Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_2-264jhn6GMpIOs0uduS1q9LbI.roa
File: _2-264jhn6GMpIOs0uduS1q9LbI.roa (raw, json)
Hash identifier: oko5QZy2nUX9CDivCvde1hAHdFjNZFGdEE5yemuRkCg=
Subject key identifier: FF:6F:B6:EB:88:E1:9F:A1:8C:A4:83:AC:D2:E7:6E:4B:5A:BD:2D:B2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD8AEC34D61FF07C5C9289ECE177F25B7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_2-264jhn6GMpIOs0uduS1q9LbI.roa
Signing time: Sat 24 Feb 2024 01:15:48 +0000
ROA not before: Sat 24 Feb 2024 01:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d8:ae:c3:4d:61:ff:07:c5:c9:28:9e:ce:17:7f:25:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 24 01:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff6fb6eb88e19fa18ca483acd2e76e4b5abd2db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a6:61:fb:72:0d:3e:78:22:b3:aa:2e:f6:59:
89:f6:3e:0f:16:de:94:85:fa:7d:0e:4a:92:a1:55:
15:7b:84:cf:50:5e:c6:dc:d3:49:42:fc:1b:38:c6:
e8:ce:53:ef:68:42:6b:3e:b9:67:8c:91:69:9c:06:
f5:32:00:e1:cc:70:cb:1a:c7:66:a6:fa:a8:11:6c:
64:82:f3:b8:68:96:ba:b7:96:d7:80:be:82:a4:af:
32:eb:9c:7c:09:81:f4:de:8c:00:dd:63:98:f8:c0:
0c:76:ee:d0:73:63:35:9a:de:b0:00:8d:6e:da:af:
9f:60:fb:30:1f:76:8b:bc:bc:1b:bc:93:7d:25:c0:
7f:1e:76:96:1a:c5:bd:c4:3e:fd:87:5b:f1:67:9e:
42:fc:f8:5f:bd:5d:2a:c4:ca:2c:fc:49:36:67:16:
3d:66:62:74:de:42:71:c6:47:ca:84:37:aa:a0:de:
8d:7e:ea:78:35:33:83:b2:ba:27:97:35:7d:85:95:
7b:97:00:85:a3:cf:fe:f1:f6:b0:2b:84:c9:1b:21:
d6:fe:ce:59:16:f5:cf:c0:79:3e:d2:0b:26:b8:fe:
04:18:ad:e5:49:77:c6:4c:e3:10:11:18:85:54:31:
d1:a7:af:1f:93:73:55:39:10:f5:2f:8d:df:1c:76:
b7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6F:B6:EB:88:E1:9F:A1:8C:A4:83:AC:D2:E7:6E:4B:5A:BD:2D:B2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_2-264jhn6GMpIOs0uduS1q9LbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:6f:0a:4b:2f:9d:99:3f:39:4f:36:b1:07:f1:7d:3e:eb:85:
1c:08:67:5b:08:f8:15:f4:3a:fd:59:50:35:be:02:68:3e:58:
c9:7e:48:20:cf:a3:9c:25:be:a6:93:9d:fd:a5:dc:be:73:b5:
e8:45:22:82:b4:f8:f6:31:91:16:ba:81:ad:da:ca:5c:2d:fe:
b7:b1:66:99:3d:b5:2b:1c:12:88:78:de:3f:53:ed:0c:9d:85:
a9:c9:e1:66:aa:b7:69:4c:a8:68:7f:08:24:8a:f0:5e:50:7f:
ca:61:63:ec:be:56:f5:be:8c:73:35:62:a6:5b:12:08:aa:70:
8e:30:d1:7e:66:fa:83:18:a4:33:4a:45:d5:92:17:0a:17:66:
37:ee:72:43:4c:a2:50:f6:23:7b:e8:36:6d:35:3b:80:74:72:
11:b0:24:2d:aa:22:e5:f0:82:14:5f:e8:41:95:51:74:2a:4d:
71:a0:07:cb:12:84:d4:5f:4d:ad:31:90:5c:d2:82:9b:84:c8:
07:74:2c:03:c6:06:af:90:36:56:41:cd:ef:1d:6c:34:c9:a6:
bc:87:ab:62:bf:6a:f2:82:5b:5f:4a:22:7c:78:00:1d:36:ed:
37:51:8b:f1:41:5a:9d:2f:a2:7b:a2:0f:98:a0:8c:67:4a:be:
ef:a3:3f:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3YrsNNYf8Hxckons4XfyW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI0MDExNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjZmYjZlYjg4ZTE5ZmExOGNhNDgzYWNkMmU3NmU0YjVhYmQyZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaZh+3INPngis6ou9lmJ9j4PFt6U
hfp9DkqSoVUVe4TPUF7G3NNJQvwbOMbozlPvaEJrPrlnjJFpnAb1MgDhzHDLGsdm
pvqoEWxkgvO4aJa6t5bXgL6CpK8y65x8CYH03owA3WOY+MAMdu7Qc2M1mt6wAI1u
2q+fYPswH3aLvLwbvJN9JcB/HnaWGsW9xD79h1vxZ55C/PhfvV0qxMos/Ek2ZxY9
ZmJ03kJxxkfKhDeqoN6Nfup4NTODsronlzV9hZV7lwCFo8/+8fawK4TJGyHW/s5Z
FvXPwHk+0gsmuP4EGK3lSXfGTOMQERiFVDHRp68fk3NVORD1L43fHHa3AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9vtuuI4Z+hjKSDrNLnbktavS2yMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvXzItMjY0amhuNkdNcElPczB1ZHVTMXE5TGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1vCksvnZk/OU82sQfx
fT7rhRwIZ1sI+BX0Ov1ZUDW+Amg+WMl+SCDPo5wlvqaTnf2l3L5ztehFIoK0+PYx
kRa6ga3aylwt/rexZpk9tSscEoh43j9T7QydhanJ4Waqt2lMqGh/CCSK8F5Qf8ph
Y+y+VvW+jHM1YqZbEgiqcI4w0X5m+oMYpDNKRdWSFwoXZjfuckNMolD2I3voNm01
O4B0chGwJC2qIuXwghRf6EGVUXQqTXGgB8sShNRfTa0xkFzSgpuEyAd0LAPGBq+Q
NlZBze8dbDTJpryHq2K/avKCW19KInx4AB027TdRi/FBWp0vonuiD5igjGdKvu+j
P9I=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:46:11 2025 by rpki-client