d:ad:ea:d7:b2:6b:61:ea:94:ba:f7:
43:55:67:82:8d:f4:03:43:4a:0a:c0:25:2e:41:e0:
38:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:33:3C:A4:09:7C:97:ED:FF:48:73:62:ED:B7:C8:48:AA:23:10:8C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UzM8pAl8l-3_SHNi7bfISKojEIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:97:98:3d:18:c4:f6:c6:a1:07:cb:d1:5e:8d:67:0b:03:41:
19:3b:b6:b6:16:ed:3f:47:c0:65:a6:90:d7:7f:50:0e:f5:30:
02:0a:24:36:7b:9a:c1:35:9c:58:78:55:fc:32:da:6b:fc:9b:
33:37:ae:84:9e:59:f7:76:e2:f9:e5:ce:a7:f4:33:63:dd:d7:
b2:11:d8:1c:b0:ff:16:c4:4b:3a:6b:c9:ba:72:39:56:e0:73:
d3:8b:04:23:ed:19:9c:5f:4c:02:11:82:37:c5:1c:c3:b2:a0:
4b:04:6f:44:0f:97:1b:4b:07:78:08:64:12:31:a5:98:ff:34:
da:b4:e5:9c:01:f1:66:95:cb:d7:4f:e9:1f:48:c5:54:3f:9a:
d4:e5:e0:9f:1b:c0:14:b1:d2:ec:e7:aa:e3:e2:fb:46:c1:31:
77:64:3e:c9:a7:0f:d9:f1:56:ea:b2:f6:c7:68:9e:5b:b3:07:
be:f6:8c:99:9e:4c:ad:f6:76:54:35:42:ee:9e:b3:73:68:95:
81:16:a0:eb:f5:59:24:4f:c0:f2:f1:42:09:71:d5:ab:81:75:
60:41:62:e5:4e:5f:98:ca:78:5d:02:60:48:bb:ae:65:a6:85:
87:87:57:b2:e2:a7:da:dd:01:3b:a5:77:e8:59:0f:9e:67:ae:
bf:46:45:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz7ag522pc8PyTV9o83uyQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMDIwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzMzM2NhNDA5N2M5N2VkZmY0ODczNjJlZGI3Yzg0OGFhMjMxMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc1yG7gLeDFzzkjtGv1+zwCiyODt
CWx4UDCMeC/DPPFx/+cea/w9qTgz+ZLsw+CdxuoyNAamMnBXAxUiWXrgz3+v/ANl
0N3wjl4AKGM05sSqrxc4df4GI8lrSz/hsEG+IKsQ16yvAcnsaQiEp0TNJBrnvDuo
ME6O8ZPtDs7bcZtJhzAwLJsZoclU9yWqoAUH9KeHO90pcwac8A2BjYQ6xlenJclW
yDbZk2xpLrd/9ms6RRQ34AQXNvWiwlS9Rtk2cix4W5GbywMSRmLucErWMMYUxpRH
xgligyxodJBpUgIXe/C/ja3q17JrYeqUuvdDVWeCjfQDQ0oKwCUuQeA4WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFMzPKQJfJft/0hzYu23yEiqIxCMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVXpNOHBBbDhsLTNfU0hOaTdiZklTS29qRUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE2XmD0YxPbGoQfL0V6N
ZwsDQRk7trYW7T9HwGWmkNd/UA71MAIKJDZ7msE1nFh4Vfwy2mv8mzM3roSeWfd2
4vnlzqf0M2Pd17IR2Byw/xbESzprybpyOVbgc9OLBCPtGZxfTAIRgjfFHMOyoEsE
b0QPlxtLB3gIZBIxpZj/NNq05ZwB8WaVy9dP6R9IxVQ/mtTl4J8bwBSx0uznquPi
+0bBMXdkPsmnD9nxVuqy9sdonluzB772jJmeTK32dlQ1Qu6es3NolYEWoOv1WSRP
wPLxQglx1auBdWBBYuVOX5jKeF0CYEi7rmWmhYeHV7Lip9rdATuld+hZD55nrr9G
RWI=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:05:19 2025 by rpki-client